3d9f-216-53-153-110.ngrok-free.app Open in urlscan Pro
2a05:d014:21b:8e02::6e:2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Submission: On July 05 via manual (July 5th 2023, 5:44:18 pm UTC) from US — Scanned from DE

Summary HTTP 128 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 48 IPs in 5 countries across 41 domains to perform 128 HTTP transactions. The main IP is 2a05:d014:21b:8e02::6e:2, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is 3d9f-216-53-153-110.ngrok-free.app.
TLS certificate: Issued by R3 on June 13th 2023. Valid for: 3 months.

This is the only time 3d9f-216-53-153-110.ngrok-free.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2a05:d014:21b... 2a05:d014:21b:8e02::6e:2	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700::68... 2606:4700::6812:aa72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.84.174.43 52.84.174.43	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:1c26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e2:... 2606:4700:e2::ac40:8f26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
9	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
5	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:200... 2a04:4e42:200::282	54113 (FASTLY) (FASTLY)
3	2606:4700::68... 2606:4700::6811:bab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:310... 2a02:26f0:3100::1735:28a9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:205... 2600:9000:2057:e200:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	104.18.13.242 104.18.13.242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.110.105 13.32.110.105	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:c12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21f... 2600:9000:21f3:d200:1e:549f:95c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ec8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
5	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:f400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.214.42.180 18.214.42.180	14618 (AMAZON-AES) (AMAZON-AES)
2	107.20.249.201 107.20.249.201	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:200... 2a04:4e42:200::714	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:1e00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	143.204.221.63 143.204.221.63	16509 (AMAZON-02) (AMAZON-02)
1	104.26.5.15 104.26.5.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.231.132.145 54.231.132.145	16509 (AMAZON-02) (AMAZON-02)
2	35.190.81.243 35.190.81.243	15169 (GOOGLE) (GOOGLE)
1	52.216.76.44 52.216.76.44	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
2	23.99.206.151 23.99.206.151	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.244.194.113 35.244.194.113	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:c::210:f192	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.35.237.64 23.35.237.64	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.69.106.216 13.69.106.216	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
128	48

20 2a05:d014:21b:8e02::6e:2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

3d9f-216-53-153-110.ngrok-free.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.174.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-43.cdg50.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1c26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8f26 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

engage.ajc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engage-fp.ajc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engage-g2insights.ajc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engage-connext.ajc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.pranmcpkx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)

sandbox.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:28a9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:e200:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.13.242 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.resonate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-105.vie50.r.cloudfront.net

thefontzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:c12 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:d200:1e:549f:95c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.veritonic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ec8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

apps.rokt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.105 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:f400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.42.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-42-180.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.20.249.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-249-201.compute-1.amazonaws.com

atr.veritonicmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:1e00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

c2-sandbox.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.221.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-221-63.cdg3.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.5.15 (None, )

ASN13335 (CLOUDFLARENET, US)

api-mg2.db-ip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.132.145 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.81.243 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 243.81.190.35.bc.googleusercontent.com

dev-api.mg2insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.76.44 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

paywall-ad-bucket.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.99.206.151 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

stage-ajc-proxy-connext.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.194.113 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 113.194.244.35.bc.googleusercontent.com

dev-events.mg2insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:c::210:f192 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

undefined-undefined-sandbox.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-64.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.216 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	ngrok-free.app 3d9f-216-53-153-110.ngrok-free.app	22 MB
12	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	42 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 407	173 KB
7	ajc.com engage.ajc.com — Cisco Umbrella Rank: 206156 engage-fp.ajc.com — Cisco Umbrella Rank: 235824 engage-g2insights.ajc.com — Cisco Umbrella Rank: 265467 engage-connext.ajc.com — Cisco Umbrella Rank: 210015	3 MB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 stats.g.doubleclick.net — Cisco Umbrella Rank: 130	154 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414 www.linkedin.com — Cisco Umbrella Rank: 544 px4.ads.linkedin.com — Cisco Umbrella Rank: 6544	5 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	329 B
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	309 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	410 KB
4	google.de ampcid.google.de — Cisco Umbrella Rank: 52173 www.google.de — Cisco Umbrella Rank: 4752	1 KB
4	google.com ampcid.google.com — Cisco Umbrella Rank: 2261 www.google.com — Cisco Umbrella Rank: 10	1 KB
3	mg2insights.com dev-api.mg2insights.com dev-events.mg2insights.com	762 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 162	869 B
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1447 mab.chartbeat.com — Cisco Umbrella Rank: 2501	34 KB
3	tinypass.com sandbox.tinypass.com — Cisco Umbrella Rank: 354557	103 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 683	1 KB
2	azurewebsites.net stage-ajc-proxy-connext.azurewebsites.net	1 KB
2	pranmcpkx.com cdn.pranmcpkx.com — Cisco Umbrella Rank: 29434	5 KB
2	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 13582 paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 39328	1 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 353	61 KB
2	veritonicmetrics.com atr.veritonicmetrics.com — Cisco Umbrella Rank: 19004	133 B
2	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1242	402 B
2	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3412	18 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	6 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1250 pixel.quantserve.com — Cisco Umbrella Rank: 1003	10 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 678	550 B
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3677	157 KB
1	arcpublishing.com undefined-undefined-sandbox.cdn.arcpublishing.com
1	db-ip.com api-mg2.db-ip.com — Cisco Umbrella Rank: 23596	781 B
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2394	22 KB
1	piano.io c2-sandbox.piano.io — Cisco Umbrella Rank: 550317	1 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031	378 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1172	2 KB
1	rokt.com apps.rokt.com — Cisco Umbrella Rank: 8485	914 B
1	veritonic.com cdn.veritonic.com — Cisco Umbrella Rank: 67934	2 KB
1	thefontzone.com thefontzone.com — Cisco Umbrella Rank: 54373	365 B
1	resonate.com cdn.resonate.com — Cisco Umbrella Rank: 10285	97 B
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1768	680 B
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 7811	3 KB
1	htlbid.com htlbid.com — Cisco Umbrella Rank: 11321	92 KB
0	insiderdata360online.com Failed insiderdata360online.com Failed
128	41

	Domain	Requested by
20	3d9f-216-53-153-110.ngrok-free.app	3d9f-216-53-153-110.ngrok-free.app
11	cdn.cookielaw.org	3d9f-216-53-153-110.ngrok-free.app cdn.cookielaw.org
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com az416426.vo.msecnd.net 3d9f-216-53-153-110.ngrok-free.app
5	www.facebook.com	3d9f-216-53-153-110.ngrok-free.app
5	region1.google-analytics.com	www.googletagmanager.com
5	connect.facebook.net	3d9f-216-53-153-110.ngrok-free.app connect.facebook.net www.googletagmanager.com
5	www.googletagmanager.com	3d9f-216-53-153-110.ngrok-free.app www.googletagmanager.com engage-g2insights.ajc.com
3	securepubads.g.doubleclick.net	htlbid.com securepubads.g.doubleclick.net
3	engage-connext.ajc.com	engage.ajc.com engage-connext.ajc.com
3	www.google.de	3d9f-216-53-153-110.ngrok-free.app
3	www.google.com	3d9f-216-53-153-110.ngrok-free.app
3	px.ads.linkedin.com	3 redirects
3	sb.scorecardresearch.com	1 redirects 3d9f-216-53-153-110.ngrok-free.app
3	sandbox.tinypass.com	3d9f-216-53-153-110.ngrok-free.app sandbox.tinypass.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	stage-ajc-proxy-connext.azurewebsites.net	engage-connext.ajc.com
2	dev-api.mg2insights.com	engage-g2insights.ajc.com
2	cdn.pranmcpkx.com	engage-connext.ajc.com
2	c.amazon-adsystem.com	htlbid.com c.amazon-adsystem.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	atr.veritonicmetrics.com	cdn.veritonic.com
2	ping.chartbeat.net	3d9f-216-53-153-110.ngrok-free.app
2	cdn.brandmetrics.com	www.googletagmanager.com cdn.brandmetrics.com
2	static.chartbeat.com	3d9f-216-53-153-110.ngrok-free.app www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	engage.ajc.com	3d9f-216-53-153-110.ngrok-free.app engage.ajc.com
2	geolocation.onetrust.com	cdn.cookielaw.org
1	s.ntv.io	3d9f-216-53-153-110.ngrok-free.app
1	undefined-undefined-sandbox.cdn.arcpublishing.com	3d9f-216-53-153-110.ngrok-free.app
1	dev-events.mg2insights.com	engage-g2insights.ajc.com
1	stats.g.doubleclick.net	az416426.vo.msecnd.net
1	paywall-ad-bucket.s3.amazonaws.com	3d9f-216-53-153-110.ngrok-free.app
1	ams-pageview-public.s3.amazonaws.com	3d9f-216-53-153-110.ngrok-free.app
1	api-mg2.db-ip.com	engage-fp.ajc.com
1	engage-g2insights.ajc.com	engage.ajc.com
1	engage-fp.ajc.com	engage.ajc.com
1	az416426.vo.msecnd.net	engage.ajc.com
1	c2-sandbox.piano.io	sandbox.tinypass.com
1	px4.ads.linkedin.com	3d9f-216-53-153-110.ngrok-free.app
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	pixel.quantserve.com	3d9f-216-53-153-110.ngrok-free.app
1	ampcid.google.de	www.google-analytics.com
1	mab.chartbeat.com	static.chartbeat.com
1	rules.quantcount.com	secure.quantserve.com
1	ampcid.google.com	www.google-analytics.com
1	apps.rokt.com	www.googletagmanager.com
1	cdn.veritonic.com	3d9f-216-53-153-110.ngrok-free.app
1	thefontzone.com	3d9f-216-53-153-110.ngrok-free.app
1	cdn.resonate.com	3d9f-216-53-153-110.ngrok-free.app
1	secure.quantserve.com	www.googletagmanager.com
1	polyfill.io	engage.ajc.com
1	www.npttech.com	3d9f-216-53-153-110.ngrok-free.app
1	htlbid.com	3d9f-216-53-153-110.ngrok-free.app
0	insiderdata360online.com Failed	3d9f-216-53-153-110.ngrok-free.app
128	55

This site contains links to these domains. Also see Links.

Domain
www.onetrust.com

Subject Issuer	Validity	Valid
*.ngrok-free.app R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-02-21` - `2023-11-19`	9 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
npttech.com GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
sni2d4d8gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-04` - `2024-02-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-14` - `2023-07-13`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-12` - `2023-09-12`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
thefontzone.com Amazon RSA 2048 M01	`2023-04-24` - `2024-05-22`	a year	crt.sh
brandmetrics.com GTS CA 1P5	`2023-05-10` - `2023-08-08`	3 months	crt.sh
cdn.veritonic.com Amazon RSA 2048 M02	`2023-02-21` - `2023-09-15`	7 months	crt.sh
apps.rokt.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-07` - `2023-12-20`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.veritonicmetrics.com Amazon RSA 2048 M01	`2023-04-20` - `2024-05-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
sni2d728gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-14` - `2024-02-13`	a year	crt.sh
sni2d726gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-14` - `2024-02-13`	a year	crt.sh
sni2d725gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-14` - `2024-02-13`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
sni2bf2agl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-31` - `2023-11-02`	a year	crt.sh
dev-api.mg2insights.com GTS CA 1D4	`2023-05-29` - `2023-08-27`	3 months	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 06	`2023-05-21` - `2024-05-15`	a year	crt.sh
dev-events.mg2insights.com GTS CA 1D4	`2023-05-26` - `2023-08-24`	3 months	crt.sh
*.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2022-12-12` - `2024-01-12`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-10-26`	a year	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 05	`2023-04-21` - `2024-04-15`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Frame ID: BDB3BAD15DEA6AB3175647139B622A31
Requests: 123 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9D93C0FFAF12C8D492EBE6ADF211EF12
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D070D1FEF8F01C77537A180D5801F06B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Story with a Lead GalleryBack ButtonSearch IconFilter Icon

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

128
Requests

98 %
HTTPS

67 %
IPv6

41
Domains

55
Subdomains

48
IPs

5
Countries

26839 kB
Transfer

30766 kB
Size

42
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2509682&time=1688579038331&url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2509682&time=1688579038331&url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2509682%26time%3D1688579038331%26url%3Dhttps%253A%252F%252F3d9f-216-53-153-110.ngrok-free.app%252F5HSYR2LQ4NDYJHHEA3LXGKE2I4%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2509682&time=1688579038331&url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2509682&time=1688579038331&url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&cookiesTest=true&liSync=true&e_ipv6=AQKpaU8U7QL8zQAAAYknJ1-99HSYaDY8YMrf8pUGXo2WaAchDXHZMrYsiALgnDG92X910ASaYdhUiMXni1yrgHIKGyG0cQ

Request Chain 125

https://sb.scorecardresearch.com/c2/6035944/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

128 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/ 261 KB
262 KB 2225ms
2082ms Document
text/html 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: bcdb2c719c2f3a205b8dac169c74e52974d291eb66a57f49d6027262da6828eb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 267363
content-type: text/html; charset=utf-8
date: Wed, 05 Jul 2023 17:43:55 GMT
etag: W/"41463-4+vGi78lj8FLyHeMoCb6mct8FBA"
ngrok-trace-id: bebb5406122a1f897ce287d24096a959
x-powered-by: Express

