urlscan.io logo urlscan.io
SecurityTrails logo

truthinit.lpages.co Open in urlscan Pro
35.202.21.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://enterpriseitlink.com/index.php/campaigns/on811zvd99b6a/track-url/gn9063q72q6f5/6088072c8453ab8b50361401209d70b5c254d035
Effective URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Submission: On November 07 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 6 countries across 18 domains to perform 44 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is truthinit.lpages.co.
TLS certificate: Issued by R3 on October 14th 2022. Valid for: 3 months.
This is the only time truthinit.lpages.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.37.75.98 16276 (OVH)
1 1 51.195.101.2 16276 (OVH)
1 35.202.21.90 396982 (GOOGLE-CL...)
1 34.107.203.240 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 1 52.211.62.131 16509 (AMAZON-02)
10 18.66.112.110 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 136.143.191.67 2639 (ZOHO-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
4 35.192.151.63 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
3 185.20.209.147 41913 (COMPUTERL...)
44 16
1    54.37.75.98 (France)

ASN16276 (OVH, FR)
PTR: vps-f435647e.todaytechupdates.com
enterpriseitlink.com
1    51.195.101.2 (France)

ASN16276 (OVH, FR)
PTR: vps-d7465e45.techtrainus.com
app.techtrainus.com
1    35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com
truthinit.lpages.co
1    34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com
static.leadpages.net
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    52.211.62.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-62-131.eu-west-1.compute.amazonaws.com
addevent.com
10    18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net
cdn.addevent.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:82f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
js.center.io
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    136.143.191.67 (United States)

ASN2639 (ZOHO-AS, US)
salesiq.zoho.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com
api.leadpages.io
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    185.20.209.147 (Switzerland)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)
css.zohocdn.com
js.zohocdn.com
Apex Domain
Subdomains		 Transfer
11 addevent.com
addevent.com — Cisco Umbrella Rank: 18604
cdn.addevent.com — Cisco Umbrella Rank: 39718
18 KB
7 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 164
217 KB
4 leadpages.io
api.leadpages.io — Cisco Umbrella Rank: 49660
2 KB
3 zohocdn.com
css.zohocdn.com — Cisco Umbrella Rank: 21500
js.zohocdn.com — Cisco Umbrella Rank: 19130
19 KB
3 gstatic.com
fonts.gstatic.com
75 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
203 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 97
20 KB
2 zoho.com
salesiq.zoho.com — Cisco Umbrella Rank: 21492
42 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
112 KB
2 center.io
js.center.io — Cisco Umbrella Rank: 57008
8 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
2 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
441 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 361
17 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121
43 KB
1 leadpages.net
static.leadpages.net — Cisco Umbrella Rank: 53978
15 KB
1 lpages.co
truthinit.lpages.co
20 KB
1 techtrainus.com
app.techtrainus.com
643 B
1 enterpriseitlink.com
enterpriseitlink.com
381 B
44 18
Domain Requested by
10 cdn.addevent.com truthinit.lpages.co
7 lh3.googleusercontent.com truthinit.lpages.co
4 api.leadpages.io js.center.io
3 fonts.gstatic.com fonts.googleapis.com
2 css.zohocdn.com salesiq.zoho.com
css.zohocdn.com
2 www.facebook.com truthinit.lpages.co
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 salesiq.zoho.com truthinit.lpages.co
salesiq.zoho.com
2 connect.facebook.net truthinit.lpages.co
connect.facebook.net
2 js.center.io truthinit.lpages.co
js.center.io
2 fonts.googleapis.com truthinit.lpages.co
client
1 js.zohocdn.com salesiq.zoho.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdnjs.cloudflare.com truthinit.lpages.co
1 addevent.com 1 redirects
1 www.googletagmanager.com truthinit.lpages.co
1 static.leadpages.net truthinit.lpages.co
1 truthinit.lpages.co
1 app.techtrainus.com 1 redirects
1 enterpriseitlink.com 1 redirects
44 20

This site contains no links.

Subject Issuer Validity Valid
*.lpages.co
R3		 2022-10-14 -
2023-01-12		 3 months crt.sh
static.leadpages.net
GTS CA 1D4		 2022-10-31 -
2023-01-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.center.io
Go Daddy Secure Certificate Authority - G2		 2021-11-22 -
2022-12-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.zoho.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-22 -
2023-04-22		 a year crt.sh
*.addevent.com
Amazon		 2022-08-28 -
2023-09-26		 a year crt.sh
*.leadpages.io
Go Daddy Secure Certificate Authority - G2		 2022-10-27 -
2023-10-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.zohocdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-03 -
2023-10-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Frame ID: 9B3418D546B0E2471CBFF71580EFC810
Requests: 43 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 80CB10879D758B53A4D9935F86B4EDCD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Confirmation 360View-10-Oct

