www.gettoggle.com Open in urlscan Pro
143.204.94.72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pf.toggle.com/s/4/0/40174-79699-snood.exe
Effective URL:
https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Submission: On October 06 via manual (October 6th 2020, 6:49:39 pm UTC) from CA

Summary HTTP 78 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 30 domains to perform 78 HTTP transactions. The main IP is 143.204.94.72, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.gettoggle.com.
TLS certificate: Issued by Amazon on September 24th 2020. Valid for: a year.

This is the only time www.gettoggle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.23.209.90 23.23.209.90	14618 (AMAZON-AES) (AMAZON-AES)
11	143.204.94.72 143.204.94.72	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	99.86.243.49 99.86.243.49	16509 (AMAZON-02) (AMAZON-02)
8	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
2	151.139.128.8 151.139.128.8	20446 (HIGHWINDS3) (HIGHWINDS3)
1	99.86.244.81 99.86.244.81	16509 (AMAZON-02) (AMAZON-02)
1	184.73.172.209 184.73.172.209	14618 (AMAZON-AES) (AMAZON-AES)
2 3	23.37.42.150 23.37.42.150	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.152.90.171 54.152.90.171	14618 (AMAZON-AES) (AMAZON-AES)
4	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
2	35.194.81.74 35.194.81.74	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE)
1	52.84.116.87 52.84.116.87	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:84f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	35.190.25.25 35.190.25.25	15169 (GOOGLE) (GOOGLE)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.113.208 151.101.113.208	54113 (FASTLY) (FASTLY)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.94.3 143.204.94.3	16509 (AMAZON-02) (AMAZON-02)
2	52.8.216.17 52.8.216.17	16509 (AMAZON-02) (AMAZON-02)
10	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.155.253.5 54.155.253.5	16509 (AMAZON-02) (AMAZON-02)
78	35

1 23.23.209.90 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-209-90.compute-1.amazonaws.com

pf.toggle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 143.204.94.72 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-72.fra50.r.cloudfront.net

www.gettoggle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.243.49 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-49.vie50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.96.102.137 (United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.8 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.244.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-244-81.vie50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.73.172.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-172-209.compute-1.amazonaws.com

www.quotelab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.150 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-150.deploy.static.akamaitechnologies.com

www.nextinsure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.pretected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.152.90.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-90-171.compute-1.amazonaws.com

api.gettoggle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.194.81.74 (United States)

ASN15169 (GOOGLE, US)
PTR: 74.81.194.35.bc.googleusercontent.com

r3.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.116.87 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-116-87.sof50.r.cloudfront.net

djnf6e5yyirys.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:84f (United States)

ASN13335 (CLOUDFLARENET, US)

js.appboycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.25.25 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 25.25.190.35.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.208 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

sdk.iad-03.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.3 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-3.fra50.r.cloudfront.net

cdn1.friendbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.8.216.17 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-216-17.us-west-1.compute.amazonaws.com

ws.friendbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.70.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.53.111 (United States)

ASN13335 (CLOUDFLARENET, US)

toggle.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.253.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-253-5.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	gettoggle.com www.gettoggle.com api.gettoggle.com	1 MB
10	zdassets.com static.zdassets.com ekr.zdassets.com	552 KB
10	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com r3.visualwebsiteoptimizer.com	212 KB
5	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	89 KB
4	googleapis.com maps.googleapis.com	126 KB
3	friendbuy.com cdn1.friendbuy.com ws.friendbuy.com	3 KB
3	stripe.com js.stripe.com	48 KB
3	cloudflare.com cdnjs.cloudflare.com	34 KB
2	zendesk.com toggle.zendesk.com	2 KB
2	braze.com sdk.iad-03.braze.com	504 B
2	google.de ampcid.google.de www.google.de	601 B
2	google.com ampcid.google.com www.google.com	675 B
2	facebook.net connect.facebook.net	30 KB
2	pretected.com 1 redirects i.pretected.com	1 KB
2	fontawesome.com pro.fontawesome.com	103 KB
1	doubleclick.net googleads.g.doubleclick.net	1 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	6 KB
1	googleadservices.com www.googleadservices.com	11 KB
1	mixpanel.com api-js.mixpanel.com	328 B
1	appboycdn.com js.appboycdn.com	37 KB
1	cloudfront.net djnf6e5yyirys.cloudfront.net	42 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
1	google-analytics.com www.google-analytics.com	18 KB
1	bing.com bat.bing.com	8 KB
1	mxpnl.com cdn.mxpnl.com	27 KB
1	nextinsure.com 1 redirects www.nextinsure.com	1022 B
1	quotelab.com www.quotelab.com
1	segment.com cdn.segment.com	87 KB
1	ravenjs.com cdn.ravenjs.com	14 KB
1	toggle.com 1 redirects pf.toggle.com	230 B
78	30

	Domain	Requested by
11	www.gettoggle.com	www.gettoggle.com
9	static.zdassets.com	www.gettoggle.com static.zdassets.com
8	dev.visualwebsiteoptimizer.com	www.gettoggle.com dev.visualwebsiteoptimizer.com cdn.ravenjs.com
4	maps.googleapis.com	www.gettoggle.com maps.googleapis.com
3	cdn.krxd.net	www.gettoggle.com cdn.krxd.net
3	js.stripe.com	www.gettoggle.com js.stripe.com
3	cdnjs.cloudflare.com	www.gettoggle.com
2	toggle.zendesk.com	cdn.ravenjs.com static.zdassets.com
2	ws.friendbuy.com	cdn.ravenjs.com
2	sdk.iad-03.braze.com	cdn.ravenjs.com
2	connect.facebook.net	cdn.segment.com connect.facebook.net
2	r3.visualwebsiteoptimizer.com	cdn.ravenjs.com
2	api.gettoggle.com	cdn.ravenjs.com
2	i.pretected.com	1 redirects www.gettoggle.com
2	pro.fontawesome.com	www.gettoggle.com pro.fontawesome.com
1	beacon.krxd.net	cdn.krxd.net
1	ekr.zdassets.com	cdn.ravenjs.com
1	cdn1.friendbuy.com	cdn.ravenjs.com
1	www.google.de	www.gettoggle.com
1	www.google.com	www.gettoggle.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	maxcdn.bootstrapcdn.com	js.appboycdn.com
1	ampcid.google.de	cdn.ravenjs.com
1	www.googleadservices.com	www.googletagmanager.com
1	api-js.mixpanel.com	cdn.ravenjs.com
1	ampcid.google.com	cdn.ravenjs.com
1	js.appboycdn.com	cdn.segment.com
1	djnf6e5yyirys.cloudfront.net	cdn.segment.com
1	www.googletagmanager.com	cdn.segment.com
1	www.google-analytics.com	cdn.segment.com
1	bat.bing.com	cdn.segment.com
1	cdn.mxpnl.com	cdn.segment.com
1	consumer.krxd.net	cdn.krxd.net
1	www.nextinsure.com	1 redirects
1	www.quotelab.com	www.gettoggle.com
1	cdn.segment.com	www.gettoggle.com
1	cdn.ravenjs.com	www.gettoggle.com
1	pf.toggle.com	1 redirects
78	38

This site contains no links.

Subject Issuer	Validity	Valid
*.gettoggle.com Amazon	`2020-09-24` - `2021-10-24`	a year	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
osff.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-05-20` - `2020-12-18`	7 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2020-09-22` - `2021-02-03`	4 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2020-06-12` - `2021-07-27`	a year	crt.sh
quotelab.com Amazon	`2020-09-06` - `2021-10-08`	a year	crt.sh
www.quinstreet.com GeoTrust RSA CA 2018	`2020-09-07` - `2020-12-16`	3 months	crt.sh
cdn.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-05` - `2021-03-06`	a year	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
*.mxpnl.com RapidSSL RSA CA 2018	`2019-07-29` - `2021-07-28`	2 years	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-13` - `2021-08-13`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
d2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-17` - `2021-08-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.friendbuy.com Amazon	`2020-04-28` - `2021-05-28`	a year	crt.sh
ssl911790.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-05-20` - `2020-11-26`	6 months	crt.sh
toggle.zendesk.com Cloudflare Inc ECC CA-3	`2020-06-18` - `2021-06-18`	a year	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-30` - `2021-01-30`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Frame ID: 2BA5BE4FD75E7D0CFAF2C2223BC64B26
Requests: 62 HTTP requests in this frame

Frame: https://www.quotelab.com/p/thHn13Pk9n5cfgMQDqnMW3bYzJ4hlg?u=1
Frame ID: 49A77A90E5BE1E5CF94AB99952A1F65D
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-78285a3ed27008d69d35e765fbb00dd5.html
Frame ID: 53B53E7F18EBED291FC0B8C9E045338A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: C8A6C81CD7360DF431DA9ECBD792DF11
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.78fb78df072fb5fc0997.js
Frame ID: 8A0F75EF915EF1463EA3AE83B0E4749C
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f05f675c791120d177d112a6bf98fc69.html
Frame ID: BD8D4D182907A7BE80DC0B4371F2705B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://pf.toggle.com/s/4/0/40174-79699-snood.exe HTTP 301
https://www.gettoggle.com/s/4/0/40174-79699-snood.exe Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Page Statistics

78
Requests

99 %
HTTPS

43 %
IPv6

30
Domains

38
Subdomains

35
IPs

5
Countries

2546 kB
Transfer

8767 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pf.toggle.com/s/4/0/40174-79699-snood.exe HTTP 301
https://www.gettoggle.com/s/4/0/40174-79699-snood.exe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.nextinsure.com/ListingDisplay/Outcome/?O=9822061005 HTTP 302
https://i.pretected.com/ListingDisplay/Outcome/?O=9822061005 HTTP 302
https://i.pretected.com/ListingDisplay/Outcome/spacer.gif?ts=637375889798828744

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 40174-79699-snood.exe Show response
www.gettoggle.com/s/4/0/
Redirect Chain

http://pf.toggle.com/s/4/0/40174-79699-snood.exe
https://www.gettoggle.com/s/4/0/40174-79699-snood.exe