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 204ms
74ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ss3gfiwT9vXTSvNlfc+4JQ==
age: 80144
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6820
x-ms-lease-status: unlocked
last-modified: Thu, 29 Jun 2023 19:28:10 GMT
server: cloudflare
etag: 0x8DB78D6F96BC8B6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 523552d4-401e-00f0-4dc2-aa0888000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e2169bc7bbb9072-FRA

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 206ms
75ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 46012
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e2169bc7bc09072-FRA

GET
H2 200 htlbid.js Show response
htlbid.com/stage/v3/ajc.com/ 399 KB
92 KB 1525ms
1402ms Script
application/javascript 52.84.174.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/stage/v3/ajc.com/htlbid.js
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.174.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-174-43.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acd14c91ae67282fe298459d4354e8b14ea92d23e9b70c383ba89592165930da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: br
via: 1.1 aca12b6f838410f4b92b0d9603907f30.cloudfront.net (CloudFront)
last-modified: Tue, 23 May 2023 14:20:53 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P1
etag: W/"7be3959f6ba6b508d4a3d3ac1012b636"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: LNIMKZsk7vyPp5xVZTElixevglgklab3UKu0bwtWfQCyBvjcs37VvQ==

GET
H2 200 gorditaregular-webfont.woff2
3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/ 72 KB
72 KB 574ms
571ms Font
font/woff2 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/gorditaregular-webfont.woff2?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 4e24d4917e52ed1911b18aed8a77267846cc264b391014b5e6404df8eaba8e11

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Origin: https://3d9f-216-53-153-110.ngrok-free.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: c3eebb8f4b946473f41c08d6b3f9a3fd
date: Wed, 05 Jul 2023 17:43:55 GMT
etag: W/"11ed9-l8Rll3i8jRv6tFh7SqLENosZNnE"
x-powered-by: Express
content-length: 73433
content-type: font/woff2; charset=utf-8

GET
H2 200 gorditabold-webfont.woff2
3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/ 71 KB
71 KB 567ms
564ms Font
font/woff2 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/gorditabold-webfont.woff2?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 1c9fa957b363d0f89fcfff692e3dea2082b1f82a1be9e742f94c383f7a51e96a

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Origin: https://3d9f-216-53-153-110.ngrok-free.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: a807f754ccb5712c0c539f386bbfa51c
date: Wed, 05 Jul 2023 17:43:55 GMT
etag: W/"11d34-k3y4wL9q8LZDPcKUp2Nxvn5d98E"
x-powered-by: Express
content-length: 73012
content-type: font/woff2; charset=utf-8

GET
H2 200 gorditamedium-webfont.woff2
3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/ 71 KB
71 KB 576ms
574ms Font
font/woff2 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/gorditamedium-webfont.woff2?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 5f1e95cf28df1116f4b350aa7dfcaa021b36e7f3a088b7ae4ccb64caf97e671a

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Origin: https://3d9f-216-53-153-110.ngrok-free.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: fa269f481b438c86be8bffb03f13f1cb
date: Wed, 05 Jul 2023 17:43:55 GMT
etag: W/"11a81-BQGOpilcIsEMeq1mHlS9siHVyRs"
x-powered-by: Express
content-length: 72321
content-type: font/woff2; charset=utf-8

GET
H2 200 Lora-Regular.ttf
3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/ 167 KB
167 KB 479ms
477ms Font
text/html 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/Lora-Regular.ttf?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: fe15430b4342c1710d437e2241cfe3d286774afc2fd86a5821e1889f1117fd1d

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Origin: https://3d9f-216-53-153-110.ngrok-free.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: 5ff0fe2e09bfd0a05812db1ab0eac3a8
date: Wed, 05 Jul 2023 17:43:55 GMT
etag: W/"29b3f-vwfa+v/GB4gUn4UZTiRizsky5KE"
x-powered-by: Express
content-length: 170815
content-type: text/html; charset=utf-8

GET
H2 200 Lora-Medium.ttf
3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/ 171 KB
171 KB 436ms
434ms Font
text/html 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/Lora-Medium.ttf?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: d13995a80540cd5691ce387c462f0cc2a24426a4e5973291ee09d70c0223e50c

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Origin: https://3d9f-216-53-153-110.ngrok-free.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: 3e01c29ac02990ff2c6d56d00cdf15bc
date: Wed, 05 Jul 2023 17:43:55 GMT
etag: W/"2abe3-ELoAMCNq8DIDWHtY8gZIWyyAfJQ"
x-powered-by: Express
content-length: 175075
content-type: text/html; charset=utf-8

GET
H2 200 Lora-Bold.ttf
3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/ 169 KB
170 KB 531ms
529ms Font
text/html 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/Lora-Bold.ttf?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 55e2747afacbe4c62d894074bab69d185cc5898cee714f5786bc59919bb6c00c

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Origin: https://3d9f-216-53-153-110.ngrok-free.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: ba3c26bbe092750f83e3c99fd8f2de14
date: Wed, 05 Jul 2023 17:43:55 GMT
etag: W/"2a58b-8paT6v9Ln7d+GRoih37dPwhS0To"
x-powered-by: Express
content-length: 173451
content-type: text/html; charset=utf-8

GET
H2 200 Average-Regular.ttf
3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/ 44 KB
44 KB 597ms
596ms Font
text/html 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/Average-Regular.ttf?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 3b11ad70561211c03a241d73acd8fca1abbdcae470d4d35e16431bd42b5c772a

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Origin: https://3d9f-216-53-153-110.ngrok-free.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: 9ff90688fee9b676466356d4c0bbe85d
date: Wed, 05 Jul 2023 17:43:55 GMT
etag: W/"af3a-sMQqYyjtAe1xn+WimiPXUwt6WI8"
x-powered-by: Express
content-length: 44858
content-type: text/html; charset=utf-8

GET
H2 200 weather.ttf
3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/ 60 KB
60 KB 588ms
587ms Font
text/html 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/weather.ttf?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a94fd698cf13c42a6965a3c5b6a8f64fa4db107c82bb53bb36e5aefcb0a8f75b

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Origin: https://3d9f-216-53-153-110.ngrok-free.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: 4d58f3dd927f2f9dffe598f34f0cb41f
date: Wed, 05 Jul 2023 17:43:55 GMT
etag: W/"f082-hCxFH08zdW3ZYM7OqhIDh2SrqQU"
x-powered-by: Express
content-length: 61570
content-type: text/html; charset=utf-8

GET
H2 200 Graduate-Regular.ttf
3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/ 28 KB
28 KB 605ms
604ms Font
text/html 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/Graduate-Regular.ttf?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 479c536a4d92d5579b67e254dba7f7fab081becc68aa50e3db3b208584379a7d

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Origin: https://3d9f-216-53-153-110.ngrok-free.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: c2768bbf3837fabde4d85dd32d9ce3fb
date: Wed, 05 Jul 2023 17:43:55 GMT
etag: W/"6e96-WYjm1oXXVz32xwdZswyRnxOuwso"
x-powered-by: Express
content-length: 28310
content-type: text/html; charset=utf-8

GET
H2 200 default.css
3d9f-216-53-153-110.ngrok-free.app/pf/dist/components/output-types/ 1 B
108 B 427ms
426ms Stylesheet
text/css 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/dist/components/output-types/default.css?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: 7883333eb7edc61a8e318c6748e36ee6
date: Wed, 05 Jul 2023 17:43:55 GMT
etag: W/"1-rcg7GeeTSRscbqD9i0bNnzLlkvw"
x-powered-by: Express
content-length: 1
content-type: text/css; charset=utf-8

GET
H2 200 default.css
3d9f-216-53-153-110.ngrok-free.app/pf/dist/components/combinations/ 2 MB
2 MB 528ms
527ms Stylesheet
text/css 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/dist/components/combinations/default.css?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 418e53d1420eb784c7195ff8e36790bb85774fa61fdd403e5420bc2f344378e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: 31469522a940e8f888f009cb1764059a
date: Wed, 05 Jul 2023 17:43:55 GMT
etag: W/"183053-p9qKe9nm/D7nrk/KYbSO6k9WuK0"
x-powered-by: Express
content-length: 1585235
content-type: text/css; charset=utf-8

GET
H2 200 local.js Show response
3d9f-216-53-153-110.ngrok-free.app/pf/dist/engine/ 804 KB
805 KB 508ms
508ms Script
application/javascript 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/dist/engine/local.js?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 26983d8656b32b0ebe403c19e3f74263c00c1de6b271cf6522361c2f31bb258a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: f7902577a9473d3289739eed5f4a089a
date: Wed, 05 Jul 2023 17:43:55 GMT
etag: W/"c8f79-Q46PCLtxd3RIAsvBXTNZD2876qQ"
x-powered-by: Express
content-length: 823161
content-type: application/javascript; charset=utf-8

GET
H2 200 react.js Show response
3d9f-216-53-153-110.ngrok-free.app/pf/dist/engine/ 4 MB
4 MB 275ms
274ms Script
application/javascript 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/dist/engine/react.js?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 540fcf956a9796276331d2a1b2c7e034947bf93502964457c2037f6466c450e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: 3e95c81d746ebe6a2b1beaf3938f5c09
date: Wed, 05 Jul 2023 17:43:57 GMT
etag: W/"433331-kxu62v3yx4Z4sdtQK/vCMWdFxXM"
x-powered-by: Express
content-length: 4404017
content-type: application/javascript; charset=utf-8

GET
H2 200 default.js Show response
3d9f-216-53-153-110.ngrok-free.app/pf/dist/components/combinations/ 14 MB
14 MB 372ms
371ms Script
application/javascript 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/dist/components/combinations/default.js?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: cc041ebd905f9e796e9e8e224685f03710f5d47e6faa50c6a7e9b34e0ee0b43b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: 1872a7598a9f7920d2c651e4aa7056e1
date: Wed, 05 Jul 2023 17:43:57 GMT
etag: W/"e22a4f-8m85MfYjX+vXKCOSmUYfsKnCfUI"
x-powered-by: Express
content-length: 14821967
content-type: application/javascript; charset=utf-8

GET
H2 200 nativo.js Show response
3d9f-216-53-153-110.ngrok-free.app/pf/resources/scripts/ 2 KB
2 KB 496ms
496ms Script
application/javascript 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/scripts/nativo.js?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 42dd4549f6c45512dd4006edc03a18addd489c2066f0fbc5457f11af26a2d308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: e67d9799afba7541394e0fff70e8ea26
date: Wed, 05 Jul 2023 17:43:55 GMT
etag: W/"7dc-uTY61RxlSMflnpDD+Pz70eMgnwI"
x-powered-by: Express
content-length: 2012
content-type: application/javascript; charset=utf-8

GET
H2 200 3f90be06-fb98-4e53-ba60-c20b5bbde2d4-test.json Show response
cdn.cookielaw.org/consent/3f90be06-fb98-4e53-ba60-c20b5bbde2d4-test/ 4 KB
2 KB 336ms
205ms XHR
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3f90be06-fb98-4e53-ba60-c20b5bbde2d4-test/3f90be06-fb98-4e53-ba60-c20b5bbde2d4-test.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dee57d54fb6a1ff97b0f26f6d93a48973f8e4225e4affa6b2542b4961d18ac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: 1vgPS8TXgG21qFwXnxD6tA==
content-length: 1540
x-ms-lease-status: unlocked
last-modified: Wed, 05 Jul 2023 13:00:17 GMT
server: cloudflare
etag: 0x8DB7D57C7CF5D0F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bcb70b25-e01e-0057-5168-af316b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e2169be7c159267-FRA

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 68 B
245 B 109ms
47ms Script
text/javascript 2606:4700::6812:1c26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 7e2169ca79b98fec-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 134ms
51ms Script
application/javascript 2606:4700:e2::ac40:8f26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8f26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:57 GMT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: HM9Z5WS7PJHY3FQH
age: 391
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Y2YkUPR6dPCnA6B3ktAsvqQZVxmS5sxXdkBmb3/yy6MWYaOkSjmfvgAhxD2vZRQk18E1IvoazuE=
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
server: cloudflare
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ms8JUsM7xCuYq2uU2El5hawOePT6HwhKLLGwIPL58bUSLPVWZAv%2FpcS96kslAwrmyfOixdb5k58fPXzLfn%2BUrVHoWAbzBUQYVohAwICg1%2FLfbffI1B%2B5%2B0ZBnXQkH6OIX0JtUuNMKgLXDH4NG7E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 7e2169ca9aef6943-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 319 KB
95 KB 156ms
86ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WT4CBT7

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e26326b3f3b4f9a11ae9ffee71d580831ac785b8bb584046bd9f91f02254af39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97184
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 16:04:08 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jul 2023 17:43:57 GMT

GET
H2 200 loader.min.js Show response
engage.ajc.com/stage/ajc/ 40 KB
41 KB 716ms
467ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://engage.ajc.com/stage/ajc/loader.min.js
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e0b19a204f2619e51422f673be17c36b5212021bec10f9bb0571b22d68ff5f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:55 GMT
last-modified: Fri, 17 Feb 2023 06:13:34 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: aRF+L1aKFB4LTj3f8kCmyw==
etag: 0x8DB10AE19A6E83B
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 279e8d8f-e01e-004b-5b68-af0bed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19
content-length: 41085