Page URL History Show full URLs

  1. http://enterpriseitlink.com/index.php/campaigns/on811zvd99b6a/track-url/gn9063q72q6f5/6088072c8453ab8b50... HTTP 301
    https://app.techtrainus.com/index.php/campaigns/on811zvd99b6a/track-url/gn9063q72q6f5/6088072c8453ab8b50... HTTP 301
    https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Page Statistics

44
Requests

98 %
HTTPS

53 %
IPv6

18
Domains

20
Subdomains

16
IPs

6
Countries

611 kB
Transfer

1323 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://enterpriseitlink.com/index.php/campaigns/on811zvd99b6a/track-url/gn9063q72q6f5/6088072c8453ab8b50361401209d70b5c254d035 HTTP 301
    https://app.techtrainus.com/index.php/campaigns/on811zvd99b6a/track-url/gn9063q72q6f5/6088072c8453ab8b50361401209d70b5c254d035 HTTP 301
    https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://addevent.com/libs/atc/1.6.1/atc.min.js HTTP 301
  • https://cdn.addevent.com/legacy2000/libs/atc/1.6.1/atc.min.js

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
truthinit.lpages.co/confirmation-360view-10-oct/
Redirect Chain
  • http://enterpriseitlink.com/index.php/campaigns/on811zvd99b6a/track-url/gn9063q72q6f5/6088072c8453ab8b50361401209d70b5c254d035
  • https://app.techtrainus.com/index.php/campaigns/on811zvd99b6a/track-url/gn9063q72q6f5/6088072c8453ab8b50361401209d70b5c254d035
  • https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
97 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
3cd723f7190bdddeb6f62c125c33461717aca4777a88a500777e2de9aa875a63
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
br
content-type
text/html
date
Mon, 07 Nov 2022 20:38:36 GMT
etag
W/"ecaf8d3dcc09cd2914a50505c318b162"
last-modified
Fri, 28 Oct 2022 11:17:40 GMT
server
Leadpages
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-cache
MISS, HIT

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Nov 2022 20:38:36 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Mon, 07 Nov 2022 20:38:36 GMT
Location
https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Pragma
no-cache
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
Transfer-Encoding
chunked
Vary
User-Agent
X-Powered-By
PHP/7.4.30
X-XSS-Protection
1; mode=block
all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 		58 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:29:51 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
1861726
etag
"rvb96Q"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-cloud-trace-context
0918796fedad071cb1cb0fedbd578c38
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14628
expires
Tue, 17 Oct 2023 07:29:51 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Nov 2022 20:38:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 20:22:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Nov 2022 20:38:37 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-100773206-1
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2a1c39b6e63767c901f0381810aba3424b3895e581f256fd3dcdddfaf1fb97a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:38:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43646
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 19:14:28 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 07 Nov 2022 20:38:37 GMT
I0L5-Arl06ZLm7sGqqQDVVTP5yjCb5iydIw5NZ5oN_9HNXEvdiz-J1_EpzDdDm22kGwkQsMnhXG6yB8IQ3rFYO_JNjOCt2hzQA=w16
lh3.googleusercontent.com/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/I0L5-Arl06ZLm7sGqqQDVVTP5yjCb5iydIw5NZ5oN_9HNXEvdiz-J1_EpzDdDm22kGwkQsMnhXG6yB8IQ3rFYO_JNjOCt2hzQA=w16
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d6361dcf1251fd2fd1b270b12fae64052bfc04c3a8d99e8c8e32e9c003d3d5f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:38:37 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3545
x-xss-protection
0
expires
Tue, 08 Nov 2022 20:38:37 GMT
atc.min.js
cdn.addevent.com/legacy2000/libs/atc/1.6.1/
Redirect Chain
  • https://addevent.com/libs/atc/1.6.1/atc.min.js
  • https://cdn.addevent.com/legacy2000/libs/atc/1.6.1/atc.min.js
32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.addevent.com/legacy2000/libs/atc/1.6.1/atc.min.js
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cfddf20d04f7f3f75603868ad2b4bdbcfd5b5520e177d0231f6e2ab2241354d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 00:18:57 GMT
content-encoding
br
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
73181
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 Jun 2022 09:22:36 GMT
server
AmazonS3
etag
W/"d4881a6054da56bd933dff9367745f8c"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
sr93LwTfX718x-h-Emo9tMC0Lrv7nTO-vZmo0Nhz1-wesS0-uuwnjw==