8 KB
4 KB

631ms
519ms

Document
text/html

143.204.94.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68478bb908e2c033097f3392d2930c2489f90c47dd37a03ff7840be24efebf04

Request headers

:method: GET
:authority: www.gettoggle.com
:scheme: https
:path: /s/4/0/40174-79699-snood.exe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html
date: Tue, 06 Oct 2020 18:49:17 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=0
last-modified: Thu, 30 Jul 2020 15:54:00 GMT
etag: W/"ab5c1b8a6e3002b82f2ec8075f402056"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: TK0oRu6ED7aPBxgYSFZHCWXl0DdjrTAIoN-tRLqnnvH4zbkOj8UoyA==

Redirect headers

Server: awselb/2.0
Date: Tue, 06 Oct 2020 18:49:15 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://www.gettoggle.com:443/s/4/0/40174-79699-snood.exe

GET
H2 200 GT-Haptik-Regular.woff2
www.gettoggle.com/9db0807/fonts/ 33 KB
33 KB 137ms
135ms Font
font/woff2 143.204.94.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gettoggle.com/9db0807/fonts/GT-Haptik-Regular.woff2
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc5a2f1fad1e8d2faecc93d950c930a23f2c51e587881cffca144f04d32bf6a6

Request headers

Origin: https://www.gettoggle.com
Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 02:31:04 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jul 2020 15:54:00 GMT
server: AmazonS3
age: 2218693
etag: "05acd59d123b958880eb53c3a6e09007"
x-cache: Hit from cloudfront
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
content-length: 33520
x-amz-request-id: 1P6K8X8Z6P3Y7H6J
x-amz-id-2: q/TP1+86my4mk09PndL59zQ5+GxuDOay5NAD/zGtIvoqoCHeK8LDYu9+aCGsS3ayrESqWCDHcHU=
x-amz-cf-id: RAuz9oI4dcmnPHc26aneouM5nOtAECSYOdpfAcFicbKhpP1Nn4Bdvw==

GET
H2 200 GT-Haptik-Bold.woff2
www.gettoggle.com/9db0807/fonts/ 35 KB
35 KB 91ms
89ms Font
font/woff2 143.204.94.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gettoggle.com/9db0807/fonts/GT-Haptik-Bold.woff2
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4b5bab95d61ca9afc4427f33cadc6d43844a6ebe7794c08924d4206f10ac64d

Request headers

Origin: https://www.gettoggle.com
Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 19 Sep 2020 00:12:51 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jul 2020 15:54:00 GMT
server: AmazonS3
age: 1535785
etag: "b6e800d9bf208e9b11db80b2e80a60da"
x-cache: Hit from cloudfront
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
content-length: 35832
x-amz-request-id: 5V8P2R5Z9X1J2V7T
x-amz-id-2: 5dM5e3+eMToFBj1+t/Fl/YG1AU8lWBUSWox7dqeKEUsI9191L1T7FT7bC1znzELp39lKO1xfB80=
x-amz-cf-id: MtbNVFSHj7syuwEGxlivYCGqCuHQVsNVhhfIX5Mm5ME7PmgLjlk0Ug==

GET
H2 200 Francisco.woff2
www.gettoggle.com/9db0807/fonts/ 65 KB
66 KB 167ms
165ms Font
font/woff2 143.204.94.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gettoggle.com/9db0807/fonts/Francisco.woff2
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09cbfdb435e057769f8cca830918333f4694706db624f7e725fa140d7b0a8670

Request headers

Origin: https://www.gettoggle.com
Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 01:06:25 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jul 2020 15:54:00 GMT
server: AmazonS3
age: 841372
etag: "d521f33c8700e729c0ce5b13e7ec6108"
x-cache: Hit from cloudfront
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
content-length: 66900
x-amz-request-id: A53068FACDCA28B0
x-amz-id-2: 6d1GrPXWX31I3Ejgqa+9SzZIzdO/iqrjB/YE5kNJLxYvqgCVFCB5qZUE+3y+GIiY/guWqT0s6WY=
x-amz-cf-id: wwE6v8Lk0Ga9eiLHkAGSj0IMpVjIRPMmty0HoBWIf39SO0VgKrHZyA==

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 1 KB
496 B 36ms
22ms Stylesheet
text/css 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css

Requested by

Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1710866
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 382
cf-request-id: 05a0d8250700001f313c3e3200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
etag: "5eb03fd5-50a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602010156"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5de18fb4de7a1f31-FRA
expires: Sun, 26 Sep 2021 18:49:16 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 2 KB
1 KB 35ms
21ms Stylesheet
text/css 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css

Requested by

Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1017632
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 637
cf-request-id: 05a0d8250700001f313c3e4200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
etag: "5eb03fd5-92d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602010156"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5de18fb4de7f1f31-FRA
expires: Sun, 26 Sep 2021 18:49:16 GMT

GET
H2 200 main.4132c634.chunk.css
www.gettoggle.com/9db0807/static/css/ 25 KB
6 KB 115ms
114ms Stylesheet
text/css 143.204.94.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gettoggle.com/9db0807/static/css/main.4132c634.chunk.css
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9eec32629faf42af6e5a33d81964998687b677cda3447f0bab6a025dec1c1db3

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 02:08:05 GMT
content-encoding: gzip
age: 60072
x-cache: Hit from cloudfront
status: 200
x-amz-request-id: C39791861CD7F3A8
x-amz-id-2: vP/ZKOY0wk8ZCGajW/YgNmwqTncYuN+RxMd6nKIgUbMUgWLaqGASy36BBYSTnkTD1S7F14UUgzE=
last-modified: Thu, 30 Jul 2020 15:54:00 GMT
server: AmazonS3
etag: "e5575c26d51c93012e86b48f597c9d9e"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6Zo_GHtSAADQBh9v009Y2KxU4ke8et1m-C2RmveWxaI8MrraMYedJw==

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.26.4/ 37 KB
14 KB 21ms
7ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.26.4/raven.min.js
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 3b6205206b5c515bb685b81ad82ecedf1264a0f1b6b0a99b2d89ce18fe30bc5e

Request headers

Origin: https://www.gettoggle.com
Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:16 GMT
content-encoding: gzip
last-modified: Fri, 20 Jul 2018 09:10:03 GMT
server: Fastly
age: 47855
etag: "e7a52e3ca61154fb6077ca08d351e3e3"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13757

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 129 KB
43 KB 62ms
42ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAoURhFyihWNMsMa_Rxb-cIs_P60RLFj38&libraries=places

Requested by

Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

a0cb26743fdafb48be3c91a32d44ea571beef74b72ab7de895c5af75bfa9e614

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:16 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=26
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43283
x-xss-protection: 0
expires: Tue, 06 Oct 2020 19:19:16 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 184 KB
48 KB 324ms
130ms Script
application/javascript 99.86.243.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.49 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-49.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ed17bb041c521cc7d3e1ad6b070f10358e25472939bb4cb4b3f80596d776d0f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:44:48 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 269
x-cache: Hit from cloudfront
status: 200
x-amz-request-id: 92167B7C736609CD
x-amz-id-2: Ap6gXJmC6E+a3t7UrHumRuKb7NNuOGxL32XEt2w6TRxREyoSLRkRPoD4qqGTXvVq/xrmVRSDNek=
access-control-allow-origin: *
last-modified: Tue, 06 Oct 2020 17:21:05 GMT
server: AmazonS3
etag: W/"a5470fbb9ba20d9716ada7dc65b1d7b2"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
via: 1.1 87459a7837f980cdc57ba8a2c23a55ae.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: K20bh0CDRyda6v9rLd7y1dKo5jIHLGx9SG80Gd2UZaCg4bGXGogmlw==

GET
H2 200 3.47e3e921.chunk.js Show response
www.gettoggle.com/9db0807/static/js/ 443 KB
129 KB 123ms
122ms Script
application/javascript 143.204.94.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gettoggle.com/9db0807/static/js/3.47e3e921.chunk.js
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 524ced31234f6b3ad0da2501dc3cbbbf4ffaf68cb925ee67cbe8c63222ad8dd7

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 01:34:09 GMT
content-encoding: gzip
age: 1617308
x-cache: Hit from cloudfront
status: 200
x-amz-request-id: 62DA7CD470BCFB3C
x-amz-id-2: nEY/k+UhLAaKeDiz91q79biUSgzIQTIus9H8xmXXICsphJMYlgdaSxwI7chP2jmGbdvo6LhNsag=
last-modified: Thu, 30 Jul 2020 15:54:00 GMT
server: AmazonS3
etag: W/"14d7f44951a59352111edef709fb1a7e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 8RLy3ZUkFdeFVlCMwy6d0nXa5UOgrJxyUPreKxVmv27eknTGugJfRQ==

GET
H2 200 main.6a8bde6d.chunk.js Show response
www.gettoggle.com/9db0807/static/js/ 33 KB
11 KB 175ms
174ms Script
application/javascript 143.204.94.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gettoggle.com/9db0807/static/js/main.6a8bde6d.chunk.js
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a19d911b31edec2f305f5ea810a047449bc40c7baf6514ed83874a41b93d0896

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 02 Oct 2020 00:36:38 GMT
content-encoding: gzip
age: 411159
x-cache: Hit from cloudfront
status: 200
x-amz-request-id: 5F654E114F5CF086
x-amz-id-2: cRYhtfapTAqzgCgFJyimSRj0oU/PY6rOoKo8RMMysQwRsEPg/mVAJbNJ7Yj1uxEYFN1My+YSXzI=
last-modified: Thu, 30 Jul 2020 15:54:00 GMT
server: AmazonS3
etag: W/"cb60e95f2f95b99e003a3185531241b4"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: F7qR7TV85H-6WHxNEBcReMlt1wcTMmuME0TIUw7PDoX8CVuub0w8UQ==