GET
H2 200 customJSForNavigaAdBlocker.js Show response
3d9f-216-53-153-110.ngrok-free.app/pf/resources/scripts/ 4 KB
4 KB 413ms
412ms Script
application/javascript 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/scripts/customJSForNavigaAdBlocker.js?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 986aea70763fb622c061f0e8662cbfc3d3e812b6a6119eecd041868f0b3fd21b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: da15db92c8271c4ff5a3bb66c613dc4d
date: Wed, 05 Jul 2023 17:43:57 GMT
etag: W/"1096-spIymP6r39936qov0qI/o3A4bqc"
x-powered-by: Express
content-length: 4246
content-type: application/javascript; charset=utf-8

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 89ms
29ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cfe621e93f0d8c8234020ec9ebd360f85578e38cc6d47890978b4f117f73fd9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/
Origin: https://3d9f-216-53-153-110.ngrok-free.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Jul 2023 17:43:57 GMT
content-md5: Qxcb8BY/ZZs1JPpnw86vTw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: +4cfUtkgQBS45CHLoQUlYbDY2MbJb31lbN+WVxG6bJ24E4/qxVOUk6au1++1zZKtGgg8ZfL822lTCj0itFy9AQ==
x-fb-content-md5: b92e7a029b0f7be003b8b888264cf57d
cross-origin-opener-policy: same-origin-allow-popups
etag: "f3b14a06b581b98cc0f40cddd8687d44"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:59:05 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
305 B 217ms
87ms XHR
application/json 2606:4700::6812:1c26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7e2169bffa5d1907-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/ 383 KB
92 KB 39ms
39ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uPFqyxtrxGqJsyAvB7RnSg==
age: 48798
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93482
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:45 GMT
server: cloudflare
etag: 0x8DADC66BDFA5EC7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: da60ad71-a01e-00f1-2de1-5a0975000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e2169ca1f529072-FRA

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
680 B 97ms
33ms Script
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL

Requested by

Host: engage.ajc.com
URL: https://engage.ajc.com/stage/ajc/loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/
Origin: https://3d9f-216-53-153-110.ngrok-free.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Jul 2023 17:43:57 GMT
age: 740729
detected-user-agent: Chrome Mobile/114.0.0
useragent_normaliser: chrome/114.0.0
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=2
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 105
referrer-policy: origin-when-cross-origin
last-modified: Tue, 20 Jun 2023 23:08:32 GMT
fastly_service_version: 202
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
normalized-user-agent: chrome/114.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 load Show response
sandbox.tinypass.com/xbuilder/experience/ 4 KB
1 KB 404ms
332ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.tinypass.com/xbuilder/experience/load?aid=LaROuvoBsu

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbb42420f00fc4cb15ffdc31461cefdc19f564f49d91fb260f5089263b6a7dc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
date: Wed, 05 Jul 2023 17:43:58 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 05 Jul 2023 17:43:58 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 7e2169cadc8f3836-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: xu67ysmpwt
expires: Wed, 05 Jul 2023 18:13:58 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 307 KB
87 KB 30ms
29ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=9f4b7da2e1a2cc19390fc1e590876274

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ac1ffc09bed6c60c5ca73fa980799a674eb3e2050e063e8b91fa9357d7ac0e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/
Origin: https://3d9f-216-53-153-110.ngrok-free.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Jul 2023 17:43:57 GMT
content-md5: 6AkMeC35N109Z9awyjVXrw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88742
x-fb-debug: 4IAXSoeoC/92DYXGOLJC+AYhAFU5bk4/rDX70X5n5HbveTk99R9IIenTD1H/5wXRYZlzQeaeikOELutGjDIZ0A==
x-fb-content-md5: 2578abce13a616d8de79298007237427
cross-origin-opener-policy: same-origin-allow-popups
etag: "310374bc6412f332a10d4879f0bb14e0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 04 Jul 2024 15:34:40 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/3f90be06-fb98-4e53-ba60-c20b5bbde2d4-test/72aff038-fe81-459d-acad-4136c89a0682/ 251 KB
40 KB 76ms
76ms Fetch
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3f90be06-fb98-4e53-ba60-c20b5bbde2d4-test/72aff038-fe81-459d-acad-4136c89a0682/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acd09a7a6b3f0b2e8218b61142980d1cc44fc2de7dc07af5174d9f7d494796b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: i2ZLjUSHckEesdkWANRkIw==
content-length: 41089
x-ms-lease-status: unlocked
last-modified: Sat, 01 Jul 2023 00:40:57 GMT
server: cloudflare
etag: 0x8DB79CBD58765D7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8a35f11e-601e-0046-1a68-af0670000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e2169caa87f9267-FRA

GET
H2 200 loader-config.json Show response
engage.ajc.com/stage/ajc/ 4 KB
5 KB 582ms
491ms Fetch
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://engage.ajc.com/stage/ajc/loader-config.json
Requested by: Host: engage.ajc.com
URL: https://engage.ajc.com/stage/ajc/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 423132877beb4612248e46f88186f367dbf03357b489676ec92608911e5faa34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:58 GMT
last-modified: Fri, 17 Feb 2023 06:20:19 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: dtwUIlx8VWxazBOSfwV6EQ==
etag: 0x8DB10AF0B552611
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d432136d-201e-0019-5868-af7705000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19
content-length: 4469

GET
H2 200 bLayout-en.json Show response
cdn.cookielaw.org/consent/3f90be06-fb98-4e53-ba60-c20b5bbde2d4-test/72aff038-fe81-459d-acad-4136c89a0682/ 14 KB
3 KB 81ms
80ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3f90be06-fb98-4e53-ba60-c20b5bbde2d4-test/72aff038-fe81-459d-acad-4136c89a0682/bLayout-en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bb4ae482f4a791de91dcc776901f4fab5d1856f88538a38cbd63646b26c5ee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2835
x-ms-lease-status: unlocked
last-modified: Sat, 01 Jul 2023 00:41:06 GMT
server: cloudflare
etag: 0x8DB79CBDB635F00
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f623b98f-801e-006e-2468-af71cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 7e2169cb691e9267-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/ 61 KB
13 KB 72ms
71ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: mBGnk7IXt0USbYmXZQhmOw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12540
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:37 GMT
server: cloudflare
etag: 0x8DADC66B90C98A8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cd1822b8-101e-0049-6267-afeb86000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e2169cb69209267-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 21 KB
4 KB 77ms
77ms Fetch
text/css 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b450c566-001e-0012-6567-afecfa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e2169cb69219267-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5HXB1QX6N6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WT4CBT7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17213b5c168ad5aaa9fa1a1fafa0312eca5592af5f2646a5d8452b06b0ae0d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90141
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Jul 2023 17:43:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 102ms
31ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WT4CBT7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Jul 2023 17:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2357
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 05 Jul 2023 19:04:41 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
46 KB 64ms
32ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WT4CBT7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jul 2023 17:43:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: Bz0Dr1BxAknEtSGYP6l+QwjJzK5S8IBvzWPuJte7s5PrpQYlqLNmFKTDedmt5R7D2Nd1lGGvbYuTueRq3sqXJg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 127ms
35ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WT4CBT7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 12 Jul 2023 17:43:58 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
773 B 211ms
77ms Script
application/x-javascript 2a02:26f0:3100::1735:28a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WT4CBT7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Jun 2023 17:35:57 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=13913
accept-ranges: bytes
content-length: 560

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 70 KB
24 KB 114ms
33ms Script
application/x-javascript 2600:9000:2057:e200:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:e200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0744b5a06712d19c1b72db9691015da5567bda61a5a05ed27b60834cd2e6dfcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:39:11 GMT
content-encoding: gzip
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 00:36:52 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 3887
etag: W/"649b80a4-11962"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: rPUbx4GFTGLtEEllAyWzMpa4j8Na10YU7sKPi5nqy_jclPHnHzQmaw==
expires: Wed, 05 Jul 2023 18:39:11 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 136ms
56ms Script
application/x-javascript 2600:9000:2057:e200:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WT4CBT7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:e200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:39:52 GMT
content-encoding: gzip
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 00:37:14 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 3846
etag: W/"649b80ba-5df1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Wix11lrkNu1QtuBzm0GUMssGaFN2h3o-2C8z4VIbzz5Tu6GXCwi9Ug==
expires: Wed, 05 Jul 2023 18:39:52 GMT

GET
H2 204 analytics.min.js Show response
cdn.resonate.com/analytics.js/v1/101118657/ 0
97 B 126ms
38ms Script
text/plain 104.18.13.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.resonate.com/analytics.js/v1/101118657/analytics.min.js

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7e2169cc4f871c13-FRA
vary: Accept-Encoding

GET
H2 200 e33629d56d1f5531bf582ea7ec0f3c85 Show response
thefontzone.com/v4/w/fonts/ 0
365 B 488ms
374ms XHR
application/json 13.32.110.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://thefontzone.com/v4/w/fonts/e33629d56d1f5531bf582ea7ec0f3c85?i=3d9f-216-53-153-110.ngrok-free.app&l=3d9f-216-53-153-110.ngrok-free.app&p=/5HSYR2LQ4NDYJHHEA3LXGKE2I4/&o=Win32&v2=1600x1200&r3=0&s4=&y1=https%3A&y2=&y3=
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-105.vie50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
via: 1.1 dcb9765526b3272617b95932c8fefee2.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amzn-trace-id: Root=1-64a5abde-334defb716d3e43a01b8ba31;Sampled=0;lineage=d7a1fa29:0
x-amzn-requestid: e6cee7c5-8dfb-43a9-8458-2f9bf26e201e
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: HmfKzFU6IAMFhZg=
content-length: 0
x-amz-cf-id: PdaJq0Z5VtQMkaeoLbs9HimCvLz_yJRHoFZrTIdSyE5jN6GDj2KGLA==

GET
H2 200 ajc.js Show response
cdn.brandmetrics.com/tag/3f301bc9a4c9422cb375a5bcc32f8506/ 6 KB
3 KB 139ms
62ms Script
text/javascript 2606:4700:20::681a:c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/3f301bc9a4c9422cb375a5bcc32f8506/ajc.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WT4CBT7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40bd201d8981c6fde06fd8fa2c31de3ee5b61e0c6b6e2c83f8e14250a5e2635b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 05 Jul 2023 13:27:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ilH9MwAp4pDorsoXRSoywzuzW3qZtdMGBgSagq9s0mW%2BAbYvla1f38ssssdBmRN2WYLmhPRMK8LaETc8lYG4q7X3iYiq71TNvpxfM2cjzjrjDmIGNz6%2F5k6USLUquMm6urtxWHIu8mMo8vqfqDOUqGb"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e2169cc29493615-FRA
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 vpr.min.js Show response
cdn.veritonic.com/static/ 4 KB
2 KB 135ms
32ms Script
application/javascript 2600:9000:21f3:d200:1e:549f:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.veritonic.com/static/vpr.min.js
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d200:1e:549f:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 561c37dd8e1b8a9bc6d9b5d9e620fa080452bf68ae4cf31ad2588697f82a88f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:14:59 GMT
x-amz-version-id: lpM9pHakfw6gqKkC2wOrxLlrGh49F.Zh
content-encoding: gzip
last-modified: Wed, 21 Sep 2022 16:23:24 GMT
server: AmazonS3
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"2ad48ac6e466c6833db7b2a2a6f52c40"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 1740
x-amz-cf-id: CAp69dNsXvctqoWjaV4b0DAcGv6QHOvLShtuMeqiEGVhgfj_de9IJg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 141 KB
54 KB 65ms
65ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-712386318

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WT4CBT7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d07e0e02fe72a907ae40c2dd8651adeeef1e069ecaed7c5b769c57886858cf1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55054
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 16:04:08 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jul 2023 17:43:58 GMT

GET platform.js
insiderdata360online.com/service/ 0
0

GET
H2 200 referral-tag.js Show response
apps.rokt.com/integrations/referral-tag/ 356 B
914 B 193ms
45ms Script
application/javascript 2a02:26f0:480:f::213:7ec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/integrations/referral-tag/referral-tag.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WT4CBT7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

45645d99e775050ece2b2a76a67efd530d9b69eca984682677d97d5392f6e009

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: 6QH67QY5QBCTN8XX
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 227
x-amz-id-2: bW2TxcWa2KsA2caqU80GtGqiKPgPHDjTm6+dFIhEJDwUSSbmko/Ew5et87IkJx2zmQphDOSRsuM=
last-modified: Tue, 07 Mar 2023 22:41:04 GMT
server: AmazonS3
etag: "907d140c59faa7096e188b3f42ad6bf9"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1200, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
82 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6VR7Y4BTY5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WT4CBT7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf8abb7afc1f7a783bf2ba79eae4e6c85ef6f96b154e745b87389a95ecae3473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84326
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Jul 2023 17:43:58 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
228 B 102ms
31ms Image
text/plain 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035944&ns__t=1688579038003&ns_c=UTF-8&c8=Story%20with%20a%20Lead%20Gallery&c7=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&c9=
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: wgKk8RtyWSqgoQAlCYREbkA8osXFJEXeHPCd-l-RF459fYraLXK_Ew==
x-cache: Miss from cloudfront