Redirect headers

location
https://cdn.addevent.com:443/legacy2000/libs/atc/1.6.1/atc.min.js
date
Mon, 07 Nov 2022 20:38:37 GMT
server
awselb/2.0
content-length
134
content-type
text/html
Lmt4nCYnUAnD9hI0NHbJI4tYL0v1ICFo5ETgBHIRqyZUlZfPBNx1Cwo-lK4gVsl1tHUaltGwb2UbkYZj9d3VKty2PMfe211GPo6a=s0
lh3.googleusercontent.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/Lmt4nCYnUAnD9hI0NHbJI4tYL0v1ICFo5ETgBHIRqyZUlZfPBNx1Cwo-lK4gVsl1tHUaltGwb2UbkYZj9d3VKty2PMfe211GPo6a=s0
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
76352541f7e669622a162b9f1980abfba7da4a551d79b54b786805231205c2e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:38:37 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6154
x-xss-protection
0
expires
Tue, 08 Nov 2022 20:38:37 GMT
5zI3MBhgq8L-rL1pHrgbX-acBjj_bJuNQUWRK9OZF0f9OBeg_i8XERzk9ID43LOmcQKxbHbX7eN2_468-PFBa7fZD5J1fCSI4yI=s0
lh3.googleusercontent.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/5zI3MBhgq8L-rL1pHrgbX-acBjj_bJuNQUWRK9OZF0f9OBeg_i8XERzk9ID43LOmcQKxbHbX7eN2_468-PFBa7fZD5J1fCSI4yI=s0
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2335cd9330c0799dd1cdd03455debb94cac85c5c25895d8bcd9fa61d53662e9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:38:37 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6075
x-xss-protection
0
expires
Tue, 08 Nov 2022 20:38:37 GMT
eMjWkkBosZO_EnOXJ2Ov6TH3QaOa85-RgSNJ48Lr8oSNciY1gepY0vMRvDDy5ffa3OZ2YT6YEnpkPXdtnftAHcx7_Ikn5rWvBvQ=s0
lh3.googleusercontent.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/eMjWkkBosZO_EnOXJ2Ov6TH3QaOa85-RgSNJ48Lr8oSNciY1gepY0vMRvDDy5ffa3OZ2YT6YEnpkPXdtnftAHcx7_Ikn5rWvBvQ=s0
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
84ac707aa6e621a3627eba56d947d88649ee0138a2991b1a7c945ef84a80af55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:38:37 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5161
x-xss-protection
0
expires
Tue, 08 Nov 2022 20:38:37 GMT
scU8bSErvPqpkySI7YTKrESP6SnkN_WYODeNPan2pUdwUzDdwPSB5-fMwO2HXFnBkq031yaEIqbnWkUdKXRCBBmmwaaOLcO8oQ=w16
lh3.googleusercontent.com/ 		311 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/scU8bSErvPqpkySI7YTKrESP6SnkN_WYODeNPan2pUdwUzDdwPSB5-fMwO2HXFnBkq031yaEIqbnWkUdKXRCBBmmwaaOLcO8oQ=w16
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7e97af9197739673464ce8a56b272641a7565b51b3f392661a76fafaefa78379
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:38:37 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 04 Nov 2022 13:23:18 GMT
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/moment.min.js
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6802973fc0c75ad67b4810ae2aa16278608b675787c11ccc32c2e9e3f203ea7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:38:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
867385
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16963
last-modified
Wed, 20 May 2020 06:50:28 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ec4d334-e5ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BllQtBcSwKAYDnB9Cf2LH%2F6cGYWMv2Tl1%2B96Sd5LDSTQgw4Nw3C8vGIJh7NJrt%2FkeYpnRzLXBu1HGG3nsVngADZ7BS02IhvoJJyzT0%2FLM7hHIKy37UjjXFAQ%2BICkcTqMcUuQrvRB451S31YMAc9pBDqE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7668dfa2c9afbbd3-FRA
expires
Sat, 28 Oct 2023 20:38:37 GMT
center.js
js.center.io/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.center.io/center.js
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:38:37 GMT
content-encoding
gzip
server
Google Frontend
age
0
etag
"OMWYXg"
content-type
application/javascript
x-cloud-trace-context
73e241e45043896600b707a3dc828b8c
cache-control
public, max-age=300
content-length
5417
expires
Mon, 07 Nov 2022 20:43:37 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 07 Nov 2022 20:38:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27337
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
wrnkur6nYWppxV5BtpvnS2w/X385aFlqo7HtqVcePbu4A32DjSnMewZIJ1BupePXwdZhlItaBa72ii/yHVY2Yg==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://truthinit.lpages.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 05:09:29 GMT
x-content-type-options
nosniff
age
314948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Nov 2023 05:09:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://truthinit.lpages.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 13:14:53 GMT
x-content-type-options
nosniff
age
285824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Nov 2023 13:14:53 GMT
widget
salesiq.zoho.com/ 		113 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://salesiq.zoho.com/widget
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.191.67 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
66e9be2835ff51249b636c6d1c65def39717e2143aaedbecce9f575e581531e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
Date
Mon, 07 Nov 2022 20:38:37 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Server
ZGS
ETag
W/b3bab92b4145b0ef94bb1f66d1705a9e28a82bd34655bdc7a200c09f199f4b0c
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Connection
keep-alive
Expires
Mon, 07 Nov 2022 20:43:37 GMT
1375606289189609
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1375606289189609?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7f6956cc1a4894827ac687fcb23a7f496fad99982b6fec6f0c81a9281e067e6f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 07 Nov 2022 20:38:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
J594WHye0s+iQfCGrXgZdr1o7HFpO6pI04drXDrGdepLVVCuIF7UhgOPpJuPkYkwp2OYIo3qPBSJFHTYbfovDQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
I0L5-Arl06ZLm7sGqqQDVVTP5yjCb5iydIw5NZ5oN_9HNXEvdiz-J1_EpzDdDm22kGwkQsMnhXG6yB8IQ3rFYO_JNjOCt2hzQA=w1000