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 6 KB
2 KB 164ms
54ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=377647&u=https%3A%2F%2Fwww.gettoggle.com%2Fs%2F4%2F0%2F40174-79699-snood.exe&f=1&r=0.31920244256086594
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 0cc64c861b1a3f99eb80a9c6fa94c2b1393136d9312942369255589eb2efe57e

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:16 GMT
content-encoding: gzip
server: gfra1
content-type: application/javascript; charset=UTF-8
status: 200
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.3.1/css/ 63 KB
13 KB 187ms
65ms Stylesheet
text/css 151.139.128.8
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.3.1/css/all.css
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/9db0807/static/css/main.4132c634.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 766618d32072335f0a3da8b317bb095e5541de3e20068bcdd31cc638478f0188

Request headers

Referer: https://www.gettoggle.com/9db0807/static/css/main.4132c634.chunk.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:16 GMT
content-encoding: gzip
last-modified: Tue, 28 Aug 2018 18:21:30 GMT
status: 200
etag: "d0b60fd29c628ca3b0ea212ec00255e7"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1602010156.cds073.lo4.hn,1602010156.cds079.lo4.c
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
access-control-allow-methods: GET
accept-ranges: bytes
content-length: 13242

GET
H3-Q050 200 va-0ca7acdf418d8c12f3819dda65c35024.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 203 KB
58 KB 107ms
54ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/va-0ca7acdf418d8c12f3819dda65c35024.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=377647&u=https%3A%2F%2Fwww.gettoggle.com%2Fs%2F4%2F0%2F40174-79699-snood.exe&f=1&r=0.31920244256086594
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: d948898fd2b414fb687c3e21d364134b0cde69557972bac45f93440feddf3412

Request headers

Origin: https://www.gettoggle.com
Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:16 GMT
content-encoding: br
last-modified: Tue, 06 Oct 2020 04:55:11 GMT
server: gfra1
status: 200
etag: "5f7bf8af-e859"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59481
via: 1.1 google

GET
H3-Q050 200 track-0ca7acdf418d8c12f3819dda65c35024.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 11 KB
4 KB 106ms
53ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-0ca7acdf418d8c12f3819dda65c35024.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=377647&u=https%3A%2F%2Fwww.gettoggle.com%2Fs%2F4%2F0%2F40174-79699-snood.exe&f=1&r=0.31920244256086594
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 1b71dd5bde39e95d21b4e683def553528ca1a028980169b914caef0548bb6df8

Request headers

Origin: https://www.gettoggle.com
Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:16 GMT
content-encoding: br
last-modified: Tue, 06 Oct 2020 04:55:11 GMT
server: gfra1
status: 200
etag: "5f7bf8af-da8"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3496
via: 1.1 google

GET
H3-Q050 200 opa-a4111607dc5ce718c2993c75e25e5d78.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 91 KB
24 KB 107ms
55ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-a4111607dc5ce718c2993c75e25e5d78.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=377647&u=https%3A%2F%2Fwww.gettoggle.com%2Fs%2F4%2F0%2F40174-79699-snood.exe&f=1&r=0.31920244256086594
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 289e4a4c65713d1a520b1ae1aabb774ef1af63946c24bfb371027ba431958291

Request headers

Origin: https://www.gettoggle.com
Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:15 GMT
content-encoding: br
last-modified: Mon, 05 Oct 2020 06:41:36 GMT
server: gfra1
status: 200
etag: "5f7ac020-5da1"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23969
via: 1.1 google

GET
H3-Q050 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
301 B 177ms
132ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=377647&d=gettoggle.com&u=D038BF7A97803A029F7253749644746A4&h=6806c441290c90fec55094dee6f866f6&t=false&r=0.47000803150968795

Requested by

Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Oct 2020 18:49:16 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/azGBHaT6SHB0aH1Z9AYxHAK8X51mC1Cc/ 430 KB
87 KB 882ms
744ms Script
text/javascript 99.86.244.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/azGBHaT6SHB0aH1Z9AYxHAK8X51mC1Cc/analytics.min.js
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.244.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-244-81.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2adf1aff3ac3a8076e87653f6e335649221d98f1f3e2a50c1b9b1a718c0ee636

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: r325ftksdWJELINfpAO4Zn9fciG9am_o
content-encoding: gzip
etag: "cf9be9b6dc7dee8fbd859eba050e29c3"
x-amz-cf-pop: VIE50-C1
x-cache: RefreshHit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-length: 88619
access-control-allow-origin: *
last-modified: Fri, 02 Oct 2020 18:08:00 GMT
server: AmazonS3
date: Tue, 06 Oct 2020 18:49:18 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0af.cloudfront.net (CloudFront)
cache-control: public, max-age=300
accept-ranges: bytes
x-amz-cf-id: Vd6xDnyoFZFnrwpiVFtf7QKb6Pfn9wcNq2tNhK9uOHonWkh_4a_z9w==

GET
H2 200 2.f6e9b117.chunk.css
www.gettoggle.com/9db0807/static/css/ 570 KB
216 KB 69ms
68ms Stylesheet
text/css 143.204.94.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gettoggle.com/9db0807/static/css/2.f6e9b117.chunk.css
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbbe6b2a26743764f6b63fc8aa1202ae86d74fdc0c759d5bba381e4adb21b815

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 01:42:45 GMT
content-encoding: gzip
age: 925592
x-cache: Hit from cloudfront
status: 200
x-amz-request-id: 3K6QBQEVDKCH3T7M
x-amz-id-2: ByhTKHSy+hq2fRxGlrdhDovda4rgJ/cC/e0RPCPSROTsle4eb/+G7EqlPuEqsjUjUvNyiR2xV30=
last-modified: Thu, 30 Jul 2020 15:54:00 GMT
server: AmazonS3
etag: W/"98e72a85fef594f18bee6aa01cb38376"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: PWg4lToeArZxUy5SRK1FjwBA03gT1dxDjtx6NB8c6gDUmaAUkQRwIQ==

GET
H2 200 2.1c079004.chunk.js Show response
www.gettoggle.com/9db0807/static/js/ 2 MB
457 KB 82ms
81ms Script
application/javascript 143.204.94.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gettoggle.com/9db0807/static/js/2.1c079004.chunk.js
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52a04958a528f2e0b2e06941cb57c3087b9b4d5db5526c07d8d1d8fbee03a976

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 11:26:15 GMT
content-encoding: gzip
age: 2359382
x-cache: Hit from cloudfront
status: 200
x-amz-request-id: CA0370D3EDB0678A
x-amz-id-2: PrE0VOPIuQZ7aii4tg97mD1i77A23AhaNaybK8fRQTHPFPTWThX2SVCejIf6J7+1vhjpm667HsY=
last-modified: Thu, 30 Jul 2020 15:54:00 GMT
server: AmazonS3
etag: W/"535a2a45e414657e14c2cfc4e9b9a7e2"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 2IH-TPBNwhSq8sXeFo9chSnS2L-KoYdXQt56muNGA4xP61iyU-VTUg==

GET
H2 200 4.3f813f98.chunk.css
www.gettoggle.com/9db0807/static/css/ 81 KB
13 KB 116ms
116ms Stylesheet
text/css 143.204.94.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gettoggle.com/9db0807/static/css/4.3f813f98.chunk.css
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b91385dbab11bbdc9207fe377d20218880c7302640e0a720fb4dcf007011adf

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 01:48:06 GMT
content-encoding: gzip
age: 1270871
x-cache: Hit from cloudfront
status: 200
x-amz-request-id: A80AC80BD6D819C3
x-amz-id-2: 5uiLzdmMowoHPWLhr8LWNxDelhBkpVvIDhM3tNPm9jgRVugybzl7RYW9bJJc5ttMXMujhq0L3Rk=
last-modified: Thu, 30 Jul 2020 15:54:00 GMT
server: AmazonS3
etag: W/"553667373b9371be7fb86f4e88e3c963"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: cYuGDqRE5kyBP-kioRS-r6PUgbMZVuE8vusDQSgJaBKcNqLSOcxmIw==

GET
H2 200 4.17744021.chunk.js Show response
www.gettoggle.com/9db0807/static/js/ 329 KB
87 KB 119ms
119ms Script
application/javascript 143.204.94.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gettoggle.com/9db0807/static/js/4.17744021.chunk.js
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf13864e954eff29096bae6fb011c8ad7104d9327941afd411ec01010f0a2a02

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 01:11:42 GMT
content-encoding: gzip
age: 149855
x-cache: Hit from cloudfront
status: 200
x-amz-request-id: 8V8RETBV9Y6Z9T9R
x-amz-id-2: jALbgebFRVwABepI4gCIrOcF8Fe/5CiPGgG3UQ3TtL2elvm8bi8yf6ZLiDdK30/qWvKVBnzMQI4=
last-modified: Thu, 30 Jul 2020 15:54:00 GMT
server: AmazonS3
etag: "50d0382943ff04878bca233882f7695b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ZPSTLO4mnNXyqipYWmJhy4LADUTYbbr458cqPa_Fd6pi1cCcdAmB1g==

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.3.1/webfonts/ 90 KB
90 KB 186ms
64ms Font
font/woff2 151.139.128.8
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.3.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3

Request headers

Origin: https://www.gettoggle.com
Referer: https://pro.fontawesome.com/releases/v5.3.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:16 GMT
last-modified: Tue, 28 Aug 2018 18:21:57 GMT
status: 200
etag: "6897be186b147b75c308c29eb0782f14"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
accept-ranges: bytes
content-length: 91792
x-hw: 1602010156.cds039.lo4.hn,1602010156.cds048.lo4.c

GET
H3-Q050 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 464 KB
110 KB 79ms
79ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=377647&settings_type=1&vn=7.0&r=0.9844511375568701&exc=2|3
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-0ca7acdf418d8c12f3819dda65c35024.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: aed54c0e8ace1b67d15162b0fddaaee150d8bbf22454b99986d4c0b455e5bf40

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 06 Oct 2020 18:49:16 GMT
content-encoding: gzip
server: gfra1
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google
content-type: application/javascript; charset=UTF-8