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
488 B 68ms
67ms Fetch
image/svg+xml 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status: unlocked
last-modified: Wed, 05 Jul 2023 03:52:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f1d3f0e0-c01e-0144-3267-af42df000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e2169cc19ff9267-FRA

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 41ms
41ms Image
image/png 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 45433
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Tue, 04 Jul 2023 02:26:01 GMT
server: cloudflare
etag: 0x8DB7C36026CDFCE
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 7dab278a-301e-0173-435b-aeee70000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e2169cc1a3d9072-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 42ms
42ms Image
image/svg+xml 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 435
x-ms-lease-status: unlocked
last-modified: Tue, 04 Jul 2023 02:26:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d5f1d1dd-c01e-0144-21a1-ae42df000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e2169cc1a409072-FRA

GET
H3 200 812212812506283 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 39ms
36ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/812212812506283?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7c1418193466eb02810f5bb3b40e41e50acb1384535b893110c6c8acfb1822e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jul 2023 17:43:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88008
x-xss-protection: 0
pragma: public
x-fb-debug: Oih2MO/fmRzq0tZNB9CW/lqjJ2Tb8wzV7ifhWzNwMZrytew3Hdq/AJumZNOQJ0ub6i5swWDrB9C07fiIGxHxDg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
269 B 107ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6VR7Y4BTY5&gtm=45je36s0&_p=1301209307&cid=1142072831.1688579038&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1688579038&sct=1&seg=0&dl=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&dt=Story%20with%20a%20Lead%20Gallery&en=page_view&_fv=1&_nsi=1&_ss=1&ep.useAmpClientId=true&ep.siteMedium=np&ep.siteID=ajc&ep.siteMetro=ga%3A%20atlanta&ep.siteType=free&ep.siteFormat=news&ep.siteVersion=responsive%20site&ep.siteDomain=sandbox.ajc.com&ep.pageURL=https%3A%2F%2Fwww.ajc.com%2Flife%2Fstory-with-a-lead-gallery%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&ep.pageTitle=story%20with%20a%20lead%20gallery&ep.pageSiteSection=%2Flife&ep.pageCategory=&ep.pageMainSection=%2Flife&ep.pageContentType=article&ep.contentID=5HSYR2LQ4NDYJHHEA3LXGKE2I4&ep.contentPublishDate=20230620113619&ep.contentByline=patricia%20murphy&ep.contentVendor=&ep.contentOriginatingSite=ajc&ep.siteCMS=arc&ep.previousPageName=%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&ep.blogName=&ep.contentTopics=politics.ajc%2Catlanta-news-metro.ajc&ep.contentPaywallStatus=premium&ep.referralHost=3d9f-216-53-153-110.ngrok-free.app
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VR7Y4BTY5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 17:43:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3d9f-216-53-153-110.ngrok-free.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
454 B 105ms
37ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://3d9f-216-53-153-110.ngrok-free.app
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 rules-p-38KriKc8Foyx-.js Show response
rules.quantcount.com/ 8 KB
2 KB 112ms
31ms Script
application/javascript 2600:9000:223c:f400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-38KriKc8Foyx-.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6399ea7ff0723d0e5ad7375ad62d36754e9e563e35a9257059501a9d1961b935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:25:33 GMT
content-encoding: gzip
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:23:40 GMT
server: AmazonS3
etag: W/"5d01e8236d389b34aba5e6b6e88151ca"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: MJdvRD69h43belHFiBHu5yDPhbXXDfs1E-87ZoeCrzPBz6Jzvucr4Q==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
202 B 384ms
125ms Image
image/gif 18.214.42.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=sandbox.ajc.com&p=%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&u=DujnhtdrWC4fET6d&d=3d9f-216-53-153-110.ngrok-free.app&g=66001&g0=%2Flife&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&b=5025&t=D4aRTvB2PRfHCGmIrtCVGA_3D23mu5&V=140&i=Story%20with%20a%20Lead%20Gallery&tz=0&_acct=anon&sn=1&sv=DBxYVACmEyU_BLCMG5CfQg9YQAJ9m&sd=1&im=06032cda&_
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.42.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-42-180.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Jul 2023 17:43:58 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
55 B 37ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5HXB1QX6N6&gtm=45je36s0&_p=1301209307&ul=English&cid=1142072831.1688579038&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=1&dl=https%3A%2F%2Fwww.ajc.com%2Flife%2Fstory-with-a-lead-gallery%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&dp=%2Flife%2Fstory-with-a-lead-gallery%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&dt=Story%20with%20a%20Lead%20Gallery&sid=1688579038&sct=1&seg=0&en=scroll&_fv=1&_ss=1&ep.byline=patricia%20murphy&ep.content_type=article&ep.country=US&ep.date_published=20230620113619&ep.identifier=5HSYR2LQ4NDYJHHEA3LXGKE2I4&ep.paywall_status=premium&ep.publication_name=undefined&ep.site_metro=ga%3A%20atlanta&ep.site_name=ajc&ep.site_section=%2Flife&ep.subcategory=&ep.topics=politics.ajc%2Catlanta-news-metro.ajc&ep.site_version=responsive%20site&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5HXB1QX6N6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 17:43:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3d9f-216-53-153-110.ngrok-free.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
atr.veritonicmetrics.com/ 13 B
133 B 153ms
153ms XHR
application/json 107.20.249.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://atr.veritonicmetrics.com/
Requested by: Host: cdn.veritonic.com
URL: https://cdn.veritonic.com/static/vpr.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.249.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-249-201.compute-1.amazonaws.com
Software: /
Resource Hash: b232b740e35e175a9a671a7695fc317efc0d86304efd2733f0f8d70105c744c9

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 05 Jul 2023 17:43:58 GMT
content-length: 13
apigw-requestid: HmfK2j84oAMEY8g=
content-type: application/json

OPTIONS
H2 200 /
atr.veritonicmetrics.com/ Frame 0
0 416ms
137ms Preflight
image/gif 107.20.249.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://atr.veritonicmetrics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.249.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-249-201.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://3d9f-216-53-153-110.ngrok-free.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS,POST
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: HmfK0jiYIAMEYjg=
content-length: 43
content-type: image/gif
date: Wed, 05 Jul 2023 17:43:58 GMT

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 47 KB
15 KB 113ms
112ms Script
text/javascript 2606:4700:20::681a:c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=024b5874-cbb0-4a6a-a117-910740cbe8c0&toploc=3d9f-216-53-153-110.ngrok-free.app
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/3f301bc9a4c9422cb375a5bcc32f8506/ajc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09bae7eb6b99ef05e30ad9ccfb0facc571570303212a4281902c8dc54477339d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 05 Jul 2023 17:43:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzTc9BPcPlA1UT%2Fn9K5x3EQL%2FGhMb9x%2BkecuZofrK4Cc5KgueDKjda6%2BQatbtJLuX0awlqnMBPb2coIdPoM5yWMYmWAJm5mOdwabDdxwELIFgU12f51zowexJK5wwYmimNidVeZ8T4NljkUe42NXpkL5"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e2169cd0ac73615-FRA
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/712386318/ 3 KB
2 KB 139ms
70ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/712386318/?random=1688579038242&cv=11&fst=1688579038242&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&hn=www.googleadservices.com&frm=0&tiba=Story%20with%20a%20Lead%20Gallery&us_privacy=1---&auid=1862706647.1688579038&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-712386318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

787ad1808f0fb94acf920c764b7ad290f723f9eaba01c5a8c113f4b7abe107c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1370
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/712386318/ 3 KB
2 KB 134ms
72ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/712386318/?random=1688579038257&cv=11&fst=1688579038257&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&label=Snf_CLLCsKsYEI7O2NMC&hn=www.googleadservices.com&frm=0&tiba=Story%20with%20a%20Lead%20Gallery&value=1&currency_code=USD&us_privacy=1---&auid=1862706647.1688579038&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-712386318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2617332e28c2a433229f581865eeda437dcc8f4506b1c46f7969038f04d80b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1429
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1401480206566122 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 32ms
32ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1401480206566122?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8cac3523f9e11f7539b85ad276d382fb96b539fd1d40a1eb052be209096080ba

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jul 2023 17:43:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 90161
x-xss-protection: 0
pragma: public
x-fb-debug: xqSkUdS5uVX7UHVYI3OKmXy00ouuKzo78BYHmXR2/WPE/67ldkmq2N59SGHWFEKXa4tbjdFPHyLxu8jBBHTyPg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 96ms
31ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=812212812506283&ev=PageView&dl=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&rl=&if=false&ts=1688579038272&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.2.1688579038270.1611073091&it=1688579038120&coo=false&tm=1&rqm=GET

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jul 2023 17:43:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 208 B
547 B 215ms
124ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=sandbox.ajc.com&domain=3d9f-216-53-153-110.ngrok-free.app&path=%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3e546f6985ad6d7ce8297983f27155787a38cdb26818f857f79344d369468bea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 187
x-served-by: cache-fra-eddf8230045-FRA
x-timer: S1688579038.384672,VS0,VE93
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Mon, 03 Jul 2023 17:43:58 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
383 B 106ms
37ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://3d9f-216-53-153-110.ngrok-free.app
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 tinypass.min.js Show response
sandbox.tinypass.com/api/ 343 KB
102 KB 54ms
54ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.tinypass.com/api/tinypass.min.js

Requested by

Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/xbuilder/experience/load?aid=LaROuvoBsu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f4bc7230fe2d17b6b4c32f261c48da00021b2e2ba8e692de5cf6dfc195993ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 2642
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 05 Jul 2023 06:36:26 GMT
wn: sandbox-vx-dash-10-13-78-76
server: cloudflare
etag: W/"351683-1688538986000"
vary: Accept-Encoding
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=1200
cf-ray: 7e2169cd5f763836-FRA
expires: Wed, 05 Jul 2023 18:03:58 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 44ms
44ms Script
application/x-javascript 2a02:26f0:3100::1735:28a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Jun 2023 22:23:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=30881
accept-ranges: bytes
content-length: 4807

GET
H2 200 pixel;r=804612529;labels=.np;source=gtm;rf=0;a=p-38KriKc8Foyx-;url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F;uht=2;fpan=1;fpa=P0-839546849-1688579038198;pbc=;...
pixel.quantserve.com/ 35 B
373 B 45ms
30ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=804612529;labels=.np;source=gtm;rf=0;a=p-38KriKc8Foyx-;url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F;uht=2;fpan=1;fpa=P0-839546849-1688579038198;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;us_privacy=1---;ref=;d=3d9f-216-53-153-110.ngrok-free.app;dst=0;et=1688579038314;tzo=0;ogl=image.https%3A%2F%2Fsandbox%252Eajc%252Ecom%2Fresizer%2FGyCkucqADOCMaC1RGTJUevMiO0I%3D%2F1200x630%2Fcloudfront%2Cimage%3Asecure_url.https%3A%2F%2Fsandbox%252Eajc%252Ecom%2Fresizer%2FGyCkucqADOCMaC1RGTJUevMiO0I%3D%2F1200x630%2Fcloudfront%2Cimage%3Atype.image%2Fjpeg%2Cimage%3Aheight.630%2Cimage%3Awidth.1200%2Ctitle.Story%20with%20a%20Lead%20Gallery%2Ctype.article%2Curl.https%3A%2F%2Fwww%252Eajc%252Ecom%2Flife%2Fstory-with-a-lead-gallery%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F%2Cdescription.This%20is%20the%20first%20paragraph%20of%20my%20story%252E%20And%20here%20is%20more%20and%20more%20and%20more%20and%20%2Csite_name.ajc;ses=8b1caee9-6757-4944-9ec2-2e6810af5ae6;mdl=

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 17:43:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 47ms
32ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=812212812506283&ev=PageView&dl=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&rl=&if=false&ts=1688579038320&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.2.1688579038270.1611073091&it=1688579038120&coo=false&rqm=GET

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jul 2023 17:43:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 46ms
31ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1401480206566122&ev=PageView&dl=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&rl=&if=false&ts=1688579038322&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.2.1688579038270.1611073091&it=1688579038120&coo=false&rqm=GET

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jul 2023 17:43:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2509682/domain/3d9f-216-53-153-110.ngrok-free.app/ 36 B
378 B 241ms
177ms XHR
application/json 2600:9000:20eb:1e00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2509682/domain/3d9f-216-53-153-110.ngrok-free.app/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: gzip
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: zXRKxhSD0tHor4GJaMlnxKGudLAzWJ4cydBP46-LFFd8c9D4naQ4vw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2509682&time=1688579038331&url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2509682&time=1688579038331&url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2509682%26time%3D1688579038331%26url%3Dhttps%253A%252F%252F3d9f-216-53-153-110.ng...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2509682&time=1688579038331&url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2509682&time=1688579038331&url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&cookiesTest=true&liSync=true&e_ip...