lh3.googleusercontent.com/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/I0L5-Arl06ZLm7sGqqQDVVTP5yjCb5iydIw5NZ5oN_9HNXEvdiz-J1_EpzDdDm22kGwkQsMnhXG6yB8IQ3rFYO_JNjOCt2hzQA=w1000
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
023fd798c2b14f97f299a3ec069d24aa074ca2bba49f722d56366a27e8ea6ce1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:38:37 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194086
x-xss-protection
0
expires
Tue, 08 Nov 2022 20:38:37 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-100773206-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Nov 2022 19:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4428
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 07 Nov 2022 21:24:49 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1375606289189609&ev=PageView&dl=https%3A%2F%2Ftruthinit.lpages.co%2Fconfirmation-360view-10-oct%2F%3Faffid%3Dilir%26email%3Djamie.waterhouse%40ubs.com%26first%3DJamie%26last%3DWaterhouse&rl=&if=false&ts=1667853517364&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1667853517357.1301975117&it=1667853517267&coo=false&rqm=GET
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 07 Nov 2022 20:38:37 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
css2
fonts.googleapis.com/ 		11 KB
934 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter&family=Open+Sans:ital,wght@0,400;0,600;1,400&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a28f1d4f019b007adb51867d409046e4f2c66348dfe5708c46107ac65cd5d149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Nov 2022 20:38:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 19:06:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Nov 2022 20:38:37 GMT
icon-calendar-t5.png
cdn.addevent.com/libs/imgs/ 		150 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.addevent.com/libs/imgs/icon-calendar-t5.png
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6b0ca3d4b707e8f3d83d767adbc6170d6e5ee30cc194fe2c689f3c98abe4103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 04:07:38 GMT
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
59612
x-cache
Hit from cloudfront
content-length
150
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Nov 2021 14:38:40 GMT
server
AmazonS3
etag
"25306d88428e3c5d378ceccc2ef8c9d1"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
qqjEWJY8oh11K-o-EZlMTyI5gK8LA2rSY0UWwjv4C_HbwCscIGaMfQ==
icon-calendar-t1.svg
cdn.addevent.com/libs/imgs/ 		659 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.addevent.com/libs/imgs/icon-calendar-t1.svg
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e16aaad0806140e2da858ecc53385963ea2f7d96ac514288de532b23bfa6250
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 02:08:12 GMT
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
66642
x-cache
Hit from cloudfront
content-length
659
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Nov 2021 14:38:39 GMT
server
AmazonS3
etag
"a8b27deb29c234aeba4d7f5fa73ebf44"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
CloKBGfjgfVIRTeJ7lYgRMPkNEZeBL4XHPLV1P_Vg1oBPR2rmpYlyQ==
icon-apple-t5.svg
cdn.addevent.com/libs/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.addevent.com/libs/imgs/icon-apple-t5.svg
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0090132fc9250b8af2d107dbc6095334b28661202c62a2ce5da1b05fa5fdfeea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 05:36:02 GMT
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
54230
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Nov 2021 14:38:39 GMT
server
AmazonS3
etag
W/"dc5557ce99254f1b085b901bf32c59f6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
gb9j49hIDIT8sIZ9J3z8Tn1IAYkq2uehW17vbSjN9_ufY3LrmNHq7A==
icon-facebook-t5.svg
cdn.addevent.com/libs/imgs/ 		628 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.addevent.com/libs/imgs/icon-facebook-t5.svg
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e56a42dcf4f255898159d98cabf52c2ad34e7d70a6ca877cf1e99dc29fd3a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 03:43:23 GMT
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
60998
x-cache
Hit from cloudfront
content-length
628
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Nov 2021 14:38:40 GMT
server
AmazonS3
etag
"f7bdcc734328c93b652a386e76659cc3"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
RY9logLx5kEREwv1uYTG2PZNAg7CZMvnn0hJxEKzmKbQ7pNAvmwyRQ==
icon-google-t5.svg
cdn.addevent.com/libs/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.addevent.com/libs/imgs/icon-google-t5.svg
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f22c8d9f461e520c0977d8c8592d6b76a6413194399c5e52d883a1c58cc71fcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 08:41:04 GMT
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
43056
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Nov 2021 14:38:40 GMT
server
AmazonS3
etag
W/"c25c73163339e3d519189795001712c1"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
bSWB6Hh6u0HbBJKU-_ibg5ke2dmew1Je6QEiZmUPM6k3ftnRlWi2PQ==
icon-office365-t5.svg
cdn.addevent.com/libs/imgs/ 		256 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.addevent.com/libs/imgs/icon-office365-t5.svg
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caf28e24fcfc37e2b6b79b3f67fb64f85adfc99b8f542e317fa3ca1bfd7293c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 03:43:23 GMT
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
60998
x-cache
Hit from cloudfront
content-length
256
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Nov 2021 14:38:40 GMT
server
AmazonS3
etag
"2515acaf7e8291e1deb738254cf7aad6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
dNXMnIHafpsMSlummfiPalwkdgxzjMPFcD7nDm1C8pniA61Rl1IE3w==
icon-outlook-t5.svg
cdn.addevent.com/libs/imgs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.addevent.com/libs/imgs/icon-outlook-t5.svg