GET
H3-Q050 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
55 B 130ms
130ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=377647&u=D038BF7A97803A029F7253749644746A4&s=1602010156&p=1&ed=%7B%22tO%22%3A%22-2%22%2C%22lt%22%3A%221602010156813%22%2C%22r%22%3A%22%22%2C%22ul%22%3A%22en-us%22%2C%22de%22%3A%22UTF-8%22%2C%22sc%22%3A%2224%22%2C%22sr%22%3A%221600x1200%22%7D&cu=https%253A%252F%252Fwww.gettoggle.com%252Fs%252F4%252F0%252F40174-79699-snood.exe&r=0&cq=1&vn=7.0.69&vns=undefined&vno=undefined&eTime=1602010156813&random=0.5254519798685127

Requested by

Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Oct 2020 18:49:16 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3-Q050 200 worker-1acd6955248e984d8c16ea37afb8cbb7.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 51ms
51ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-1acd6955248e984d8c16ea37afb8cbb7.js
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:16 GMT
content-encoding: br
last-modified: Mon, 16 Mar 2020 04:40:32 GMT
server: gfra1
status: 200
etag: "5e6f0340-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H/1.1 200
OK thHn13Pk9n5cfgMQDqnMW3bYzJ4hlg
www.quotelab.com/p/ Frame 49A7 0
0 555ms
139ms Document
text/plain 184.73.172.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.quotelab.com/p/thHn13Pk9n5cfgMQDqnMW3bYzJ4hlg?u=1
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/9db0807/static/js/3.47e3e921.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.172.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-172-209.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: www.quotelab.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe

Response headers

Content-Type: text/plain; charset=UTF-8
Date: Tue, 06 Oct 2020 18:49:17 GMT
Server: Apache
Content-Length: 171
Connection: keep-alive

GET
H2 200 controller-78285a3ed27008d69d35e765fbb00dd5.html
js.stripe.com/v3/ Frame 53B5 0
0 178ms
177ms Document
text/html 99.86.243.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-78285a3ed27008d69d35e765fbb00dd5.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.49 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-49.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-78285a3ed27008d69d35e765fbb00dd5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 299
x-amz-id-2: /8MIPF0lKF+1yIBHh9x/JkL70OXzZZyLV29oHPTVuJ2sdv+EYH1HNhAImYZNX/2LFtsrlzn6mmE=
x-amz-request-id: 113E2EE22D32145B
last-modified: Tue, 06 Oct 2020 17:00:54 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
date: Tue, 06 Oct 2020 18:44:35 GMT
etag: "78285a3ed27008d69d35e765fbb00dd5"
cache-control: public, max-age=300
x-cache: Hit from cloudfront
via: 1.1 87459a7837f980cdc57ba8a2c23a55ae.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: tQbILX3qNDMySTAmAARtiCrTikS_xvRse17qB4LNzVqj0ktAhYiU1A==
age: 283

GET
H2

200

spacer.gif
i.pretected.com/ListingDisplay/Outcome/
Redirect Chain

https://www.nextinsure.com/ListingDisplay/Outcome/?O=9822061005
https://i.pretected.com/ListingDisplay/Outcome/?O=9822061005
https://i.pretected.com/ListingDisplay/Outcome/spacer.gif?ts=637375889798828744

49 B
802 B

694ms
694ms

Image
image/gif

23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.pretected.com/ListingDisplay/Outcome/spacer.gif?ts=637375889798828744

Requested by

Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

Resource Hash

93db6ff0af01c1416a4cf5643fa970e6facf75aa2c38a66404085039c2314e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cfg-version: v61
strict-transport-security: max-age=15552001; includeSubDomains; preload, max-age=31536000
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net; style-src *.googleapis.com 'unsafe-inline';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com; img-src * data:; style-src-elem * 'unsafe-inline'; report-uri /ListingDisplay/handlers/csp.ashx;
status: 200
content-length: 49
x-cached: True
last-modified: Thu, 01 Oct 2020 22:52:06 GMT
date: Tue, 06 Oct 2020 18:49:18 GMT
x-frame-options: SAMEORIGIN
access-control-allow-methods: OPTIONS,POST,GET
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2591955
etag: "6666e07c4598d61:0"
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-ld: g2
expires: Thu, 05 Nov 2020 18:48:33 GMT

Redirect headers

x-cfg-version: v61
strict-transport-security: max-age=15552001; includeSubDomains; preload, max-age=31536000
x-content-type-options: nosniff
access-control-allow-origin: *
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net; style-src *.googleapis.com 'unsafe-inline';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com; img-src * data:; style-src-elem * 'unsafe-inline'; report-uri /ListingDisplay/handlers/csp.ashx;
status: 302
content-length: 173
date: Tue, 06 Oct 2020 18:49:17 GMT
x-frame-options: SAMEORIGIN
access-control-allow-methods: OPTIONS,POST,GET
content-type: text/html; charset=utf-8
location: /ListingDisplay/Outcome/spacer.gif?ts=637375889798828744
cache-control: private
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-ld: h2

GET
H2 200 v1 Show response
api.gettoggle.com/api/feature_flags/ 677 B
1 KB 167ms
165ms XHR
application/json 54.152.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gettoggle.com/api/feature_flags/v1

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-152-90-171.compute-1.amazonaws.com

Software

nginx /

Resource Hash

cbd696a341fba2a017f123d935456433a4f75c4285012425c6d8a440a0668925

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Space: farmers

Response headers

date: Tue, 06 Oct 2020 18:49:17 GMT
x-content-type-options: nosniff, nosniff
server: nginx
status: 200
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 600
strict-transport-security: max-age=31536000;
access-control-allow-headers: Authorization, Cache-Control, Content-Type, Origin, Pragma, X-Requested-With, X-Space, X-Unique-Key
content-length: 677
x-xss-protection: 1; mode=block
x-request-id: hrq_ce100d78bc2244a082be47bc084213b3
access-control-expose-headers: X-New-Token, X-Request-ID

OPTIONS
H2 200 v1
api.gettoggle.com/api/feature_flags/ Frame 0
0 435ms
145ms Other
text/html 54.152.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gettoggle.com/api/feature_flags/v1

Protocol

Server

54.152.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-152-90-171.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-space
Origin: https://www.gettoggle.com
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Tue, 06 Oct 2020 18:49:17 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: nginx
allow: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-headers: Authorization, Cache-Control, Content-Type, Origin, Pragma, X-Requested-With, X-Space, X-Unique-Key
access-control-expose-headers: X-New-Token, X-Request-ID
access-control-allow-methods: GET, HEAD, OPTIONS
x-request-id: hrq_9027a70f6ac749e48a78c78a169be14d
x-frame-options: DENY
x-content-type-options: nosniff nosniff
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block

GET
H2 200 ta1ffcz5d.js Show response
cdn.krxd.net/controltag/ 21 KB
6 KB 155ms
50ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/ta1ffcz5d.js
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c58a8afff64d04b21348a18b769866dc6ecf1e93307288b020595ec7909ae846

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Tue, 06 Oct 2020 18:49:17 GMT
content-encoding: gzip
age: 1275
x-cache: MISS, HIT, HIT
status: 200
x-app-cache: HIT
x-age: 0
content-length: 5292
x-served-by: config-service-a004-ash-prod.krxd.net, cache-bwi5126-BWI, cache-hhn4027-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1602010157.173481,VS0,VE1
etag: "b11c1128ea24f1ac82d14a10b11b44837a45eba0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2 200 bodymovin_light.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bodymovin/4.13.0/ 144 KB
33 KB 20ms
19ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.13.0/bodymovin_light.min.js

Requested by

Host: www.gettoggle.com
URL: https://www.gettoggle.com/9db0807/static/js/3.47e3e921.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

893763cea569af81fe94eedc6b58a9e0463dc04fc2097cffc5c0c93cbdec5f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1010564
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33184
cf-request-id: 05a0d827f700001f313c010200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
etag: "5eb03d8b-23edf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602010157"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5de18fb98a9b1f31-FRA
expires: Sun, 26 Sep 2021 18:49:17 GMT

GET
H2 200 controltag.js.840d44399e357e7da3f94ce724fcd35c Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 51ms
50ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/ta1ffcz5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fd249edeb03976f66c2118f0f87d1922af303a0ba74165f63f1859df9ede234a

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Tue, 06 Oct 2020 18:49:17 GMT
content-encoding: gzip
age: 2923532
x-amz-server-side-encryption: AES256
x-cache: HIT
status: 200
x-cache-hits: 5474879
content-length: 84307
x-served-by: cache-hhn4027-HHN
last-modified: Mon, 24 Aug 2020 10:19:29 GMT
x-timer: S1602010157.226606,VS0,VE0
etag: "840d44399e357e7da3f94ce724fcd35c"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 22 Aug 2030 10:19:28 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame C8A6 0
0 50ms
49ms Document
text/html 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cdn.krxd.net
:scheme: https
:path: /partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe

Response headers

status: 200
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Oct 2020 18:49:17 GMT
via: 1.1 varnish
age: 40504921
x-served-by: cache-hhn4027-HHN
x-cache: HIT
x-cache-hits: 1618286
x-timer: S1602010157.361026,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H2 200 f02be25b-ed05-4972-a144-57653f813683 Show response
consumer.krxd.net/consent/get/ 235 B
426 B 181ms
80ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/f02be25b-ed05-4972-a144-57653f813683?idt=device&dt=kxcookie&callback=Krux.ns.farmers.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 75d97910c4aba73f84e5698a2f32a433d4becba948cbd5b5841c2a35eda1df3f

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:17 GMT
content-encoding: gzip
age: 0
x-served-by: consumer-a008-dub-prod.krxd.net, cache-hhn4073-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1602010158.504692,VS0,VE31
content-length: 188
via: 1.1 varnish
x-cache-hits: 0, 0