0
483 B

283ms
212ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2509682&time=1688579038331&url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&cookiesTest=true&liSync=true&e_ipv6=AQKpaU8U7QL8zQAAAYknJ1-99HSYaDY8YMrf8pUGXo2WaAchDXHZMrYsiALgnDG92X910ASaYdhUiMXni1yrgHIKGyG0cQ
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: DC31AACB57CA4E768AD4F8D19EC2D969 Ref B: FRAEDGE2016 Ref C: 2023-07-05T17:43:59Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lor1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/wPHSE0j5n8FkosZ7ug==

Redirect headers

date: Wed, 05 Jul 2023 17:43:58 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 198B786BA1BE4995971370A74E0C1E1B Ref B: DUS30EDGE0316 Ref C: 2023-07-05T17:43:59Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2509682&time=1688579038331&url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&cookiesTest=true&liSync=true&e_ipv6=AQKpaU8U7QL8zQAAAYknJ1-99HSYaDY8YMrf8pUGXo2WaAchDXHZMrYsiALgnDG92X910ASaYdhUiMXni1yrgHIKGyG0cQ
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/wPHNv5nOF+JFoYc0Cw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
223 B 38ms
37ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1301209307&t=pageview&_s=1&dl=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&ul=en-us&de=UTF-8&dt=Story%20with%20a%20Lead%20Gallery&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAQCACAAI~&jid=111927641&gjid=560104741&cid=1142072831.1688579038&tid=UA-84606567-2&_gid=1062938384.1688579038&_r=1&_slc=1&gtm=45He36s0n81WT4CBT7&cd1=np&cd2=ajc&cd3=ga%3A%20atlanta&cd4=free&cd5=news&cd6=responsive%20site&cd7=sandbox.ajc.com&cd8=https%3A%2F%2Fwww.ajc.com%2Flife%2Fstory-with-a-lead-gallery%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&cd9=story%20with%20a%20lead%20gallery&cd10=%2Flife&cd11=&cd13=%2Flife&cd14=article&cd15=5HSYR2LQ4NDYJHHEA3LXGKE2I4&cd16=premium&cd17=20230620113619&cd19=patricia%20murphy&cd20=&cd23=ajc&cd26=arc&cd27=%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&cd28=&cd29=politics.ajc%2Catlanta-news-metro.ajc&cd48=3d9f-216-53-153-110.ngrok-free.app&cd132=test&z=1133521405

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 17:43:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3d9f-216-53-153-110.ngrok-free.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 execute Show response
c2-sandbox.piano.io/xbuilder/experience/ 2 KB
1 KB 409ms
335ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2-sandbox.piano.io/xbuilder/experience/execute?aid=LaROuvoBsu

Requested by

Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a89cee60f0cd859bdda29fef66aee173061cf6decc3ffec900b48ab3ddbddebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Jul 2023 17:43:58 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-request-id: 72509pxjqe
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://3d9f-216-53-153-110.ngrok-free.app
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7e2169ced8b28fc5-FRA

GET
H2 200 /
www.google.com/pagead/1p-user-list/712386318/ 42 B
109 B 112ms
44ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/712386318/?random=1688579038242&cv=11&fst=1688576400000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&frm=0&tiba=Story%20with%20a%20Lead%20Gallery&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2134039179&rmt_tld=0&ipr=y

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 17:43:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/712386318/ 42 B
456 B 110ms
43ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/712386318/?random=1688579038242&cv=11&fst=1688576400000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&frm=0&tiba=Story%20with%20a%20Lead%20Gallery&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2134039179&rmt_tld=1&ipr=y

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 17:43:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/712386318/ 42 B
456 B 109ms
42ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/712386318/?random=1688579038257&cv=11&fst=1688576400000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&label=Snf_CLLCsKsYEI7O2NMC&frm=0&tiba=Story%20with%20a%20Lead%20Gallery&value=1&currency_code=USD&data=event%3Dconversion&fmt=3&is_vtc=1&random=3261521040&rmt_tld=0&ipr=y

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 17:43:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/712386318/ 42 B
109 B 110ms
43ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/712386318/?random=1688579038257&cv=11&fst=1688576400000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&label=Snf_CLLCsKsYEI7O2NMC&frm=0&tiba=Story%20with%20a%20Lead%20Gallery&value=1&currency_code=USD&data=event%3Dconversion&fmt=3&is_vtc=1&random=3261521040&rmt_tld=1&ipr=y

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 17:43:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 123ms
30ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: engage.ajc.com
URL: https://engage.ajc.com/stage/ajc/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:58 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1377
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/4CD6)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0bf9f4db-201e-000c-2b65-af6c92000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Wed, 05 Jul 2023 18:13:58 GMT

GET
H2 200 fp.min.js Show response
engage-fp.ajc.com/stage/ajc/ 65 KB
66 KB 556ms
422ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://engage-fp.ajc.com/stage/ajc/fp.min.js?202365
Requested by: Host: engage.ajc.com
URL: https://engage.ajc.com/stage/ajc/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c19f2bce846490ddb81eb3b7ef2af6de4e65029d552f5d828e9ae47db1dee767

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/
Origin: https://3d9f-216-53-153-110.ngrok-free.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:58 GMT
last-modified: Mon, 16 Jan 2023 09:17:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: sxH/UQIl8a18/gdRf1yPwA==
etag: 0x8DAF7A28D3E8160
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7dd497ab-801e-0086-6568-af3b07000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19
content-length: 67063

GET
H2 200 g2i.min.js Show response
engage-g2insights.ajc.com/stage/ajc/ 225 KB
225 KB 587ms
445ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://engage-g2insights.ajc.com/stage/ajc/g2i.min.js?202365
Requested by: Host: engage.ajc.com
URL: https://engage.ajc.com/stage/ajc/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 952351bbf7a62c4e1c97623f9cad163340753b44fdafb36cc9f4c9da8fa5e5b3

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/
Origin: https://3d9f-216-53-153-110.ngrok-free.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:58 GMT
last-modified: Tue, 06 Dec 2022 07:26:05 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: rAaLv+QzyOYcsIlIi0cUYA==
etag: 0x8DAD75B22EC8719
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 663c2c0b-801e-0072-3b68-aff0f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19
content-length: 229953

GET
H2 200 t8y9347t.min.js Show response
engage-connext.ajc.com/stage/ajc/ 871 KB
872 KB 496ms
407ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://engage-connext.ajc.com/stage/ajc/t8y9347t.min.js?202365
Requested by: Host: engage.ajc.com
URL: https://engage.ajc.com/stage/ajc/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 567812b18c4feb7691cbcd437ee0c5a3a53a9383b8fc07e1e4bf11e7a2fff335

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/
Origin: https://3d9f-216-53-153-110.ngrok-free.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:58 GMT
last-modified: Fri, 03 Feb 2023 10:22:21 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: vGsUd9PeTsf+h27Xh8IGIA==
etag: 0x8DB05D089098414
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 517c2c94-001e-0043-4968-af11e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
content-length: 891540

GET
H2 200 t8y9347t.min.css
engage-connext.ajc.com/stage/ajc/ 386 KB
386 KB 567ms
406ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://engage-connext.ajc.com/stage/ajc/t8y9347t.min.css?202365
Requested by: Host: engage.ajc.com
URL: https://engage.ajc.com/stage/ajc/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6653d2cca03c490c0032cd74205c6c37a494ea31ac1c46aec8e55c7017c1b3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:43:58 GMT
last-modified: Tue, 31 Jan 2023 07:24:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: MrVpkxJID7vFEqfm9gnQOQ==
etag: 0x8DB035C3E31F4D2
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: df14f153-401e-00a6-5b68-af40a0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19
content-length: 395021

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 9D93 0
63 B 32ms
31ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://3d9f-216-53-153-110.ngrok-free.app
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://3d9f-216-53-153-110.ngrok-free.app
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 17:43:58 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame D070 0
18 B 32ms
31ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://3d9f-216-53-153-110.ngrok-free.app
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://3d9f-216-53-153-110.ngrok-free.app
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 17:43:58 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
26 KB 178ms
102ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/stage/v3/ajc.com/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec92accae730d744155e8ca2aeca9cd81977ee58fb41a9a403849af7209af04d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25834
x-xss-protection: 0
server: cafe
etag: 757 / 19543 / m202306280101 / config-hash: 12539050402590311780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:43:59 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 236 KB
58 KB 263ms
51ms Script
application/javascript 143.204.221.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/stage/v3/ajc.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.221.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-221-63.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:22:00 GMT
content-encoding: gzip
via: 1.1 3f2df5c7fd7d1f93fcc5a6422a7204f0.cloudfront.net (CloudFront), 1.1 866d9f0eb3772e2912781bd139212be2.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 21:03:23 GMT
server: AmazonS3
x-amz-cf-pop: LHR62-C4, CDG3-C1
age: 1320
x-amz-server-side-encryption: AES256
etag: W/"9352f20e556bff9fea6fd0461aac850d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: n3Tbqlo_jaLOZVs7OBei7imGLZIMcvRDK1rPZnTw9sa6_Rx0LRxUKg==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ 392 KB
125 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 13:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15713
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127514
x-xss-protection: 0
server: cafe
etag: 13498126467117012333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 04 Jul 2024 13:22:06 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 56 B
83 B 129ms
66ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=3d9f-216-53-153-110.ngrok-free.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19681ff1881ad9386204d5768fb008ba7cf14a0769535143ee78fb6c05df0548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:43:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59
x-xss-protection: 0
expires: Wed, 05 Jul 2023 17:43:59 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 490ms
398ms XHR
application/javascript 143.204.221.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.221.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-221-63.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:44:00 GMT
x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 5732b8336788d04c0d6cb18b0b2aa3c2.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: h0HW_HUr9gDhNarh6rRq86Z7I3UjDQgYk_Q-PQHLFrL3EaF887jg8g==

GET
H2 200 self Show response
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 578 B
781 B 304ms
227ms XHR
application/json 104.26.5.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1688579039874
Requested by: Host: engage-fp.ajc.com
URL: https://engage-fp.ajc.com/stage/ajc/fp.min.js?202365
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98bb9de2e5224fa29d86725f1fc45abac4558817df644c2ebb62beb57b0bfc1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:44:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 05 Jul 2023 17:44:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYaxmMoDiuRh3fpiyCOqNx4csfA9JzbDSLLItPMDHmuWc8YWBOrsCCXd4GMnwoNQqbj4uxR3kj%2FHzfgoNSexzSTyNs5ZRmjdIfYyZni%2BYZXh2g%2BZKL6R%2BNhLD1ucmCitEZys"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 7e2169d7d9fd2bd2-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 387ms
132ms Image
image/png 54.231.132.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=34686876d2dc
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.132.145 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 05 Jul 2023 17:44:01 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: RDNDD6K5BMED2EC8
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: Tm64e5JRJWpzFJ7qN7bpMEoGOUI/5Xoa67ZLwI5nhVjn5FITCt7Iz5/H8n50ERghtvd3fY8OpkU=

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 287 KB
90 KB 69ms
68ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W3VLHBK&l=MG2DL

Requested by

Host: engage-g2insights.ajc.com
URL: https://engage-g2insights.ajc.com/stage/ajc/g2i.min.js?202365

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

717889340f7541123677b617230b01e2fdd83f4a692e5e15dd8dc19fc5f9b376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:44:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92072
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 16:04:08 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jul 2023 17:44:00 GMT

GET
H2 200 index.js Show response
cdn.pranmcpkx.com/ 7 KB
3 KB 143ms
29ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pranmcpkx.com/index.js
Requested by: Host: engage-connext.ajc.com
URL: https://engage-connext.ajc.com/stage/ajc/t8y9347t.min.js?202365
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBD) /
Resource Hash: 6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:44:00 GMT
content-encoding: gzip
content-md5: nynBpfvYghYqzIzsvfssRw==
age: 21494
x-cache: HIT
content-length: 2382
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jun 2022 17:08:13 GMT
server: ECAcc (frc/4CBD)
etag: 0x8DA5083F65AD9E0
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: a3e95e84-601e-0008-7e36-afedb1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

OPTIONS
H2 200 user
dev-api.mg2insights.com/ Frame 0
0 225ms
144ms Preflight
text/plain 35.190.81.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev-api.mg2insights.com/user?deviceid=3e0ddc883fabee43a674df3dab9f8d2e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.81.243 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 243.81.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: browser-session,client-code,config-code,content-type,deviceid,g2i-reqid,g2ideviceid,page-session,site-code
Access-Control-Request-Method: GET
Origin: https://3d9f-216-53-153-110.ngrok-free.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Browser-Session, Page-Session, DeviceID, G2iDeviceID, Config-Code, authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Client-Code,Site-Code,BotInfo,InitSettings,G2i-reqid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range, X-Request-ID
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: application/octet-stream text/plain; charset=utf-8
date: Wed, 05 Jul 2023 17:44:00 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 AJC__AJC_STAGE_DEFAULT.json Show response
engage-connext.ajc.com/stage/data/ajc/ 1 MB
1 MB 385ms
384ms Fetch
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://engage-connext.ajc.com/stage/data/ajc/AJC__AJC_STAGE_DEFAULT.json?_=1688579040275
Requested by: Host: engage-connext.ajc.com
URL: https://engage-connext.ajc.com/stage/ajc/t8y9347t.min.js?202365
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 52543b265097587d6e0077cae948e5d682d5702c78892c310ef4ab941e57193d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: AppendBlob
date: Wed, 05 Jul 2023 17:43:59 GMT
last-modified: Mon, 26 Jun 2023 19:10:40 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count: 1
etag: 0x8DB7679084F6D3C
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 8336f77c-101e-0012-7868-af8c6e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
cache-control: no-cache
x-ms-version: 2009-09-19
content-length: 1376949