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3436c8c169e8061927fa5f95eb337fcd255002b26fd173281f4216f399c8aea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 04:07:38 GMT
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
59499
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Nov 2021 14:38:41 GMT
server
AmazonS3
etag
W/"357f1e3a95085d808d47ac6e371a5b4d"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
bEM899T2mx9Sm7fsyPS3mqMM4Tulkst2M0HV5K7GvcQ-czfmv0j_Gg==
icon-outlookcom-t5.svg
cdn.addevent.com/libs/imgs/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.addevent.com/libs/imgs/icon-outlookcom-t5.svg
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
471c41641cd552e03e9f5ee0f957e4e2fc2c2eb00107bd8598da77f3de1742d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 01:03:23 GMT
content-encoding
br
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
70542
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Nov 2021 14:38:41 GMT
server
AmazonS3
etag
W/"54265beb2d8de84c00b474adc2697c9c"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
mj0NwmP77I2zDMnAWF3AAReYIfexkktwHxu7ikIWd6WleSVBGsC_YA==
icon-yahoo-t5.svg
cdn.addevent.com/libs/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.addevent.com/libs/imgs/icon-yahoo-t5.svg
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
074060913408f6f94a281abd242d63bd7225a7d28cec1de40953bada68bc50f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 05:50:39 GMT
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
62015
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Nov 2021 14:38:41 GMT
server
AmazonS3
etag
W/"2bb4e663c6a6e4157c8b46d4de0d5693"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
CZfl9LxGCUAwnVcu803FeuMzMbcasf2vEJdEqnbsiyJXDGfxJkbk6A==
scU8bSErvPqpkySI7YTKrESP6SnkN_WYODeNPan2pUdwUzDdwPSB5-fMwO2HXFnBkq031yaEIqbnWkUdKXRCBBmmwaaOLcO8oQ=w317
lh3.googleusercontent.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/scU8bSErvPqpkySI7YTKrESP6SnkN_WYODeNPan2pUdwUzDdwPSB5-fMwO2HXFnBkq031yaEIqbnWkUdKXRCBBmmwaaOLcO8oQ=w317
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1a4db70f1462d29a037df5e4b98923e18d74c5fc10a08bfb8205e6a88f2e31bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:38:37 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6325
x-xss-protection
0
expires
Tue, 08 Nov 2022 20:38:37 GMT
identify.html
js.center.io/ Frame 80CB 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.center.io/identify.html
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer
https://truthinit.lpages.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
94
cache-control
public, max-age=300
content-encoding
gzip
content-length
2016
content-type
text/html
date
Mon, 07 Nov 2022 20:37:03 GMT
etag
"OMWYXg"
expires
Mon, 07 Nov 2022 20:42:03 GMT
server
Google Frontend
x-cloud-trace-context
3892c8c59bb94c28722a2cf27aae6c58
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=488363172&t=pageview&_s=1&dl=https%3A%2F%2Ftruthinit.lpages.co%2Fconfirmation-360view-10-oct%2F%3Faffid%3Dilir%26email%3Djamie.waterhouse%40ubs.com%26first%3DJamie%26last%3DWaterhouse&ul=en-us&de=UTF-8&dt=Confirmation%20360View-10-Oct&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1435584206&gjid=78601880&cid=1743479001.1667853517&tid=UA-100773206-1&_gid=723180481.1667853517&_r=1&gtm=2oub20&z=647095442
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://truthinit.lpages.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:38:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://truthinit.lpages.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter&family=Open+Sans:ital,wght@0,400;0,600;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://truthinit.lpages.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 18:50:34 GMT
x-content-type-options
nosniff
age
6483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 18:50:34 GMT
capture
api.leadpages.io/analytics/v1/events/ 		35 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/events/capture?k=association&a=&l=&v=&e=jamie.waterhouse%40ubs.com&st=&lc=en-US&pid=cKp5rNi8nh5SVTXH4ssiTA&uid=kLmnEsMgkD6w6Jtpr79GNh&sid=nX6MU88JJCLgGBfiPssgHU&cid=lp-MguXLxH3g7EtfnffsHxdE6&uri=https%3A%2F%2Ftruthinit.lpages.co%2Fconfirmation-360view-10-oct%2F%3Faffid%3Dilir%26email%3Djamie.waterhouse%40ubs.com%26first%3DJamie%26last%3DWaterhouse&rf=&rx=1600&ry=1200&tz=%2B00%3A00
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 20:38:37 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://truthinit.lpages.co
X-Forwarded-For
178.162.209.142
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
050d5v6akkif5purscm0
capture
api.leadpages.io/analytics/v1/events/ 		35 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=MguXLxH3g7EtfnffsHxdE6&v=&e=&st=&lc=en-US&pid=cKp5rNi8nh5SVTXH4ssiTA&uid=kLmnEsMgkD6w6Jtpr79GNh&sid=nX6MU88JJCLgGBfiPssgHU&cid=lp-MguXLxH3g7EtfnffsHxdE6&uri=https%3A%2F%2Ftruthinit.lpages.co%2Fconfirmation-360view-10-oct%2F%3Faffid%3Dilir%26email%3Djamie.waterhouse%40ubs.com%26first%3DJamie%26last%3DWaterhouse&rf=&rx=1600&ry=1200&tz=%2B00%3A00
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 20:38:37 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://truthinit.lpages.co
X-Forwarded-For
178.162.209.142
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
050da4sbcu87nkm16qt0
collect
stats.g.doubleclick.net/j/ 		1 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-100773206-1&cid=1743479001.1667853517&jid=1435584206&gjid=78601880&_gid=723180481.1667853517&_u=YEBAAUAAAAAAACAAI~&z=1720313711
