agreements-invoices.nifty.pm Open in urlscan Pro
99.86.2.79 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
Submission: On October 23 via manual (October 23rd 2020, 3:39:51 am UTC) from HK

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 15 domains to perform 39 HTTP transactions. The main IP is 99.86.2.79, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is agreements-invoices.nifty.pm.
TLS certificate: Issued by Amazon on March 6th 2020. Valid for: a year.

This is the only time agreements-invoices.nifty.pm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	99.86.2.79 99.86.2.79	16509 (AMAZON-02) (AMAZON-02)
2	151.101.112.176 151.101.112.176	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
2	52.85.32.76 52.85.32.76	16509 (AMAZON-02) (AMAZON-02)
1	54.192.206.65 54.192.206.65	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	13.225.73.15 13.225.73.15	16509 (AMAZON-02) (AMAZON-02)
1	99.86.2.113 99.86.2.113	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:821::2004	15169 (GOOGLE) (GOOGLE)
2	167.172.235.9 167.172.235.9	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	54.192.206.2 54.192.206.2	16509 (AMAZON-02) (AMAZON-02)
3	13.225.73.26 13.225.73.26	16509 (AMAZON-02) (AMAZON-02)
2	99.83.219.81 99.83.219.81	16509 (AMAZON-02) (AMAZON-02)
39	20

10 99.86.2.79 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-79.fra6.r.cloudfront.net

agreements-invoices.nifty.pm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.32.76 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-32-76.ham50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.206.65 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-206-65.ham50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.15 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-15.fra2.r.cloudfront.net

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.2.113 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-113.fra6.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.172.235.9 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)

api.niftypm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.206.2 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-54-192-206-2.ham50.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.73.26 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-26.fra2.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.219.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	nifty.pm agreements-invoices.nifty.pm	2 MB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	77 KB
3	intercomcdn.com js.intercomcdn.com	106 KB
3	intercom.io 1 redirects widget.intercom.io api-iam.intercom.io	5 KB
3	google.com apis.google.com www.google.com	6 KB
2	niftypm.com api.niftypm.com	531 B
2	bugsnag.com sessions.bugsnag.com	140 B
2	google.de www.google.de	1 KB
2	doubleclick.net googleads.g.doubleclick.net	4 KB
2	googletagmanager.com www.googletagmanager.com	95 KB
2	cloudflare.com cdnjs.cloudflare.com	103 KB
2	stripe.com js.stripe.com	48 KB
1	google-analytics.com www.google-analytics.com	18 KB
1	profitwell.com public.profitwell.com	15 KB
1	googleadservices.com www.googleadservices.com	12 KB
39	15

	Domain	Requested by
10	agreements-invoices.nifty.pm	agreements-invoices.nifty.pm
3	js.intercomcdn.com	widget.intercom.io
2	api-iam.intercom.io	js.intercomcdn.com
2	api.niftypm.com	agreements-invoices.nifty.pm
2	sessions.bugsnag.com	agreements-invoices.nifty.pm
2	www.google.de	agreements-invoices.nifty.pm
2	www.google.com	agreements-invoices.nifty.pm
2	googleads.g.doubleclick.net	www.googleadservices.com
2	static.hotjar.com	agreements-invoices.nifty.pm
2	www.googletagmanager.com	agreements-invoices.nifty.pm
2	cdnjs.cloudflare.com	agreements-invoices.nifty.pm cdnjs.cloudflare.com
2	js.stripe.com	agreements-invoices.nifty.pm js.stripe.com
1	widget.intercom.io	1 redirects
1	www.google-analytics.com	agreements-invoices.nifty.pm
1	vars.hotjar.com	static.hotjar.com
1	public.profitwell.com	agreements-invoices.nifty.pm
1	www.googleadservices.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	apis.google.com	agreements-invoices.nifty.pm
39	19

This site contains no links.

Subject Issuer	Validity	Valid
nifty.pm Amazon	`2020-03-06` - `2021-04-06`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2020-09-22` - `2021-02-03`	4 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.profitwell.com Amazon	`2020-08-31` - `2021-09-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-18` - `2021-05-18`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
api.niftypm.com Let's Encrypt Authority X3	`2020-10-20` - `2021-01-18`	3 months	crt.sh
*.intercomcdn.com Amazon	`2020-03-29` - `2021-04-29`	a year	crt.sh
*.intercom.com Amazon	`2020-05-13` - `2021-06-13`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
Frame ID: C9C96EB2A34C20F491CEADB568538BAF
Requests: 31 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-7e4b9b871fee876475cf1d5d316fe456.html
Frame ID: 82F02B8F8A585C0C185D4BD920538B9E
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 6A82D2A87B2C67120A08B95390B920DC
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.058f1f19.js
Frame ID: BD0CEB175027463C4ACD89A7DFAE81D7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

script /js\.stripe\.com/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i

Page Statistics

39
Requests

100 %
HTTPS

48 %
IPv6

15
Domains

19
Subdomains

20
IPs

2
Countries

2823 kB
Transfer

3961 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://widget.intercom.io/widget/j8z82yl3 HTTP 302
https://js.intercomcdn.com/shim.latest.js