GET
BLOB 200
OK 63b05a9c-7506-4686-976c-51f4fa5562eb
https://www.gettoggle.com/ 47 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gettoggle.com/63b05a9c-7506-4686-976c-51f4fa5562eb
Requested by: Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 47679
Content-Type: text/javascript

POST
H2 200 analyze Show response
r3.visualwebsiteoptimizer.com/ 0
143 B 421ms
152ms XHR
application/javascript 35.194.81.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://r3.visualwebsiteoptimizer.com/analyze?_a=377647&_u=https%3A%2F%2Fwww.gettoggle.com%2Fs%2F4%2F0%2F40174-79699-snood.exe
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.194.81.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 74.81.194.35.bc.googleusercontent.com
Software: r3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryX8GFEuoho35oRdlw

Response headers

status: 200
date: Tue, 06 Oct 2020 18:49:17 GMT
content-encoding: gzip
server: r3
access-control-allow-origin: *
content-type: application/javascript; charset=UTF-8

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 79 KB
27 KB 26ms
6ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/azGBHaT6SHB0aH1Z9AYxHAK8X51mC1Cc/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4232e3c12b3860ed86f62ab38ee1a711ba7393218593d61cefa8100c28afdd6f

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:40:46 GMT
content-encoding: gzip
age: 511
x-guploader-uploadid: ABg5-UxoU2c3i8B02nvQUfaT5BKk0WOCoSUMyhCNCTTROefb0y4dRXQlwEaFmDcpWyLLqv88C_4Rn6o3kDvt07_aHHWG_81ymQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 26928
last-modified: Mon, 17 Aug 2020 21:43:08 GMT
server: UploadServer
etag: "0f7532346a033260e6e905e6396195aa"
vary: Accept-Encoding
x-goog-hash: crc32c=AlJgbg==, md5=D3UyNGoDMmDm6QXmOWGVqg==
x-goog-generation: 1597700588364815
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 26928
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 06 Oct 2020 18:50:46 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
8 KB 49ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/azGBHaT6SHB0aH1Z9AYxHAK8X51mC1Cc/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44dd62d6a622a6198df9bfcfc1acbf414706e86c57dfc1d0f15b147fa7f25ae0

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:16 GMT
content-encoding: gzip
last-modified: Wed, 30 Sep 2020 20:44:24 GMT
x-msedge-ref: Ref A: 36626BF5EFA748BDA74170ECA4E8DC98 Ref B: FRAEDGE1207 Ref C: 2020-10-06T18:49:17Z
status: 200
etag: "0417b6a97d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8315

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/azGBHaT6SHB0aH1Z9AYxHAK8X51mC1Cc/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 937
date: Tue, 06 Oct 2020 18:33:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Tue, 06 Oct 2020 20:33:40 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/azGBHaT6SHB0aH1Z9AYxHAK8X51mC1Cc/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23070
x-xss-protection: 0
pragma: public
x-fb-debug: uHoF0BAgmWbMGu446n3NWCzEqHOxNuU9PvTDjWD4zTjFxb8FuycEWngtWe66ZC/EK138XziFAI3J5YrYDWc0NA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Tue, 06 Oct 2020 18:49:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-790858605

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/azGBHaT6SHB0aH1Z9AYxHAK8X51mC1Cc/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

720ddaa1b2433514e35c7c767470b22a0a8f7448d4b88cb68e97f794ae7a2ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:17 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36636
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Oct 2020 18:49:17 GMT

GET
H/1.1 200
OK friendbuy.min.js Show response
djnf6e5yyirys.cloudfront.net/js/ 121 KB
42 KB 224ms
76ms Script
application/javascript 52.84.116.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djnf6e5yyirys.cloudfront.net/js/friendbuy.min.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/azGBHaT6SHB0aH1Z9AYxHAK8X51mC1Cc/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.116.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-116-87.sof50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4810c356715f401a26901fc0500c8b128499bde3ee972c4a464eedfbc6c638b

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: whNr.vjNWnxSOzwsrbOEEkAL1Akh1Fk5
Content-Encoding: gzip
ETag: W/"47be0c0da9df8e12b3854b2eb43e7b39"
Age: 80
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 28 Sep 2020 18:08:37 GMT
Server: AmazonS3
Date: Tue, 06 Oct 2020 18:48:12 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 29241b755d58e5d5a8e1a24549cddd72.cloudfront.net (CloudFront)
Cache-Control: public, max-age=180
X-Amz-Cf-Pop: SOF50-C1
X-Amz-Cf-Id: 73gfSpE5Cu6jOcdgDvTdfGnDcogMedJPiWXRWA_PaNTSHc38LdA6wQ==

GET
H2 200 appboy.min.js Show response
js.appboycdn.com/web-sdk/1.6/ 140 KB
37 KB 42ms
23ms Script
application/javascript 2606:4700:10::6816:84f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.appboycdn.com/web-sdk/1.6/appboy.min.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/azGBHaT6SHB0aH1Z9AYxHAK8X51mC1Cc/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:84f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8a01b01a8545511558be10066e3eb5af36f93ba7135552b235e30d612f58997

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5944
status: 200
x-amz-request-id: 8340F28DF8AC3291
x-amz-id-2: Tx2cYM7bddrz0caiHrUQJet+zWxsPRndZ/+UnXZOgAdRpN73lUkSzt7iulv1LuI0Ot/m51GNiTk=
last-modified: Fri, 06 Oct 2017 18:19:54 GMT
server: cloudflare
etag: W/"bd8c768fe5e4740920f57a1a01e14a3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-request-id: 05a0d82a6d0000bef6a0219200000001
cf-ray: 5de18fbd7d64bef6-FRA

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
565 B 33ms
14ms XHR
application/json 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Oct 2020 18:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.gettoggle.com
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 244211066290838 Show response
connect.facebook.net/signals/config/ 21 KB
7 KB 110ms
110ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/244211066290838?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fa48dd62df42e688aee0de509a3afb59a9dd2fbaca230a32f45631cedb91c70e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 3KRVa9F0kHxMunK/H/wtz8ykWjY8kI0AdjrZnGg//eI6OpRj21nz9UKtp9uf3UpPXNGYIyj+mcYHvpXfJBwZjQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Tue, 06 Oct 2020 18:49:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
api-js.mixpanel.com/decide/ 65 B
328 B 162ms
61ms XHR
application/json 35.190.25.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=47afa206c21a96af8affad1b18a9439a&ip=1&_=1602010157703
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.25.25 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 25.25.190.35.bc.googleusercontent.com
Software: gunicorn/19.9.0 /
Resource Hash: 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:17 GMT
via: 1.1 google
server: gunicorn/19.9.0
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.gettoggle.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 52ms
52ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-790858605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11311
x-xss-protection: 0
server: cafe
etag: 12833363978352728442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Oct 2020 18:49:17 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
494 B 73ms
52ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Oct 2020 18:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.gettoggle.com
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

OPTIONS
H2 200 /
sdk.iad-03.braze.com/api/v3/data/ Frame 0
0 249ms
145ms Other 151.101.113.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-03.braze.com/api/v3/data/

Protocol

Server

151.101.113.208 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-requested-with
Origin: https://www.gettoggle.com
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-headers: content-type,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-encoding: gzip
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
date: Tue, 06 Oct 2020 18:49:17 GMT
via: 1.1 varnish
x-served-by: cache-hhn4022-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1602010158.886659,VS0,VE93
vary: Accept-Encoding
content-length: 20

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 6507ms
11ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/1.6/appboy.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
status: 200
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 5442

POST
H2 201 / Show response
sdk.iad-03.braze.com/api/v3/data/ 294 B
504 B 153ms
153ms XHR
application/json 151.101.113.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-03.braze.com/api/v3/data/

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.208 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

264e4f602c3c1cf8a898979a6788ad35830615b61fede5a22e554175e135e8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

strict-transport-security: max-age=0; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
etag: W/"264e4f602c3c1cf8a898979a6788ad35"
access-control-allow-origin: *
x-cache: MISS
status: 201
access-control-max-age: 7200
content-length: 250
x-request-id: 0b7817e2-b0d5-485d-b93b-d994601ee2ea
x-served-by: cache-hhn4022-HHN
x-runtime: 0.011871
server: nginx
x-timer: S1602010158.031869,VS0,VE104
date: Tue, 06 Oct 2020 18:49:18 GMT
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/790858605/ 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/790858605/?random=1602010157779&cv=9&fst=1602010157779&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.gettoggle.com%2Fs%2F4%2F0%2F40174-79699-snood.exe&tiba=Toggle%20Renters%20Insurance&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c1d6def6ca0cc6623804a91878abb740d345ebf62134ba97f70006ea996d888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Oct 2020 18:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1045
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/790858605/ 42 B
110 B 23ms
22ms Image
image/gif 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/790858605/?random=1602010157779&cv=9&fst=1602007200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.gettoggle.com%2Fs%2F4%2F0%2F40174-79699-snood.exe&tiba=Toggle%20Renters%20Insurance&async=1&fmt=3&is_vtc=1&random=2622402607&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Oct 2020 18:49:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/790858605/ 42 B
107 B 24ms
24ms Image
image/gif 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/790858605/?random=1602010157779&cv=9&fst=1602007200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.gettoggle.com%2Fs%2F4%2F0%2F40174-79699-snood.exe&tiba=Toggle%20Renters%20Insurance&async=1&fmt=3&is_vtc=1&random=2622402607&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Oct 2020 18:49:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK site-74f8d245-www.gettoggle.com.json Show response
cdn1.friendbuy.com/widgets/configs/ 9 KB
3 KB 490ms
380ms XHR
application/json 143.204.94.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.friendbuy.com/widgets/configs/site-74f8d245-www.gettoggle.com.json
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dab025b3b3b319e6f95848d1345febdf2df4bedf94829ea79b261eae274f0fcd