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://truthinit.lpages.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 07 Nov 2022 20:38:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://truthinit.lpages.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1375606289189609&ev=Microdata&dl=https%3A%2F%2Ftruthinit.lpages.co%2Fconfirmation-360view-10-oct%2F%3Faffid%3Dilir%26email%3Djamie.waterhouse%40ubs.com%26first%3DJamie%26last%3DWaterhouse&rl=&if=false&ts=1667853517867&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Confirmation%20360View-10-Oct%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Confirmation%20360View-10-Oct%22%2C%22og%3Adescription%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.2.1667853517357.1301975117&it=1667853517267&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/confirmation-360view-10-oct/?affid=ilir&email=jamie.waterhouse@ubs.com&first=Jamie&last=Waterhouse
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 07 Nov 2022 20:38:37 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
website
salesiq.zoho.com/visitor/v2/channels/ 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://salesiq.zoho.com/visitor/v2/channels/website?widgetcode=b5094626a90023663cb925535af87184522b041195842eeb97becbfb9a9f0e63&internal_channel_req=true&language_api=true&browser_language=en&current_domain=https%3A%2F%2Ftruthinit.lpages.co&pagetitle=Confirmation%20360View-10-Oct&include_fields=avuid
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.191.67 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
e7300aec4dbe2f3511caba909e8edf47e8760c9919d018931eaa7732275ece6d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 20:38:38 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1
Server
ZGS
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://truthinit.lpages.co
Content-Language
de-DE
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Encoding
UTF-8
Access-Control-Allow-Headers
Content-Type,x-siq-internal-channel
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=42,258,255,557,5,561,700,700,1315,1315
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 20:38:37 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
178.162.209.142
Content-Type
image/gif
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
050da4tiqs2pu3fk5mvg
floatbutton1_764bf172fd710d0d540b777a5a05ab02_.css
css.zohocdn.com/salesiq/styles/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.zohocdn.com/salesiq/styles/floatbutton1_764bf172fd710d0d540b777a5a05ab02_.css
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),
Reverse DNS
Software
ZGS /
Resource Hash
be8b200c1f8541d50eb38049f2b798b219a7ba7110c02bd94c2d26f80acd41b5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:38:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15768000, max-age=63072000
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
5043
x-xss-protection
1
last-modified
Mon, 21 Mar 2022 15:45:11 GMT
server
ZGS
nb-request-id
df8ae4ce72d5bf1ac0333fadf3d8ede9
etag
"b59c1c17e3aa2078f2d9d9f0d9cf587e"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
z-origin-id
ex1-21f0ae5d0e8d487eac6fc3c39fcaf5e8
accept-ranges
bytes
timing-allow-origin
*
floatbutton1_9654b1b73aaf9cd6679fd36c6390fa83_.js
js.zohocdn.com/salesiq/js/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.zohocdn.com/salesiq/js/floatbutton1_9654b1b73aaf9cd6679fd36c6390fa83_.js
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),
Reverse DNS
Software
ZGS /
Resource Hash
1c2fe8cec01cc5584e32039947b731f290beb1ccd29723d8b73374de3bf7fe8b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:38:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15768000, max-age=63072000
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
12382
x-xss-protection
1
last-modified
Sat, 29 Oct 2022 12:22:33 GMT
server
ZGS
nb-request-id
7601b67751821f6c1573ea2bd93747cb
etag
"051eb9de0741939a33a2187810467a70"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
z-origin-id
ex1-c70ae6bd5a39431aa42e8ddd59ba9454
accept-ranges
bytes
timing-allow-origin
*
float_6cd76475d822e7b44efcf2b1413f4967_.ttf
css.zohocdn.com/salesiq/styles/fonts/float/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.zohocdn.com/salesiq/styles/fonts/float/float_6cd76475d822e7b44efcf2b1413f4967_.ttf
Requested by
Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/styles/floatbutton1_764bf172fd710d0d540b777a5a05ab02_.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),
Reverse DNS
Software
ZGS /
Resource Hash
68ea492e01c42ad3494fffc0913d4f2a79122b12324a7619861ac7f5fa7df402
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://css.zohocdn.com/salesiq/styles/floatbutton1_764bf172fd710d0d540b777a5a05ab02_.css
Origin
https://truthinit.lpages.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:38:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15768000, max-age=63072000
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
642
x-xss-protection
1
last-modified
Thu, 30 Dec 2021 10:15:21 GMT
server
ZGS
nb-request-id
117ec19fa8ead2bf03541c9981c523c2
etag
"15d0d2c51b3a4a041315e923266ad678"
vary
Accept-Encoding
content-type
font/ttf
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
z-origin-id
ex1-21a6fc32bc6e42ff8fb2cb1ba130dac8
accept-ranges
bytes
timing-allow-origin
*
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=iQL464BYcv9NXiVt5gqQm4&origin=center-js&kind=timer,timer,counter,timer,timer&label=load-center,load-identify,ident-new,send-events,send-events&value=199.5,48.299999713897705,1,408.5,423.59999990463257
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://truthinit.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 20:38:41 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://truthinit.lpages.co
X-Forwarded-For
178.162.209.142
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
050da5spa8nagaq6ltc0