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
1 KB 378ms
138ms Image
image/jpeg 52.216.76.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.76.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 05 Jul 2023 17:44:01 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Server: AmazonS3
x-amz-request-id: RDN644P8V55PJ97R
ETag: "ef2cc7f55b7ab677b023e36033e26471"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 631
x-amz-id-2: f8ilRnHCCl23C5pN4Po3wnM2KDsDHTD2s3reQ5DOx9IPC/wDdBTlpFZ/9hWyiX/k4JKfjJXSaj0=
x-amz-meta-s3b-last-modified: 20191015T134358Z

GET
H2 200 user Show response
dev-api.mg2insights.com/ 131 B
423 B 149ms
148ms Fetch
application/json 35.190.81.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev-api.mg2insights.com/user?deviceid=3e0ddc883fabee43a674df3dab9f8d2e
Requested by: Host: engage-g2insights.ajc.com
URL: https://engage-g2insights.ajc.com/stage/ajc/g2i.min.js?202365
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.81.243 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 243.81.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e1f01b424dded0aa85e07bdcfe58b12fbe07f2cde6820427acbe9ffa20b40d98

Request headers

browser-session: d9aa3a13-b003-4565-8eae-c30888d409a0
deviceid: 3e0ddc883fabee43a674df3dab9f8d2e
page-session: 7e9456e59e7a82827b94f105e091bc12
site-code: AJC
accept-language: de-DE,de;q=0.9
g2ideviceid
client-code: AJC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json
accept: application/json
g2i-reqid: id=f61b8618-ebcd-442c-aafe-ec1416d555b1,time=1688579040277,psid:7e9456e59e7a82827b94f105e091bc12
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
config-code: AJC_STAGE_DEFAULT

Response headers

date: Wed, 05 Jul 2023 17:44:00 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range, X-Request-ID
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Browser-Session, Page-Session, DeviceID, G2iDeviceID, Config-Code, authorization, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Client-Code,Site-Code,BotInfo,InitSettings,G2i-reqid
content-length: 131
x-request-id: 293db5f2-c0e0-4317-b360-047d7d5774c7

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 37ms
37ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1301209307&t=pageview&_s=1&dl=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&ul=en-us&de=UTF-8&dt=Story%20with%20a%20Lead%20Gallery&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAQCACAAI~&jid=2041139433&gjid=514767907&cid=1142072831.1688579038&tid=UA-68173767-1&_gid=1062938384.1688579038&_r=1&_slc=1&gtm=45He36s0n81W3VLHBK&cd1=np&cd4=free&cd5=news&cd6=responsive%20site&cd10=%2Flife&cd11=&cd13=%2Flife&cd14=article&cd15=5HSYR2LQ4NDYJHHEA3LXGKE2I4&cd16=premium&cd19=patricia%20murphy&cd29=politics.ajc%2Catlanta-news-metro.ajc&cd107=1688579040405.vhbbg4a&cd108=Not%20Set&cd109=Not%20Set&cd110=Not%20Set&cd111=Not%20Set&cd112=Not%20Set&cd113=Default&cd114=Not%20Set&cd115=Not%20Set&cd116=Not%20Set&cd117=Not%20Set&cd118=Not%20Set&cd119=Not%20Set&cd120=Not%20Set&cd121=Not%20Set&cd122=Not%20Set&cd123=Not%20Set&cd124=Not%20Set&cd125=Unknown&cd128=Not%20Set&cd129=Not%20Set&cd130=setCdpDlEr&cd131=Not%20Set&cd133=Not%20Set&cd134=Not%20Set&cd136=1.0.0.1&z=1110818709

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 17:44:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3d9f-216-53-153-110.ngrok-free.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 39ms
38ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6VR7Y4BTY5&gtm=45je36s0&_p=1301209307&cid=1142072831.1688579038&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1688579038&sct=1&seg=0&dl=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&dt=Story%20with%20a%20Lead%20Gallery&en=scroll&ep.useAmpClientId=true&epn.percent_scrolled=90&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VR7Y4BTY5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 17:44:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3d9f-216-53-153-110.ngrok-free.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
363 B 114ms
38ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-68173767-1&cid=1142072831.1688579038&jid=2041139433&gjid=514767907&_gid=1062938384.1688579038&_u=aADAAEABAAQCACAAI~&z=2076543289

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 05 Jul 2023 17:44:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3d9f-216-53-153-110.ngrok-free.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 55ms
54ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-68173767-1&cid=1142072831.1688579038&jid=2041139433&_u=aADAAEABAAQCACAAI~&z=1075418954

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 17:44:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 58ms
58ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-68173767-1&cid=1142072831.1688579038&jid=2041139433&_u=aADAAEABAAQCACAAI~&z=1075418954

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 17:44:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
29ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1301209307&t=event&ni=1&_s=1&dl=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&ul=en-us&de=UTF-8&dt=Story%20with%20a%20Lead%20Gallery&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=OnInit&_u=aADAAEABAAQCACAAI~&jid=&gjid=&cid=1142072831.1688579038&tid=UA-68173767-1&_gid=1062938384.1688579038&gtm=45He36s0n81W3VLHBK&cd1=np&cd4=free&cd5=news&cd6=responsive%20site&cd10=%2Flife&cd11=&cd13=%2Flife&cd14=article&cd15=5HSYR2LQ4NDYJHHEA3LXGKE2I4&cd16=premium&cd19=patricia%20murphy&cd29=politics.ajc%2Catlanta-news-metro.ajc&cd107=1688579042044.10i5vra6x&cd108=3e0ddc883fabee43a674df3dab9f8d2e&cd109=Not%20Set&cd110=Not%20Set&cd111=Not%20Set&cd112=Not%20Set&cd113=Default&cd114=Not%20Set&cd115=Not%20Set&cd116=Not%20Set&cd117=Not%20Set&cd118=Not%20Set&cd119=Not%20Set&cd120=Not%20Set&cd121=Not%20Set&cd122=Not%20Set&cd123=Not%20Set&cd124=Not%20Set&cd125=Unknown&cd128=Not%20Set&cd129=Not%20Set&cd130=-1&cd131=-1&cd133=-1&cd134=-1&cd136=1.0.0.1&z=2126979147

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:08:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20106
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK views Show response
stage-ajc-proxy-connext.azurewebsites.net/api/ 90 B
1 KB 411ms
410ms Fetch
application/json 23.99.206.151
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://stage-ajc-proxy-connext.azurewebsites.net/api/views?UserId=3e0ddc883fabee43a674df3dab9f8d2e&ConfigCode=AJC_STAGE_DEFAULT&SiteCode=AJC
Requested by: Host: engage-connext.ajc.com
URL: https://engage-connext.ajc.com/stage/ajc/t8y9347t.min.js?202365
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.206.151 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9

Request headers

source-system: Plugin
site-code: AJC
autoqa: false
accept-language: de-DE,de;q=0.9
settingskey: null
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE3NjA1NzkwNDB9.USy2oN_CiLrfQ75EvSWTLIveibPCgpRhFriTFxYWNGc
ssid: 7e9456e59e7a82827b94f105e091bc12
x-g2idata: {"er":-1,"erp":-1,"cr":-1,"crp":-1,"g2ideviceid":"28822b65-4243-45be-8e6f-fd6d12c15970","er_expire_date":1688593440,"interests":[]}
environment: stage
config-code: AJC_STAGE_DEFAULT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json
access-control-allow-origin: *
accept: application/json
location: System
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
version: Version: 2.8.4.2

Response headers

Expires: -1
Pragma: no-cache
Date: Wed, 05 Jul 2023 17:44:02 GMT
Content-Encoding: gzip
X-Server-Time: 7/5/2023 5:44:03 PM
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 193
Request-Context: appId=cid-v1:c733c9c7-131b-4179-9e83-53c6830d9422

OPTIONS
H/1.1 200
OK views
stage-ajc-proxy-connext.azurewebsites.net/api/ Frame 0
0 581ms
202ms Preflight 23.99.206.151
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://stage-ajc-proxy-connext.azurewebsites.net/api/views?UserId=3e0ddc883fabee43a674df3dab9f8d2e&ConfigCode=AJC_STAGE_DEFAULT&SiteCode=AJC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.206.151 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version,x-g2idata
Access-Control-Request-Method: GET
Origin: https://3d9f-216-53-153-110.ngrok-free.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version,x-g2idata
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Wed, 05 Jul 2023 17:44:02 GMT
X-Powered-By: ASP.NET

GET
H3 200 gaAccount Show response
sandbox.tinypass.com/api/v3/anon/assets/ 76 B
385 B 402ms
402ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.tinypass.com/api/v3/anon/assets/gaAccount?aid=LaROuvoBsu&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonp9438

Requested by

Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f35ca7391688fe31e9861479d2bfad8425eda3d50a8730e99dd5df09b1d85a53

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:44:02 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
wn: sandbox-vx-dash-10-13-78-76
server: cloudflare
p3p: CP="NON DSP COR OUR IND"
access-control-allow-origin: *
server-time: 0.064
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
cf-ray: 7e2169e61adf371b-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: Xex3cxr3TPL

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Jul 2023 17:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2361
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 05 Jul 2023 19:04:41 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
29ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1301209307&t=event&ni=1&_s=1&dl=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&ul=en-us&de=UTF-8&dt=Story%20with%20a%20Lead%20Gallery&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MeterStart&el=%7B%22ConversationName%22%3A%22Not%20Set%22%2C%22MeterLevel%22%3A%22Metered%22%2C%22ConversationDateStarted%22%3A%22Not%20Set%22%2C%22ConversationDateEnded%22%3A%22Not%20Set%22%2C%22ConversationDateExpiratation%22%3A%22Not%20Set%22%2C%22ConversationPaywallLimit%22%3A%22Not%20Set%22%2C%22ArticleViews%22%3A%22Not%20Set%22%7D&_u=aADAAEABAAQCACAAI~&jid=&gjid=&cid=1142072831.1688579038&tid=UA-68173767-1&_gid=1062938384.1688579038&gtm=45He36s0n81W3VLHBK&cd1=np&cd4=free&cd5=news&cd6=responsive%20site&cd10=%2Flife&cd11=&cd13=%2Flife&cd14=article&cd15=5HSYR2LQ4NDYJHHEA3LXGKE2I4&cd16=premium&cd19=patricia%20murphy&cd29=politics.ajc%2Catlanta-news-metro.ajc&cd107=1688579043516.vo1tffwl&cd108=3e0ddc883fabee43a674df3dab9f8d2e&cd109=Not%20Set&cd110=Not%20Set&cd111=Not%20Set&cd112=Not%20Set&cd113=Default&cd114=Unknown&cd115=Metered&cd116=Not%20Set&cd117=Not%20Set&cd118=Not%20Set&cd119=Not%20Set&cd120=Not%20Set&cd121=Not%20Set&cd122=Not%20Set&cd123=Not%20Set&cd124=Not%20Set&cd125=Unknown&cd128=Not%20Set&cd129=Not%20Set&cd130=-1&cd131=-1&cd133=-1&cd134=-1&cd136=1.0.0.1&z=1473270606

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:08:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20107
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events
dev-events.mg2insights.com/ 0
339 B 366ms
268ms Ping
text/plain 35.244.194.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev-events.mg2insights.com/events?g2i-reqid=USER_REQ%3Ars-empty%2Cexpired*dt-*id-293db5f2-c0e0-4317-b360-047d7d5774c7%7CAPIDL_STATUS%3Adid_fp%3D3e0ddc883fabee43a674df3dab9f8d2e%2Cdid_update_ls%3D3e0ddc883fabee43a674df3dab9f8d2e%2Cdid_actual%3D3e0ddc883fabee43a674df3dab9f8d2e%2Cempty%2Cbefore_get_user%2Cls_apiDl_is_empty%2Cg2i%3D%2Cbef-fet%3Apath%3D%2Fuser%2Bid%3Df61b8618-ebcd-442c-aafe-ec1416d555b1%2Caft-fet%3Aid%3D84e6-%3E293db5f2-c0e0-4317-b360-047d7d5774c7%2Cafter_get_user%3D293db5f2-c0e0-4317-b360-047d7d5774c7%2Cstatus_code%3D200%2Cset_ls_success%3Dtrue%2Cdid_ls_onupdate%3D3e0ddc883fabee43a674df3dab9f8d2e%2Cga-er%3D-1%2Cdid_actual_after%3D3e0ddc883fabee43a674df3dab9f8d2e%2Cdid_ls_after%3D3e0ddc883fabee43a674df3dab9f8d2e%2Cexpired%2Cbefore_get_user%2Cg2i%3D28822b65-4243-45be-8e6f-fd6d12c15970%7C
Requested by: Host: engage-g2insights.ajc.com
URL: https://engage-g2insights.ajc.com/stage/ajc/g2i.min.js?202365
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.194.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.194.244.35.bc.googleusercontent.com
Software: nginx/1.21.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Jul 2023 17:44:04 GMT
via: 1.1 google
server: nginx/1.21.1
access-control-max-age: 1728000
access-control-allow-methods: POST, OPTIONS, POST, OPTIONS
access-control-allow-origin: *, *
access-control-expose-headers: Content-Length,Content-Range, X-Request-ID
alt-svc: clear
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Client-Code,Site-Code,G2i-reqid, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Client-Code,Site-Code,G2i-reqid
content-length: 0
x-request-id: a0e9e67b-d5fe-47ab-9299-6fa0671e1469