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: PuYnRc158Hr1cwt567Ov65A6XDMuFuT3
Content-Encoding: gzip
ETag: "c8ceacb7bceb5961d42877a43c11310f"
X-Amz-Cf-Pop: FRA50-C1
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 24 Sep 2020 02:46:13 GMT
Server: AmazonS3
Date: Tue, 06 Oct 2020 18:49:19 GMT
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/json
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Cache-Control: max-age=180
X-Amz-Cf-Id: lchqpvgTwoSSDXnRH2DxfdSKLspgrDx_b1mHY2qeDkAABowyc_ukjQ==
Expires: Sun, 22 Sep 2030 02:46:12 UTC

OPTIONS
H2 200 references
ws.friendbuy.com/site-74f8d245-www.gettoggle.com/widgets/62361/ Frame 0
0 618ms
202ms Other
text/html 52.8.216.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.friendbuy.com/site-74f8d245-www.gettoggle.com/widgets/62361/references
Protocol: H2
Server: 52.8.216.17 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-216-17.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gettoggle.com
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Tue, 06 Oct 2020 18:49:19 GMT
content-type: text/html; charset=utf-8
content-length: 20
server: nginx
allow: POST, HEAD, OPTIONS
access-control-allow-origin: https://www.gettoggle.com
access-control-allow-methods: HEAD, OPTIONS, POST
access-control-max-age: 21600
access-control-allow-credentials: true
access-control-allow-headers: X-REQUESTED-WITH, CONTENT-TYPE
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="Please see our privacy policy, https://www.friendbuy.com/privacy/"

POST
H2 202 references Show response
ws.friendbuy.com/site-74f8d245-www.gettoggle.com/widgets/62361/ 68 B
584 B 614ms
210ms XHR
application/json 52.8.216.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.friendbuy.com/site-74f8d245-www.gettoggle.com/widgets/62361/references
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.216.17 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-216-17.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b03295cd7770fb022e86b4b5c103aa013cefe870282c7eee6db0c2ec76ba2aa5

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Oct 2020 18:49:19 GMT
server: nginx
status: 202
access-control-max-age: 21600
access-control-allow-methods: HEAD, OPTIONS, POST
p3p: CP="Please see our privacy policy, https://www.friendbuy.com/privacy/"
access-control-allow-origin: https://www.gettoggle.com
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: X-REQUESTED-WITH, CONTENT-TYPE
content-length: 68

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 24 KB
7 KB 62ms
60ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=5a4f29b1-8700-4281-9d81-13eafcb05169

Requested by

Host: www.gettoggle.com
URL: https://www.gettoggle.com/9db0807/static/js/main.6a8bde6d.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 8
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: C0CA8848DCD3CEAF
x-amz-id-2: xnbzxiI4FAXHXRkL5htU6Jj+cXP9o45eoXEvsFQ+Xr1gd+M/QMGy4OaiTqT+tF74rVjE5MhAALk=
last-modified: Tue, 10 Mar 2020 23:13:51 GMT
server: cloudflare
etag: W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: QzcBmfzwuCnSPtNhWyKUV.rVnAqAKY6a
cf-request-id: 05a0d830660000fa580029f200000001
cf-ray: 5de18fc70e7cfa58-AMS

GET
H2 200 5a4f29b1-8700-4281-9d81-13eafcb05169 Show response
ekr.zdassets.com/compose/ 713 B
462 B 797ms
795ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/5a4f29b1-8700-4281-9d81-13eafcb05169

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a402ce877ebb5115d72f77cd15082976d7a24f0f6c50b9971ab7ddb35e70341

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:20 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
status: 200, 200 OK
strict-transport-security: max-age=0
cf-request-id: 05a0d830ba00000b5f51a9c200000001
x-request-id: be7c2f9c-f769-4a7d-a8af-ed0f4e81d23e
x-runtime: 0.002274
server: cloudflare
etag: W/"4a402ce877ebb5115d72f77cd1508297"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 5de18fc7988b0b5f-AMS

GET
H2 200 preload.78fb78df072fb5fc0997.js Show response
static.zdassets.com/web_widget/latest/ Frame 8A0F 61 KB
18 KB 174ms
173ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/preload.78fb78df072fb5fc0997.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=5a4f29b1-8700-4281-9d81-13eafcb05169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d66f22bfbb7e0b7de230ba3134e49668e4aa08313a97d85b72c330d4fe01531

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 158532
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 49F23813388323E6
x-amz-id-2: 5MRbztzyfhqJLOiyzNNqnxV4tY8iG7WsJRPwOCk+LmmB99DjWYcs40XehjQlXHzruIMBP/pt0fI=
last-modified: Fri, 02 Oct 2020 07:05:26 GMT
server: cloudflare
etag: W/"1705196712375ecb984953961f12ec11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: P4xHwzoAnBwR2Xaweo0GWkSTfMhF9wP0
cf-request-id: 05a0d833e30000fa58002e9200000001
cf-ray: 5de18fcc9c62fa58-AMS
expires: Sat, 02 Oct 2021 07:05:25 GMT

GET
H2 200 web_widget.ba9a857f2bb01785a8d1.chunk.js Show response
static.zdassets.com/web_widget/latest/lazy/ Frame 8A0F 4 KB
2 KB 93ms
91ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/lazy/web_widget.ba9a857f2bb01785a8d1.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=5a4f29b1-8700-4281-9d81-13eafcb05169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52b970231b6acd054a470b232aec5aee2493e1a4fc07a54557cc524f11343c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 501163
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 179AD7DCCD209A3A
x-amz-id-2: wqZFDQdPnqTho3Iv5n+zlQolAukFG4r0tHRiYg6DyD8756zYRQqfuT0QIYZkfHsd3rTd2Br7DMA=
last-modified: Wed, 30 Sep 2020 07:35:35 GMT
server: cloudflare
etag: W/"cd48dbd15438789692901c3abe7fad0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: o6hpYGxYvzSDIpEF.6kgZPoLjTYpTVm2
cf-request-id: 05a0d833e30000fa58002ea200000001
cf-ray: 5de18fcc9c64fa58-AMS
expires: Thu, 30 Sep 2021 07:35:34 GMT

GET
H2 200 vendors~web_widget.dfd8ce14824667c9fd55.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 8A0F 1 MB
282 KB 81ms
80ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~web_widget.dfd8ce14824667c9fd55.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=5a4f29b1-8700-4281-9d81-13eafcb05169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90b06fe7cdeb82a7d17b4cbc1a3cc7430cb977ada5861e6ada0a36328cb7d77f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 14
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: BE27FBDD1173A7DD
x-amz-id-2: JY1Vdjhq/hnOe6txjwXTbdmVNGu6nVizy7Vue/KWhMjj7zm1hwkO9mXmSj9KKL6DlM14rGGhFIw=
last-modified: Wed, 30 Sep 2020 07:36:26 GMT
server: cloudflare
etag: W/"8b66e7f2552cffc27f93211543d15eae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: Nf3odmTTC06eO8dQO7etuEfz.nqd7r7q
cf-request-id: 05a0d833e30000fa58002eb200000001
cf-ray: 5de18fcc9c65fa58-AMS
expires: Thu, 30 Sep 2021 07:36:25 GMT

GET
H2 200 web_widget.15a7a809f6298aa75cf7.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 8A0F 852 KB
164 KB 83ms
82ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web_widget.15a7a809f6298aa75cf7.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=5a4f29b1-8700-4281-9d81-13eafcb05169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09dfcb77eac94de6c8e6ad330be9c33abd74becec23391bd5f99874226ee5f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 23836
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 5E3A803C4AD91630
x-amz-id-2: PIzius2HUCkXAw/EIbKci14GOmPxlFUiQ3bVE3fTBGfv9A/EI2a1mi1JyaavgCAi+7yEZIP3tgc=
last-modified: Fri, 02 Oct 2020 07:05:28 GMT
server: cloudflare
etag: W/"c4d0b16e270c7515c0d9f1ffc6fcf6b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: o3G6.nSu10hDW_CeTL4O.acqvnx7a_YG
cf-request-id: 05a0d833e30000fa58002ec200000001
cf-ray: 5de18fcc9c67fa58-AMS
expires: Sat, 02 Oct 2021 07:05:27 GMT

GET
H2 200 chat-sdk.cec40ba63b2a85de0a9c.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 8A0F 257 KB
50 KB 86ms
85ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/chat-sdk.cec40ba63b2a85de0a9c.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=5a4f29b1-8700-4281-9d81-13eafcb05169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8231103d519b2db6114b40807697ff8a7443f6ec6e939c8cb9cb4f5dee7348b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4286852
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 87A9D4B3DC3F0ADF
x-amz-id-2: brKjlUvrxP3u56FMt74TDFrccRPzTPolejrgElV0jFDzYN3ENmit3/dECZWSfE7Y2uUhya6W0Vc=
last-modified: Tue, 18 Aug 2020 02:33:45 GMT
server: cloudflare
etag: W/"c7b786c485c50d3373906fb0a543389a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: gFHPAMAugKmIKeMV9L0CtnaefbzoECil
cf-request-id: 05a0d833e30000fa58002ed200000001
cf-ray: 5de18fcc9c6afa58-AMS
expires: Wed, 18 Aug 2021 02:33:44 GMT

GET
H2 200 config Show response
toggle.zendesk.com/embeddable/ 541 B
1 KB 293ms
173ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://toggle.zendesk.com/embeddable/config

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64f8505c674d80dc887812f5e0d335801e935bf2b54dfc6bfa596e539f58f5ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
access-control-allow-methods: GET
vary: Origin, Accept-Encoding
cf-request-id: 05a0d8351c00009d0c0891d200000001
x-request-id: 5de18fce9cdd9d0c-IAD
x-runtime: 0.002232
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=20&lkg-time=1602010161"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-77649ff784-6rcwm
cf-ray: 5de18fce9cdd9d0c-AMS

GET
H2 200 optout_check Show response
beacon.krxd.net/ 80 B
239 B 228ms
75ms Script
text/javascript 54.155.253.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.farmers.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.253.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-253-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 24a3fe548b81ae88eceaed83f90985fec75657ee51e5d5ae03235c84963c067d