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 5iyjtz3dhy8 Show response
agreements-invoices.nifty.pm/l/ 12 KB
13 KB 490ms
418ms Document
text/html 99.86.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-79.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2ca15761f525ad25317f30b4287543bc4a92604fbe1eede64443fc24cf1e29c

Request headers

Host: agreements-invoices.nifty.pm
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html
Content-Length: 12574
Connection: keep-alive
Last-Modified: Wed, 21 Oct 2020 23:58:31 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 22 Oct 2020 23:59:29 GMT
ETag: "e82a7da7f328b38d663a26b847c4aaba"
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
X-Cache: Error from cloudfront
Via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: t2l89md1BFAf8OwYxyFd833Q7PCiWngWRvnHJZqqyQTq5jdb23hqdw==
Age: 13207

GET
H2 200 / Show response
js.stripe.com/v3/ 185 KB
48 KB 101ms
22ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4e1f1d9d4f58420e2389c25c6d71aad83bcd7e9591db4a60a5a2fc3ff81661e8

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 03:39:35 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 191
via: 1.1 varnish
x-cache: HIT
status: 200
content-length: 48850
x-amz-id-2: Jdic2eF81rEnfZq1fRAaLmgX4GwjYXLYfSo4sMJ2KzIaUl20qoPNvLZb9EGhb7cbKqgIqoLJ9Wo=
x-served-by: cache-hhn4023-HHN
timing-allow-origin: *
last-modified: Wed, 21 Oct 2020 22:46:27 GMT
server: AmazonS3
etag: "cf69a7d37b9906d1491ae0ba263e0d0c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 20E613A70DB4A410
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 54

GET
H2 200 ionicons.min.css
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ 50 KB
7 KB 13ms
11ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
Requested by: Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 03:39:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 113075
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6642
cf-request-id: 05f5236b150000d72d34ad5000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:20 GMT
server: cloudflare
etag: "5eb03ea8-c854"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603424376"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5e686e8b5ce6d72d-FRA
expires: Wed, 13 Oct 2021 03:39:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-748502255

Requested by

Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

834c19e975674a917315c09fff5886cb7aaf54dc68bcbf30a88c40eded3fb2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 03:39:35 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37951
x-xss-protection: 0
last-modified: Fri, 23 Oct 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Oct 2020 03:39:35 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ 12 KB
6 KB 51ms
29ms Script
application/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f3aa61fec58dc593e3e3140ec67e7dcfcf0d367f375c5515150374fef762bd4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oDKtM/WaKm4Y6GPBcaCEmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 03:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "8b9001c394db6a882a840edc6214b91c"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-oDKtM/WaKm4Y6GPBcaCEmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 23 Oct 2020 03:39:35 GMT

GET
H/1.1 200
OK main.f8b15f82.chunk.js Show response
agreements-invoices.nifty.pm/static/js/ 9 KB
10 KB 33ms
33ms Script
application/javascript 99.86.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agreements-invoices.nifty.pm/static/js/main.f8b15f82.chunk.js
Requested by: Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-79.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4190cb4349c3941895bc7d4c6a4b6e5149369754de6f1ea57fb8d7d2bccaae07

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 00:14:27 GMT
Via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
Last-Modified: Wed, 21 Oct 2020 23:58:30 GMT
Server: AmazonS3
Age: 12309
ETag: "30522364d43cca208ffd387367336934"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 9695
X-Amz-Cf-Id: hN9FRv8RdOOt-I0WGudiiz93wXq4SbcMQoAFORadsQvr3MnWkbl7XQ==

GET
H2 200 hotjar-991874.js Show response
static.hotjar.com/c/ 9 KB
3 KB 137ms
86ms Script
application/javascript 52.85.32.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-991874.js?sv=6

Requested by

Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.32.76 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-32-76.ham50.r.cloudfront.net

Software

Resource Hash

61d553751186d8bbeeaafcddd375fa33c5bf78bb5100fd389e6a7701f4b43a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 03:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: HAM50-C1
etag: W/c487be730e10803adb114f17c26cabdb
status: 200
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
vary: Accept-Encoding
x-amz-cf-id: dg2HXJuQPqwVk9b3h0OyifFEKbJu2MyLw4kkWPss_44CNff-oNf6cw==
via: 1.1 ce9a2abd25eed1f472711c23f8a0adaf.cloudfront.net (CloudFront)