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
30ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1301209307&t=event&ni=1&_s=1&dl=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&ul=en-us&de=UTF-8&dt=Story%20with%20a%20Lead%20Gallery&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=PageView&el=%7B%22Page%22%3A%22Story%20with%20a%20Lead%20Gallery%22%2C%22ContentType%22%3A%22article%22%2C%22MeterLevel%22%3A%22Metered%22%7D&_u=aADAAEABAAQCACAAI~&jid=&gjid=&cid=1142072831.1688579038&tid=UA-68173767-1&_gid=1062938384.1688579038&gtm=45He36s0n81W3VLHBK&cd1=np&cd4=free&cd5=news&cd6=responsive%20site&cd10=%2Flife&cd11=&cd13=%2Flife&cd14=article&cd15=5HSYR2LQ4NDYJHHEA3LXGKE2I4&cd16=premium&cd19=patricia%20murphy&cd29=politics.ajc%2Catlanta-news-metro.ajc&cd107=1688579043717.8rvwzaw&cd108=3e0ddc883fabee43a674df3dab9f8d2e&cd109=Not%20Set&cd110=Not%20Set&cd111=Not%20Set&cd112=Not%20Set&cd113=Default&cd114=Unknown&cd115=Metered&cd116=MTR_C1&cd117=1&cd118=1&cd119=2&cd120=2023-07-05T17%3A44%3A03Z&cd121=Not%20Set&cd122=2023-08-19T17%3A44%3A03Z&cd123=Not%20Set&cd124=Not%20Set&cd125=Unknown&cd128=Not%20Set&cd129=Not%20Set&cd130=-1&cd131=-1&cd133=-1&cd134=-1&cd136=1.0.0.1&z=1781660588

Requested by

Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:08:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20107
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.js Show response
cdn.pranmcpkx.com/ 7 KB
2 KB 30ms
30ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pranmcpkx.com/index.js
Requested by: Host: engage-connext.ajc.com
URL: https://engage-connext.ajc.com/stage/ajc/t8y9347t.min.js?202365
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBD) /
Resource Hash: 6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jul 2023 17:44:03 GMT
content-encoding: gzip
content-md5: nynBpfvYghYqzIzsvfssRw==
age: 21497
x-cache: HIT
content-length: 2382
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jun 2022 17:08:13 GMT
server: ECAcc (frc/4CBD)
etag: 0x8DA5083F65AD9E0
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: a3e95e84-601e-0008-7e36-afedb1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 39ms
38ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6VR7Y4BTY5&gtm=45je36s0&_p=1301209307&cid=1142072831.1688579038&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1688579038&sct=1&seg=1&dl=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&dt=Story%20with%20a%20Lead%20Gallery&_s=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VR7Y4BTY5&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 17:44:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3d9f-216-53-153-110.ngrok-free.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 38ms
38ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5HXB1QX6N6&gtm=45je36s0&_p=1301209307&ul=English&cid=1142072831.1688579038&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&dl=https%3A%2F%2Fwww.ajc.com%2Flife%2Fstory-with-a-lead-gallery%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&dp=%2Flife%2Fstory-with-a-lead-gallery%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&dt=Story%20with%20a%20Lead%20Gallery&sid=1688579038&sct=1&seg=0&en=detect_user&ep.byline=patricia%20murphy&ep.content_type=article&ep.country=US&ep.date_published=20230620113619&ep.identifier=5HSYR2LQ4NDYJHHEA3LXGKE2I4&ep.paywall_status=premium&ep.publication_name=undefined&ep.site_metro=ga%3A%20atlanta&ep.site_name=ajc&ep.site_section=%2Flife&ep.subcategory=&ep.topics=politics.ajc%2Catlanta-news-metro.ajc&ep.site_version=responsive%20site&_et=4015&up.custom_user_id=&up.user_login_state=not%20logged%20in&up.user_type=anonymous
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5HXB1QX6N6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 17:44:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3d9f-216-53-153-110.ngrok-free.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e71c8f327cd7ed383f702b5b522bfe3438b9c0925eb2b03d2820a78ab0941176

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 amp-close.png
3d9f-216-53-153-110.ngrok-free.app/pf/resources/images/ 1 KB
1 KB 289ms
287ms Image
image/png 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/images/amp-close.png?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: 5e8454e72836c0597864840f3614aa41
date: Wed, 05 Jul 2023 17:44:13 GMT
etag: W/"53d-bY7AlOv+COomxoKg3s55K0djS/M"
x-powered-by: Express
content-length: 1341
content-type: image/png; charset=utf-8

GET
H2 200 sidebar-logo.png
3d9f-216-53-153-110.ngrok-free.app/pf/resources/logos/AJC/ 12 KB
12 KB 336ms
334ms Image
image/png 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/logos/AJC/sidebar-logo.png?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: 31dc3e1f966a25692db86f0b0dbd030c
date: Wed, 05 Jul 2023 17:44:13 GMT
etag: W/"c2d3-v0Hi3M1UxluuLBc/elpH0K6MuDY"
x-powered-by: Express
content-length: 49875
content-type: image/png; charset=utf-8

GET
H2 200 twitter-burger.svg
3d9f-216-53-153-110.ngrok-free.app/pf/resources/images/ 768 B
900 B 327ms
326ms Image
image/svg+xml 2a05:d014:21b:8e02::6e:2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/images/twitter-burger.svg?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e02::6e:2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a277d519a3a6f5a7b8e1c391dd9f7ec24faf8ad50c5a36f81e4d64af33cc7f13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ngrok-trace-id: 17692f368e868e1dfeffb8d8bcf33aef
date: Wed, 05 Jul 2023 17:44:13 GMT
etag: W/"300-uVds5JU+rt345VHl/GLoQaFMRcs"
x-powered-by: Express
content-length: 768
content-type: image/svg+xml; charset=utf-8

GET
H/1.1 400
Bad Request logo-full-redesign.svg
undefined-undefined-sandbox.cdn.arcpublishing.com/pf/resources/logos/AJC/ 0
0 162ms
43ms Image
text/html 2a02:26f0:480:c::210:f192
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://undefined-undefined-sandbox.cdn.arcpublishing.com/pf/resources/logos/AJC/logo-full-redesign.svg?d=%24LATEST
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:c::210:f192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 575 KB
157 KB 121ms
40ms Script
application/x-javascript 23.35.237.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/scripts/nativo.js?d=%24LATEST
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3e5740bb19928f00ac1758f504a5bb28f826600d68cd6ac62f99caa6c26e0d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 05 Jul 2023 17:44:13 GMT
Content-Encoding: gzip
x-amz-request-id: 3ZWB8H7E3M4A7XF6
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: z0lt7nrVfZAvmtw/7gO3lyKMpwZlLQwJSTjULEcj3LFbSXyefzd4rnoS4tGMc7bca2Ih0DWAVsI=
Last-Modified: Thu, 29 Jun 2023 16:37:24 GMT
Server: AmazonS3
ETag: "cbd0a976a94f93b5c095462b7c4f34a4"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 124ms
124ms Image
image/gif 18.214.42.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=sandbox.ajc.com&p=%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&u=DujnhtdrWC4fET6d&d=3d9f-216-53-153-110.ngrok-free.app&g=66001&g0=%2Flife&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=1200&o=4000&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&b=5025&t=D4aRTvB2PRfHCGmIrtCVGA_3D23mu5&V=140&tz=0&_acct=anon&sn=2&sv=DBxYVACmEyU_BLCMG5CfQg9YQAJ9m&sd=1&im=06032cda&_
Requested by: Host: 3d9f-216-53-153-110.ngrok-free.app
URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.42.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-42-180.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Jul 2023 17:44:13 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035944/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
382 B

31ms
31ms

Script
application/javascript

13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3d9f-216-53-153-110.ngrok-free.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 01:13:23 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 59451
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: mtJcVSHCkjYNkrFONaUEI1dJYbfCP8N4dketl8u3URLrTjyupKpigA==

Redirect headers

date: Wed, 05 Jul 2023 17:44:13 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: FiT2QMZd7deI6PLcVxUIb_W5m51E2tzOyTffHgOEAzgyc6Ve2lHB0g==

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 155ms
39ms Preflight 13.69.106.216
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://3d9f-216-53-153-110.ngrok-free.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Wed, 05 Jul 2023 17:44:13 GMT
x-content-type-options: nosniff

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ 866 B
1 KB 75ms
75ms XHR
application/json 13.69.106.216
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

06962343eb9ff5457c8dd1cbda8a5ce339048e119760c3067e78897363aeeb3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://3d9f-216-53-153-110.ngrok-free.app/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: C43195E8-00A6-4EB9-863C-85C7F3BAEFD2
strict-transport-security: max-age=31536000
date: Wed, 05 Jul 2023 17:44:13 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 866

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: insiderdata360online.com
URL: https://insiderdata360online.com/service/platform.js?ran=0.8173437322000534

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4	1969-12-31 23:59:59	Name: trcksesh Value: 8fcef71d-f2ff-407a-b7fe-93d865dc5815
3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 21:48:35	Name: usprivacy Value: 1---
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 15:12:35	Name: _gcl_au Value: 1.1.1862706647.1688579038
3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 21:48:35	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Jul+05+2023+17%3A43%3A58+GMT%2B0000+(GMT)&version=202211.2.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2F3d9f-216-53-153-110.ngrok-free.app%2F5HSYR2LQ4NDYJHHEA3LXGKE2I4%2F&groups=1xOT%3A1%2C3xOT%3A1%2C4xOT%3A1%2C2xOT%3A1
3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 13:02:59	Name: __adblocker Value: false
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 22:31:47	Name: _cb Value: DujnhtdrWC4fET6d
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 22:31:47	Name: _chartbeat2 Value: .1688579038201.1688579038201.1.DBxYVACmEyU_BLCMG5CfQg9YQAJ9m.1
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 13:03:00	Name: _cb_svref Value: null
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 15:12:35	Name: _fbp Value: fb.2.1688579038270.1611073091
apps.rokt.com/	1969-12-31 23:59:59	Name: akaalb_Instance-1 Value: ~op=Prod_WSDK_S3:Prod-SDK-S3\|~rv=16~m=Prod-SDK-S3:0\|~os=141f223fa3e939d66e4926adb7c49b34~id=615c74f50777fb561811b6c83acb71e2
.quantserve.com/	1970-01-20 22:33:13	Name: mc Value: 64a5abde-55711-a317f-66550
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 13:03:02	Name: AMP_TOKEN Value: %24NOT_FOUND
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 22:38:59	Name: _ga Value: GA1.3.1142072831.1688579038
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 13:04:25	Name: _gid Value: GA1.3.1062938384.1688579038
.doubleclick.net/	1970-01-20 13:02:59	Name: test_cookie Value: CheckForPermission
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 13:02:59	Name: _gat_UA-84606567-2 Value: 1
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 22:27:27	Name: __qca Value: P0-839546849-1688579038198
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 22:31:47	Name: _pcid Value: %7B%22browserId%22%3A%22ljq0d0pia2ok0gse%22%7D
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 22:31:47	Name: _pcus Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 15:12:35	Name: __pnahc Value: 0
3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 13:04:25	Name: ln_or Value: eyIyNTA5NjgyIjoiZCJ9
.linkedin.com/	1970-01-20 15:12:35	Name: li_sugr Value: fe1640de-0d19-4ea3-9c61-f0fcc5775b58
.linkedin.com/	1970-01-20 21:48:35	Name: bcookie Value: "v=2&b3c43c35-5d83-4c52-8f87-abdfb699a2b2"
.linkedin.com/	1970-01-20 13:04:25	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2992:u=1:x=1:i=1688579038:t=1688665438:v=2:sig=AQG0BJNp8g6Ra991q5p4C_oUWZuL7h2E"
3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 21:48:35	Name: ai_user Value: sz9I/\|2023-07-05T17:43:58.619Z
.linkedin.com/	1970-01-20 13:46:11	Name: UserMatchHistory Value: AQIRkuSWn_RKcQAAAYknJ14Gf82llDctAe3dgSpkJHFIUKlfufdkObUdxwCTJjxwFfcAzHG2Y1nNiw
.linkedin.com/	1970-01-20 13:46:11	Name: AnalyticsSyncHistory Value: AQJ3XI5wVZqEewAAAYknJ14GwWpFrJrLtFfzT4451nn1hlLeuYJaAqcqxVXKKVQfkIh4VOh2cd9UN5DFC0z-AA
.piano.io/	1970-01-20 13:03:00	Name: __cf_bm Value: yl7Qt4.YhJyfkbtzGqxItSCjj.Ul372li4vtVooTfVM-1688579038-0-AWDAz1HmycpWXF4A7yVEiYXKqMK2Q3axltrtHI9BeBT4tS02/eBTyh5jOyRIjLmMy8RNgSLPOz3b8JNb7QFaK+4=
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 13:46:11	Name: __pat Value: -14400000
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 22:31:47	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
.www.linkedin.com/	1970-01-20 21:48:35	Name: bscookie Value: "v=1&20230705174358ef48346c-cb88-4c4e-8d7d-0be2b4d9144cAQEilFbAXxpJlPynqAXL4jbQfgYQb5Y-"
.linkedin.com/	1970-01-20 17:22:11	Name: li_gc Value: MTswOzE2ODg1NzkwMzg7MjswMjH9FlH2RhgyaMY1Pu5hqki7ZfxFkRts6Y6RnJjF8FWFww==
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 22:38:59	Name: anonDeviceId Value: 3e0ddc883fabee43a674df3dab9f8d2e
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 22:38:59	Name: nxt_last_visit Value: 1688579040273
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 13:02:59	Name: _gat_UA-68173767-1 Value: 1
3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 13:03:00	Name: ai_session Value: RNUB5\|1688579040455.2\|1688579040455.2
3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 13:07:18	Name: local_user_data_AJC_AJC_STAGE_DEFAULT_STAGE Value: {"UserData":{"DigitalAccess":{"AccessLevel":{}},"MasterId":null},"UserState":"Logged Out"}
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 13:04:25	Name: sub_nxt_upd_ac_AJC_AJC_STAGE_DEFAULT_STAGE Value: 1
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 22:38:59	Name: sub_nxt_AJC_AJC_STAGE_DEFAULT_STAGE Value: {%222%22:{%22100225%22:{%22ac%22:1%2C%22ac_d%22:1%2C%22s%22:1688579043399}%2C%22_ac_d%22:1%2C%22_ac%22:1%2C%22_acnv%22:%22100225%22}}
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 22:38:59	Name: _ga_6VR7Y4BTY5 Value: GS1.1.1688579038.1.1.1688579043.0.0.0
3d9f-216-53-153-110.ngrok-free.app/	1969-12-31 23:59:59	Name: ntvSession Value: {}
.3d9f-216-53-153-110.ngrok-free.app/	1970-01-20 22:38:59	Name: _ga_5HXB1QX6N6 Value: GS1.1.1688579038.1.1.1688579053.0.0.0