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 06 Oct 2020 18:49:20 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=35 t=1602010160
content-type: text/javascript
x-served-by: beacon-n018-dub-prod.krxd.net

GET
H2 200 en-us-json.cc8e73e5fe307bb27426.chunk.js Show response
static.zdassets.com/web_widget/latest/locales/ Frame 8A0F 25 KB
5 KB 62ms
61ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/locales/en-us-json.cc8e73e5fe307bb27426.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.78fb78df072fb5fc0997.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8882e31b1407e6da2e2dda44ffa9f1c1a9298059f7203c5fa7d50bee4899783

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6617516
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: AEFE79F66C7EBC1F
x-amz-id-2: zpwv65XFe49wftw1PecBmuA4sM32FIZ0WF0xzhWGFJx4v8F7g4WWCsLyd/Cyco/YGs/dsfWFyM4=
last-modified: Wed, 22 Jul 2020 04:05:08 GMT
server: cloudflare
etag: W/"c94e458331968060067c4539f118fd54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 5EVM6Ae5ZeloER_IP_K91Z5iUqcAli8n
cf-request-id: 05a0d835c60000fa580030d200000001
cf-ray: 5de18fcfabe6fa58-AMS
expires: Thu, 22 Jul 2021 04:05:07 GMT

GET
H2 200 framework-boot.783471d2d4f631d3bd58.chunk.js Show response
static.zdassets.com/web_widget/latest/lazy/ Frame 8A0F 7 KB
3 KB 57ms
57ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/lazy/framework-boot.783471d2d4f631d3bd58.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.78fb78df072fb5fc0997.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5df924b2e685a3550dc8f4a48f289b5fda31ae5938e1b8fa8958a85f2261dfe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 158531
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: A9DB8F310BF11A22
x-amz-id-2: iQ6BkHW1YW7WbH5z2Ot/PFvD0cfV3gQuhcq0dCZ8+fxD7Y7GjWyDq5oGAjgXpVGXSKj3SaJFDC4=
last-modified: Fri, 02 Oct 2020 07:04:35 GMT
server: cloudflare
etag: W/"90f9fa9dac51fa357911e04f57e1e4bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: VTVA5VxAPqBRF36ytmReP1Tg6UbIraNb
cf-request-id: 05a0d835c70000fa580030e200000001
cf-ray: 5de18fcfabe9fa58-AMS
expires: Sat, 02 Oct 2021 07:04:34 GMT

GET
H2 200 embeddable_blip Show response
toggle.zendesk.com/ Frame 8A0F 0
439 B 154ms
154ms XHR
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://toggle.zendesk.com/embeddable_blip?type=pageView&data=eyJwYWdlVmlldyI6eyJyZWZlcnJlciI6Imh0dHBzOi8vd3d3LmdldHRvZ2dsZS5jb20vcy80LzAvNDAxNzQtNzk2OTktc25vb2QuZXhlIiwidGltZSI6MzgsImxvYWRUaW1lIjoxNzUuMDMwMDAwNTA3ODMxNTcsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJUb2dnbGUgUmVudGVycyBJbnN1cmFuY2UiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2UsImlzUmVzcG9uc2l2ZSI6dHJ1ZSwidmlld3BvcnRNZXRhIjoid2lkdGg9ZGV2aWNlLXdpZHRoLGluaXRpYWwtc2NhbGU9MSxtaW5pbXVtLXNjYWxlPTEsbWF4aW11bS1zY2FsZT0xLHVzZXItc2NhbGFibGU9bm8iLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6IjBiMGNhNDg0NDY4MTA2Mzk3MGJhMWU1NGMwZjNlMjg2Iiwic3VpZCI6IjRjODMwZmI4ZmUzOGU5ZGM2Y2EwNTk4ODEzMTAzNmY2IiwidmVyc2lvbiI6IjdjMDk5N2I2MiIsInRpbWVzdGFtcCI6IjIwMjAtMTAtMDZUMTg6NDk6MjAuNjY2WiIsInVybCI6Imh0dHBzOi8vd3d3LmdldHRvZ2dsZS5jb20vcy80LzAvNDAxNzQtNzk2OTktc25vb2QuZXhlIn0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.dfd8ce14824667c9fd55.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:49:20 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=20&lkg-time=1602010161"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.gettoggle.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5de18fd05e069d0c-AMS
cf-request-id: 05a0d8363600009d0c08928200000001

GET
H2 206 chat-incoming-message-notification.mp3
static.zdassets.com/web_widget/static/ Frame 8A0F 19 KB
20 KB 84ms
84ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/static/chat-incoming-message-notification.mp3

Requested by

Host: www.gettoggle.com
URL: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 06 Oct 2020 18:49:21 GMT
cf-cache-status: DYNAMIC
x-amz-request-id: A4F2DF9F2BD92562
x-amz-server-side-encryption: AES256
cf-ray: 5de18fd38dc0fa58-AMS
status: 206
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: 2obruKVvnk9nbJkzxq+g7N0ia+d1dBx7shQcrGOBDCEMWeRJvX4H0nmrwSwIUEmpMqtMGJWIte8=
Content-Range: bytes 0-19697/19698
last-modified: Tue, 12 Feb 2019 01:07:53 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
x-amz-version-id: 7QfN44DQ.h7tzqx9G_4CeAsccdu5t2pF
cache-control: public, max-age=31536000
cf-request-id: 05a0d838310000fa5800334200000001
accept-ranges: bytes
content-type: audio/mpeg; charset=utf-8
expires: Wed, 12 Feb 2020 01:07:52 GMT

GET
H3-Q050 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/42/7/ 78 KB
29 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/42/7/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAoURhFyihWNMsMa_Rxb-cIs_P60RLFj38&libraries=places

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae0b4ff4de5608e74b027112367aa48a7e8d95bdcbf5046bb9b1bc32972f434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 17:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 30 Sep 2020 05:49:56 GMT
server: sffe
age: 4993
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29301
x-xss-protection: 0
expires: Wed, 06 Oct 2021 17:26:08 GMT

GET
H3-Q050 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/42/7/ 146 KB
54 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/42/7/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAoURhFyihWNMsMa_Rxb-cIs_P60RLFj38&libraries=places

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ce3792bf7fa9a0438d355851de797b7cc4104ddc6a5c18a172a563e943e6cac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 01:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 30 Sep 2020 05:49:56 GMT
server: sffe
age: 149884
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
expires: Tue, 05 Oct 2021 01:11:17 GMT

GET
H2 200 m-outer-f05f675c791120d177d112a6bf98fc69.html
js.stripe.com/v3/ Frame BD8D 0
0 90ms
90ms Document
text/html 99.86.243.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-f05f675c791120d177d112a6bf98fc69.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.49 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-49.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-f05f675c791120d177d112a6bf98fc69.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 215
x-amz-id-2: C8Ujn/pnh93t+BR3T0hMYrtmghFjBGXRvSFNFEZJqNHtnabqfTO5tjF0X78cOybxVYKZK9kFmb4=
x-amz-request-id: 2F10BA1A93387BE7
last-modified: Fri, 02 Oct 2020 21:44:41 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Tue, 06 Oct 2020 18:45:06 GMT
etag: "f05f675c791120d177d112a6bf98fc69"
cache-control: public, max-age=300
x-cache: Hit from cloudfront
via: 1.1 87459a7837f980cdc57ba8a2c23a55ae.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: KgyqbfO-uL-mNgvlorbi12KKymx3-i22_J1dAeMZ20jvShKfL_8XNA==
age: 256

GET
H3-Q050 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
247 B 47ms
47ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.gettoggle.com%2Fs%2F4%2F0%2F40174-79699-snood.exe&4sAIzaSyAoURhFyihWNMsMa_Rxb-cIs_P60RLFj38&callback=_xdc_._qkvwl4&key=AIzaSyAoURhFyihWNMsMa_Rxb-cIs_P60RLFj38&token=76817

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/42/7/common.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

de15e0ed6a3127ce5d88c591ee235f4ee2ceaaa03b67f435255b53725f53257c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Oct 2020 18:49:21 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=30
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 analyze Show response
r3.visualwebsiteoptimizer.com/ 0
142 B 136ms
136ms XHR
application/javascript 35.194.81.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://r3.visualwebsiteoptimizer.com/analyze?_a=377647&_u=https%3A%2F%2Fwww.gettoggle.com%2Fs%2F4%2F0%2F40174-79699-snood.exe
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.194.81.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 74.81.194.35.bc.googleusercontent.com
Software: r3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gettoggle.com/s/4/0/40174-79699-snood.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAXcEx0goZilJ1HnI