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| LeadPagesCenterObject function| center function| gtag object| dataLayer function| fbq function| _fbq function| getParameterByName string| first string| last string| email string| url object| $zoho object| d object| s object| t function| moment object| sup object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $d object| addeventatc boolean| ate_touch_capable number| flbckcnt number| flbckint number| nlbckcnt number| nlbckint function| addeventReady object| hdx object| gaplugins object| gaGlobal object| gaData object| $ZSIQLSDB object| $ZSIQCookie object| $zsalobj object| $zsalobjrestricted object| UDHandler object| $ZSIQUtil object| $ZSIQLicence function| handleIframeFunction object| $UTSHandler object| $ZSIQUTS object| $ZSIQUTSAction object| ResponseFormatter object| $ZSIQChat boolean| isdomloadhandled boolean| WEBSITE_VISITOR_API_FLOW_ENABLED object| _ZSIQ object| $ZSIQAnalytics object| $ZSIQAutopick object| $zohosq object| $zcb object| $zv object| $zlm object| $zlch string| $zla boolean| $ZSIQ_UTSinitialized function| $ZSisThresholdExceeded function| $ZDestroyFloatData function| $ZNotifyTracking function| $ZShandleEvent number| SIQ_FLOAT number| SIQ_BUTTON number| SIQ_PERSONALIZE boolean| _WINDOW_REPOPULATE string| api_lang string| val boolean| iscdnenabled object| cssjslist string| actualcssfile string| actualjsfile object| $ZSIQChatWindow function| zsiqdrag object| $ZSIQTemplate object| $ZSIQWidgetUI object| $ZSIQWidget