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: Failed to decode downloaded font: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/gorditaregular-webfont.woff2?d=%24LATEST
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: Failed to decode downloaded font: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/gorditamedium-webfont.woff2?d=%24LATEST
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: OTS parsing error: Size of decompressed WOFF 2.0 is less than compressed size
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: Failed to decode downloaded font: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/gorditabold-webfont.woff2?d=%24LATEST
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: Failed to decode downloaded font: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/Average-Regular.ttf?d=%24LATEST
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: OTS parsing error: pGD: misaligned table
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: Failed to decode downloaded font: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/weather.ttf?d=%24LATEST
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: OTS parsing error: 0OS: misaligned table
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: Failed to decode downloaded font: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/Lora-Regular.ttf?d=%24LATEST
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: OTS parsing error: ¿½GP: misaligned table
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: Failed to decode downloaded font: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/Lora-Medium.ttf?d=%24LATEST
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: OTS parsing error: ¿½GP: misaligned table
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: Failed to decode downloaded font: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/Lora-Bold.ttf?d=%24LATEST
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: OTS parsing error: ¿½GP: misaligned table
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: Failed to decode downloaded font: https://3d9f-216-53-153-110.ngrok-free.app/pf/resources/dist/fonts/Graduate-Regular.ttf?d=%24LATEST
other	warning	URL: https://3d9f-216-53-153-110.ngrok-free.app/5HSYR2LQ4NDYJHHEA3LXGKE2I4/(Line 179) Message: OTS parsing error: pGD: misaligned table
network	error	URL: https://insiderdata360online.com/service/platform.js?ran=0.8173437322000534 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://undefined-undefined-sandbox.cdn.arcpublishing.com/pf/resources/logos/AJC/logo-full-redesign.svg?d=%24LATEST Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3d9f-216-53-153-110.ngrok-free.app
ampcid.google.com
ampcid.google.de
ams-pageview-public.s3.amazonaws.com
api-mg2.db-ip.com
apps.rokt.com
atr.veritonicmetrics.com
az416426.vo.msecnd.net
c.amazon-adsystem.com
c2-sandbox.piano.io
cdn.brandmetrics.com
cdn.cookielaw.org
cdn.linkedin.oribi.io
cdn.pranmcpkx.com
cdn.resonate.com
cdn.veritonic.com
connect.facebook.net
dc.services.visualstudio.com
dev-api.mg2insights.com
dev-events.mg2insights.com
engage-connext.ajc.com
engage-fp.ajc.com
engage-g2insights.ajc.com
engage.ajc.com
geolocation.onetrust.com
googleads.g.doubleclick.net
htlbid.com
insiderdata360online.com
mab.chartbeat.com
paywall-ad-bucket.s3.amazonaws.com
ping.chartbeat.net
pixel.quantserve.com
polyfill.io
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
rules.quantcount.com
s.ntv.io
sandbox.tinypass.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
snap.licdn.com
stage-ajc-proxy-connext.azurewebsites.net
static.chartbeat.com
stats.g.doubleclick.net
thefontzone.com
undefined-undefined-sandbox.cdn.arcpublishing.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.npttech.com
insiderdata360online.com
104.18.13.242
104.26.5.15
107.20.249.201
13.107.42.14
13.32.110.105
13.32.99.105
13.69.106.216
143.204.221.63
18.214.42.180
2001:4860:4802:34::36
23.35.237.64
23.99.206.151
2600:9000:2057:e200:18:1fcd:353:c61
2600:9000:20eb:1e00:2:53b2:240:93a1
2600:9000:21f3:d200:1e:549f:95c0:93a1
2600:9000:223c:f400:6:44e3:f8c0:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::681a:c12
2606:4700::6810:f015
2606:4700::6811:bab1
2606:4700::6812:1c26
2606:4700::6812:aa72
2606:4700:e2::ac40:8f26
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:803::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c0b::9a
2a02:26f0:3100::1735:28a9
2a02:26f0:480:c::210:f192
2a02:26f0:480:f::213:7ec8
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::282
2a04:4e42:200::714
2a05:d014:21b:8e02::6e:2
35.190.81.243
35.244.194.113
52.216.76.44
52.84.174.43
54.231.132.145
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
06962343eb9ff5457c8dd1cbda8a5ce339048e119760c3067e78897363aeeb3a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0744b5a06712d19c1b72db9691015da5567bda61a5a05ed27b60834cd2e6dfcf
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
09bae7eb6b99ef05e30ad9ccfb0facc571570303212a4281902c8dc54477339d
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
17213b5c168ad5aaa9fa1a1fafa0312eca5592af5f2646a5d8452b06b0ae0d97
19681ff1881ad9386204d5768fb008ba7cf14a0769535143ee78fb6c05df0548
1c9fa957b363d0f89fcfff692e3dea2082b1f82a1be9e742f94c383f7a51e96a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2617332e28c2a433229f581865eeda437dcc8f4506b1c46f7969038f04d80b4a
26983d8656b32b0ebe403c19e3f74263c00c1de6b271cf6522361c2f31bb258a
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
2dee57d54fb6a1ff97b0f26f6d93a48973f8e4225e4affa6b2542b4961d18ac3
2f4bc7230fe2d17b6b4c32f261c48da00021b2e2ba8e692de5cf6dfc195993ae
3b11ad70561211c03a241d73acd8fca1abbdcae470d4d35e16431bd42b5c772a
3e546f6985ad6d7ce8297983f27155787a38cdb26818f857f79344d369468bea
3e5740bb19928f00ac1758f504a5bb28f826600d68cd6ac62f99caa6c26e0d5c
40bd201d8981c6fde06fd8fa2c31de3ee5b61e0c6b6e2c83f8e14250a5e2635b
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
418e53d1420eb784c7195ff8e36790bb85774fa61fdd403e5420bc2f344378e9
423132877beb4612248e46f88186f367dbf03357b489676ec92608911e5faa34
42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63
42dd4549f6c45512dd4006edc03a18addd489c2066f0fbc5457f11af26a2d308
45645d99e775050ece2b2a76a67efd530d9b69eca984682677d97d5392f6e009
479c536a4d92d5579b67e254dba7f7fab081becc68aa50e3db3b208584379a7d
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
4e24d4917e52ed1911b18aed8a77267846cc264b391014b5e6404df8eaba8e11
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
52543b265097587d6e0077cae948e5d682d5702c78892c310ef4ab941e57193d
540fcf956a9796276331d2a1b2c7e034947bf93502964457c2037f6466c450e0
55e2747afacbe4c62d894074bab69d185cc5898cee714f5786bc59919bb6c00c
561c37dd8e1b8a9bc6d9b5d9e620fa080452bf68ae4cf31ad2588697f82a88f6
567812b18c4feb7691cbcd437ee0c5a3a53a9383b8fc07e1e4bf11e7a2fff335
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5f1e95cf28df1116f4b350aa7dfcaa021b36e7f3a088b7ae4ccb64caf97e671a
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6399ea7ff0723d0e5ad7375ad62d36754e9e563e35a9257059501a9d1961b935
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6653d2cca03c490c0032cd74205c6c37a494ea31ac1c46aec8e55c7017c1b3f9
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
717889340f7541123677b617230b01e2fdd83f4a692e5e15dd8dc19fc5f9b376
787ad1808f0fb94acf920c764b7ad290f723f9eaba01c5a8c113f4b7abe107c4
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bb4ae482f4a791de91dcc776901f4fab5d1856f88538a38cbd63646b26c5ee0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
8cac3523f9e11f7539b85ad276d382fb96b539fd1d40a1eb052be209096080ba
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
952351bbf7a62c4e1c97623f9cad163340753b44fdafb36cc9f4c9da8fa5e5b3
986aea70763fb622c061f0e8662cbfc3d3e812b6a6119eecd041868f0b3fd21b
98bb9de2e5224fa29d86725f1fc45abac4558817df644c2ebb62beb57b0bfc1b
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a277d519a3a6f5a7b8e1c391dd9f7ec24faf8ad50c5a36f81e4d64af33cc7f13
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a89cee60f0cd859bdda29fef66aee173061cf6decc3ffec900b48ab3ddbddebf
a94fd698cf13c42a6965a3c5b6a8f64fa4db107c82bb53bb36e5aefcb0a8f75b
ac1ffc09bed6c60c5ca73fa980799a674eb3e2050e063e8b91fa9357d7ac0e59
acd09a7a6b3f0b2e8218b61142980d1cc44fc2de7dc07af5174d9f7d494796b3
acd14c91ae67282fe298459d4354e8b14ea92d23e9b70c383ba89592165930da
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b232b740e35e175a9a671a7695fc317efc0d86304efd2733f0f8d70105c744c9
b7c1418193466eb02810f5bb3b40e41e50acb1384535b893110c6c8acfb1822e
bcdb2c719c2f3a205b8dac169c74e52974d291eb66a57f49d6027262da6828eb
bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9
bf8abb7afc1f7a783bf2ba79eae4e6c85ef6f96b154e745b87389a95ecae3473
c19f2bce846490ddb81eb3b7ef2af6de4e65029d552f5d828e9ae47db1dee767
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cbb42420f00fc4cb15ffdc31461cefdc19f564f49d91fb260f5089263b6a7dc0
cc041ebd905f9e796e9e8e224685f03710f5d47e6faa50c6a7e9b34e0ee0b43b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe621e93f0d8c8234020ec9ebd360f85578e38cc6d47890978b4f117f73fd9a
d07e0e02fe72a907ae40c2dd8651adeeef1e069ecaed7c5b769c57886858cf1c
d13995a80540cd5691ce387c462f0cc2a24426a4e5973291ee09d70c0223e50c
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0b19a204f2619e51422f673be17c36b5212021bec10f9bb0571b22d68ff5f5a
e1f01b424dded0aa85e07bdcfe58b12fbe07f2cde6820427acbe9ffa20b40d98
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e26326b3f3b4f9a11ae9ffee71d580831ac785b8bb584046bd9f91f02254af39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71c8f327cd7ed383f702b5b522bfe3438b9c0925eb2b03d2820a78ab0941176
ec92accae730d744155e8ca2aeca9cd81977ee58fb41a9a403849af7209af04d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35ca7391688fe31e9861479d2bfad8425eda3d50a8730e99dd5df09b1d85a53
fe15430b4342c1710d437e2241cfe3d286774afc2fd86a5821e1889f1117fd1d
ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba

3d9f-216-53-153-110.ngrok-free.app Open in urlscan Pro 2a05:d014:21b:8e02::6e:2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

128 Requests

98 %HTTPS

67 %IPv6

41 Domains

55 Subdomains

48 IPs

5 Countries

26839 kBTransfer

30766 kBSize

42 Cookies

1 Outgoing links

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

3d9f-216-53-153-110.ngrok-free.app Open in urlscan Pro
2a05:d014:21b:8e02::6e:2 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

98 %
HTTPS

67 %
IPv6

41
Domains

55
Subdomains

48
IPs

5
Countries

26839 kB
Transfer

30766 kB
Size

42
Cookies

128 HTTP transactions
1 data transactions