Response headers

status: 200
date: Tue, 06 Oct 2020 18:49:22 GMT
content-encoding: gzip
server: r3
access-control-allow-origin: *
content-type: application/javascript; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.gettoggle.com/	1970-01-19 13:00:11	Name: __stripe_sid Value: d803e843-c46f-4654-9676-1164e5c346aa3b4373
.www.gettoggle.com/	1970-01-19 21:45:46	Name: __stripe_mid Value: be01cfa5-d365-4d90-8779-0d40d1936379696207
www.gettoggle.com/	1970-01-19 21:45:46	Name: _fbuy_een-qnZ_last_popup Value: 2020-10-06
www.gettoggle.com/	1970-01-19 21:45:46	Name: _fbuy_buckets Value: %7B%22een-qnZ%22%3A%5B62361%2C1602010158720%5D%7D
.gettoggle.com/	1970-01-19 13:01:36	Name: _gid Value: GA1.2.474411515.1602010158
.gettoggle.com/	1970-01-19 21:47:12	Name: _vwo_uuid_v2 Value: D038BF7A97803A029F7253749644746A4\|6806c441290c90fec55094dee6f866f6
.gettoggle.com/	1970-01-19 13:00:13	Name: AMP_TOKEN Value: %24NOT_FOUND
.gettoggle.com/	1970-01-26 20:19:08	Name: ab.storage.sessionId.cbae2c92-ec19-4b79-b815-8fb01066f35e Value: %7B%22g%22%3A%22544f8701-8a16-3709-3485-59d5a49b1834%22%2C%22e%22%3A1602011957735%2C%22c%22%3A1602010157735%2C%22l%22%3A1602010157735%7D
.gettoggle.com/	1970-01-19 21:45:46	Name: mp_47afa206c21a96af8affad1b18a9439a_mixpanel Value: %7B%22distinct_id%22%3A%20%22174ff3f1284469-0b3ac78ffa3b3f-1b396256-1d4c00-174ff3f1285a4b%22%2C%22%24device_id%22%3A%20%22174ff3f1284469-0b3ac78ffa3b3f-1b396256-1d4c00-174ff3f1285a4b%22%2C%22mp_lib%22%3A%20%22Segment%3A%20web%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.gettoggle.com/	1970-01-20 06:31:22	Name: _ga Value: GA1.2.223167450.1602010158
.gettoggle.com/	1970-01-26 20:19:08	Name: ab.storage.deviceId.cbae2c92-ec19-4b79-b815-8fb01066f35e Value: %7B%22g%22%3A%22be57b45c-fcac-4bcc-7ee9-f478969a6229%22%2C%22c%22%3A1602010157737%2C%22l%22%3A1602010157737%7D
.gettoggle.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.krxd.net/	1970-01-19 17:19:22	Name: _kuid_ Value: NsCkKKX8
.gettoggle.com/	1970-01-23 04:36:10	Name: _vwo_uuid Value: D038BF7A97803A029F7253749644746A4
.gettoggle.com/	1970-01-19 13:00:11	Name: _vwo_sn Value: 0%3A1%3Ar3.visualwebsiteoptimizer.com%3A1%3A1
.gettoggle.com/	1970-01-19 21:45:46	Name: __zlcmid Value: 10XjUQa1Saexs3X
.gettoggle.com/	1970-01-19 15:09:46	Name: _vwo_ds Value: 3%3Aa_1%2Ct_1%3A0%241602010156%3A9.79672852%3A%3A%3A3_1%2C2_1%3A0
.gettoggle.com/	1970-01-19 15:24:10	Name: _vis_opt_s Value: 1%7C

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://cdn.ravenjs.com/3.26.4/raven.min.js(Line 2) Message: The Okta Sign-In Widget is running in development mode. When you are ready to publish your app, embed the minified version to turn on production mode. See: https://developer.okta.com/code/javascript/okta_sign-in_widget#cdn

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampcid.google.com
ampcid.google.de
api-js.mixpanel.com
api.gettoggle.com
bat.bing.com
beacon.krxd.net
cdn.krxd.net
cdn.mxpnl.com
cdn.ravenjs.com
cdn.segment.com
cdn1.friendbuy.com
cdnjs.cloudflare.com
connect.facebook.net
consumer.krxd.net
dev.visualwebsiteoptimizer.com
djnf6e5yyirys.cloudfront.net
ekr.zdassets.com
googleads.g.doubleclick.net
i.pretected.com
js.appboycdn.com
js.stripe.com
maps.googleapis.com
maxcdn.bootstrapcdn.com
pf.toggle.com
pro.fontawesome.com
r3.visualwebsiteoptimizer.com
sdk.iad-03.braze.com
static.zdassets.com
toggle.zendesk.com
ws.friendbuy.com
www.gettoggle.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.nextinsure.com
www.quotelab.com
104.16.53.111
104.18.70.113
142.250.74.194
143.204.94.3
143.204.94.72
151.101.113.208
151.101.114.133
151.139.128.8
184.73.172.209
2001:4de0:ac19::1:b:1b
23.23.209.90
23.37.42.150
2600:1901:0:bc29::
2606:4700:10::6816:84f
2606:4700::6811:4f6b
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:806::200a
2a00:1450:4001:815::2003
2a00:1450:4001:816::200e
2a00:1450:4001:817::2002
2a00:1450:4001:81d::2004
2a00:1450:4001:81f::2008
2a00:1450:4001:81f::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42::729
34.96.102.137
35.190.25.25
35.194.81.74
52.8.216.17
52.84.116.87
54.152.90.171
54.155.253.5
99.86.243.49
99.86.244.81
09cbfdb435e057769f8cca830918333f4694706db624f7e725fa140d7b0a8670
09dfcb77eac94de6c8e6ad330be9c33abd74becec23391bd5f99874226ee5f7e
0cc64c861b1a3f99eb80a9c6fa94c2b1393136d9312942369255589eb2efe57e
1b71dd5bde39e95d21b4e683def553528ca1a028980169b914caef0548bb6df8
24a3fe548b81ae88eceaed83f90985fec75657ee51e5d5ae03235c84963c067d
264e4f602c3c1cf8a898979a6788ad35830615b61fede5a22e554175e135e8a1
289e4a4c65713d1a520b1ae1aabb774ef1af63946c24bfb371027ba431958291
2adf1aff3ac3a8076e87653f6e335649221d98f1f3e2a50c1b9b1a718c0ee636
3b6205206b5c515bb685b81ad82ecedf1264a0f1b6b0a99b2d89ce18fe30bc5e
4232e3c12b3860ed86f62ab38ee1a711ba7393218593d61cefa8100c28afdd6f
44dd62d6a622a6198df9bfcfc1acbf414706e86c57dfc1d0f15b147fa7f25ae0
4a402ce877ebb5115d72f77cd15082976d7a24f0f6c50b9971ab7ddb35e70341
524ced31234f6b3ad0da2501dc3cbbbf4ffaf68cb925ee67cbe8c63222ad8dd7
52a04958a528f2e0b2e06941cb57c3087b9b4d5db5526c07d8d1d8fbee03a976
52b970231b6acd054a470b232aec5aee2493e1a4fc07a54557cc524f11343c2e
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
5df924b2e685a3550dc8f4a48f289b5fda31ae5938e1b8fa8958a85f2261dfe3
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
64f8505c674d80dc887812f5e0d335801e935bf2b54dfc6bfa596e539f58f5ca
68478bb908e2c033097f3392d2930c2489f90c47dd37a03ff7840be24efebf04
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
720ddaa1b2433514e35c7c767470b22a0a8f7448d4b88cb68e97f794ae7a2ed9
75d97910c4aba73f84e5698a2f32a433d4becba948cbd5b5841c2a35eda1df3f
766618d32072335f0a3da8b317bb095e5541de3e20068bcdd31cc638478f0188
7ae0b4ff4de5608e74b027112367aa48a7e8d95bdcbf5046bb9b1bc32972f434
7ce3792bf7fa9a0438d355851de797b7cc4104ddc6a5c18a172a563e943e6cac
8231103d519b2db6114b40807697ff8a7443f6ec6e939c8cb9cb4f5dee7348b2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
893763cea569af81fe94eedc6b58a9e0463dc04fc2097cffc5c0c93cbdec5f6e
8b91385dbab11bbdc9207fe377d20218880c7302640e0a720fb4dcf007011adf
8d66f22bfbb7e0b7de230ba3134e49668e4aa08313a97d85b72c330d4fe01531
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
90b06fe7cdeb82a7d17b4cbc1a3cc7430cb977ada5861e6ada0a36328cb7d77f
93db6ff0af01c1416a4cf5643fa970e6facf75aa2c38a66404085039c2314e33
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9c1d6def6ca0cc6623804a91878abb740d345ebf62134ba97f70006ea996d888
9eec32629faf42af6e5a33d81964998687b677cda3447f0bab6a025dec1c1db3
a0cb26743fdafb48be3c91a32d44ea571beef74b72ab7de895c5af75bfa9e614
a19d911b31edec2f305f5ea810a047449bc40c7baf6514ed83874a41b93d0896
a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3
aed54c0e8ace1b67d15162b0fddaaee150d8bbf22454b99986d4c0b455e5bf40
b03295cd7770fb022e86b4b5c103aa013cefe870282c7eee6db0c2ec76ba2aa5
b8882e31b1407e6da2e2dda44ffa9f1c1a9298059f7203c5fa7d50bee4899783
b8a01b01a8545511558be10066e3eb5af36f93ba7135552b235e30d612f58997
c4b5bab95d61ca9afc4427f33cadc6d43844a6ebe7794c08924d4206f10ac64d
c58a8afff64d04b21348a18b769866dc6ecf1e93307288b020595ec7909ae846
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbd696a341fba2a017f123d935456433a4f75c4285012425c6d8a440a0668925
cc5a2f1fad1e8d2faecc93d950c930a23f2c51e587881cffca144f04d32bf6a6
cf13864e954eff29096bae6fb011c8ad7104d9327941afd411ec01010f0a2a02
d948898fd2b414fb687c3e21d364134b0cde69557972bac45f93440feddf3412
dab025b3b3b319e6f95848d1345febdf2df4bedf94829ea79b261eae274f0fcd
dbbe6b2a26743764f6b63fc8aa1202ae86d74fdc0c759d5bba381e4adb21b815
de15e0ed6a3127ce5d88c591ee235f4ee2ceaaa03b67f435255b53725f53257c
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4810c356715f401a26901fc0500c8b128499bde3ee972c4a464eedfbc6c638b
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
ed17bb041c521cc7d3e1ad6b070f10358e25472939bb4cb4b3f80596d776d0f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa48dd62df42e688aee0de509a3afb59a9dd2fbaca230a32f45631cedb91c70e
fd249edeb03976f66c2118f0f87d1922af303a0ba74165f63f1859df9ede234a

www.gettoggle.com Open in urlscan Pro 143.204.94.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

99 %HTTPS

43 %IPv6

30 Domains

38 Subdomains

35 IPs

5 Countries

2546 kBTransfer

8767 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gettoggle.com Open in urlscan Pro
143.204.94.72 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

99 %
HTTPS

43 %
IPv6

30
Domains

38
Subdomains

35
IPs

5
Countries

2546 kB
Transfer

8767 kB
Size

18
Cookies

78 HTTP transactions
0 data transactions