10 Cookies

Domain/Path Name / Value
.api.leadpages.io/analytics/v1/events/capture Name: view.cKp5rNi8nh5SVTXH4ssiTA.MguXLxH3g7EtfnffsHxdE6
Value: 1667853518000
.truthinit.lpages.co/ Name: _fbp
Value: fb.2.1667853517357.1301975117
.truthinit.lpages.co/ Name: _ga
Value: GA1.3.1743479001.1667853517
.truthinit.lpages.co/ Name: _gid
Value: GA1.3.723180481.1667853517
.truthinit.lpages.co/ Name: _gat_gtag_UA_100773206_1
Value: 1
js.center.io/ Name: centerVisitorId
Value: kLmnEsMgkD6w6Jtpr79GNh
salesiq.zoho.com/ Name: LS_CSRF_TOKEN
Value: 59929f87-61d9-4000-b418-74beb198bb35
salesiq.zoho.com/ Name: uesign
Value: 977d663a171842d5d60f7cd54be90991a3bf399a10c4640929ef32d81868edd70ebe6f3b1d65c93cfe4943ce830895dd
.truthinit.lpages.co/ Name: david7758-_zldp
Value: nDIconNTK4%2BclGIUburgwruCUrfw5QvfU6YS9D0v9gIQ296tSpNMNpARN%2FCnyXREodoRkLyJC2Y%3D
.truthinit.lpages.co/ Name: david7758-_zldt
Value: b85329d9-891e-47ff-a5d4-dd4c5baa4f01-1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addevent.com
api.leadpages.io
app.techtrainus.com
cdn.addevent.com
cdnjs.cloudflare.com
connect.facebook.net
css.zohocdn.com
enterpriseitlink.com
fonts.googleapis.com
fonts.gstatic.com
js.center.io
js.zohocdn.com
lh3.googleusercontent.com
salesiq.zoho.com
static.leadpages.net
stats.g.doubleclick.net
truthinit.lpages.co
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
136.143.191.67
18.66.112.110
185.20.209.147
2606:4700::6811:180e
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2013
2a00:1450:400c:c07::9b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.107.203.240
35.192.151.63
35.202.21.90
51.195.101.2
52.211.62.131
54.37.75.98
0090132fc9250b8af2d107dbc6095334b28661202c62a2ce5da1b05fa5fdfeea
023fd798c2b14f97f299a3ec069d24aa074ca2bba49f722d56366a27e8ea6ce1
074060913408f6f94a281abd242d63bd7225a7d28cec1de40953bada68bc50f9
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1a4db70f1462d29a037df5e4b98923e18d74c5fc10a08bfb8205e6a88f2e31bd
1c2fe8cec01cc5584e32039947b731f290beb1ccd29723d8b73374de3bf7fe8b
1cfddf20d04f7f3f75603868ad2b4bdbcfd5b5520e177d0231f6e2ab2241354d
1e16aaad0806140e2da858ecc53385963ea2f7d96ac514288de532b23bfa6250
2335cd9330c0799dd1cdd03455debb94cac85c5c25895d8bcd9fa61d53662e9a
2a1c39b6e63767c901f0381810aba3424b3895e581f256fd3dcdddfaf1fb97a4
3cd723f7190bdddeb6f62c125c33461717aca4777a88a500777e2de9aa875a63
471c41641cd552e03e9f5ee0f957e4e2fc2c2eb00107bd8598da77f3de1742d1
66e9be2835ff51249b636c6d1c65def39717e2143aaedbecce9f575e581531e1
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
68ea492e01c42ad3494fffc0913d4f2a79122b12324a7619861ac7f5fa7df402
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e56a42dcf4f255898159d98cabf52c2ad34e7d70a6ca877cf1e99dc29fd3a68
76352541f7e669622a162b9f1980abfba7da4a551d79b54b786805231205c2e9
7e97af9197739673464ce8a56b272641a7565b51b3f392661a76fafaefa78379
7f6956cc1a4894827ac687fcb23a7f496fad99982b6fec6f0c81a9281e067e6f
84ac707aa6e621a3627eba56d947d88649ee0138a2991b1a7c945ef84a80af55
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
a28f1d4f019b007adb51867d409046e4f2c66348dfe5708c46107ac65cd5d149
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
be8b200c1f8541d50eb38049f2b798b219a7ba7110c02bd94c2d26f80acd41b5
c3436c8c169e8061927fa5f95eb337fcd255002b26fd173281f4216f399c8aea
caf28e24fcfc37e2b6b79b3f67fb64f85adfc99b8f542e317fa3ca1bfd7293c6
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
d6361dcf1251fd2fd1b270b12fae64052bfc04c3a8d99e8c8e32e9c003d3d5f7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6802973fc0c75ad67b4810ae2aa16278608b675787c11ccc32c2e9e3f203ea7
e7300aec4dbe2f3511caba909e8edf47e8760c9919d018931eaa7732275ece6d
f22c8d9f461e520c0977d8c8592d6b76a6413194399c5e52d883a1c58cc71fcf
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b0ca3d4b707e8f3d83d767adbc6170d6e5ee30cc194fe2c689f3c98abe4103
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143