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
58 KB 39ms
24ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P4N3RRJ

Requested by

Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e24250df7e447cab27330a173c756a1b41ecfaba2b054f945e6ce7d4eda3ec3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 03:39:35 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59119
x-xss-protection: 0
last-modified: Fri, 23 Oct 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Oct 2020 03:39:35 GMT

GET
H/1.1 200
OK 94.28f0137e.chunk.css
agreements-invoices.nifty.pm/static/css/ 809 B
1 KB 42ms
42ms Stylesheet
text/css 99.86.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agreements-invoices.nifty.pm/static/css/94.28f0137e.chunk.css
Requested by: Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-79.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25d6e04dd64a08e73f3003d395409661fb20d894a43ff07ea369e31a1bec521e

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 00:04:14 GMT
Via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
Last-Modified: Wed, 21 Oct 2020 23:58:28 GMT
Server: AmazonS3
Age: 12922
ETag: "c5b8097f3fae3c25649c0501b441dbff"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 809
X-Amz-Cf-Id: 84IesPkKtgCyZcuYWC_ZNKUdRPsWPZzRTwmb_4FvGdZZwEZgPW_Hog==

GET
H/1.1 200
OK 94.6e657377.chunk.js Show response
agreements-invoices.nifty.pm/static/js/ 861 KB
861 KB 76ms
28ms Script
application/javascript 99.86.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agreements-invoices.nifty.pm/static/js/94.6e657377.chunk.js
Requested by: Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-79.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c538ef8369576f70c8239bc75cd99e58c9d3de035f923a3bbe667e44c7140494

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 00:04:14 GMT
Via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
Last-Modified: Wed, 21 Oct 2020 23:58:28 GMT
Server: AmazonS3
Age: 12921
ETag: "74eb6b093a7a927d0d6c1f0f31f926d0"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 881414
X-Amz-Cf-Id: adw4KJ76tVoh0Q2YnCSwdIwJGAsnvlTN6U40DG2pzmG07j5e-vzPrg==

GET
H/1.1 200
OK 96.a36956c5.chunk.css
agreements-invoices.nifty.pm/static/css/ 666 KB
667 KB 78ms
36ms Stylesheet
text/css 99.86.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agreements-invoices.nifty.pm/static/css/96.a36956c5.chunk.css
Requested by: Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-79.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3ae107fc7d7f6ac810beaf6b1395f3ccfefd4414f385a26deec0c33e8fa1ca5

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 00:04:14 GMT
Via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
Last-Modified: Wed, 21 Oct 2020 23:58:28 GMT
Server: AmazonS3
Age: 12922
ETag: "24654f52944edb7fd0a424c8331ca3ee"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 682120
X-Amz-Cf-Id: zm9utRRQeMVIylxdAwNGuQj-hU1zVP9m7VAIx51-1yCRpfywpj2mNw==

GET
H/1.1 200
OK 96.43edda4a.chunk.js Show response
agreements-invoices.nifty.pm/static/js/ 655 KB
656 KB 85ms
33ms Script
application/javascript 99.86.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agreements-invoices.nifty.pm/static/js/96.43edda4a.chunk.js
Requested by: Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-79.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d89ee843475b21e0722a6a3d02f3f9acad2fb736d2ff914cd508217b0693d38

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 00:04:15 GMT
Via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
Last-Modified: Wed, 21 Oct 2020 23:58:28 GMT
Server: AmazonS3
Age: 12921
ETag: "956cc39eba51cb495965f0d40b4edecd"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 670952
X-Amz-Cf-Id: jiIc7a-rxBheDjoCi21lgDKbD5TehcM995qjqbhsfioSaf1LyXHRaQ==

GET
H2 200 m-outer-7e4b9b871fee876475cf1d5d316fe456.html
js.stripe.com/v3/ Frame 82F0 0
0 22ms
22ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-7e4b9b871fee876475cf1d5d316fe456.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-7e4b9b871fee876475cf1d5d316fe456.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8

Response headers

status: 200
x-amz-id-2: uqHBzG6x+uSAcdHb/QC0NkX0ryE2Qm2ARSUuBG0bCoOyVM2GiZx2iYOceVjNTez7RsylOG6cfAc=
x-amz-request-id: A9219BF7CFE59F80
last-modified: Wed, 21 Oct 2020 22:07:39 GMT
etag: "7e4b9b871fee876475cf1d5d316fe456"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 23 Oct 2020 03:39:35 GMT
via: 1.1 varnish
age: 127
x-served-by: cache-hhn4023-HHN
x-cache: HIT
x-cache-hits: 63
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 186

GET
H2 200 modules.8892a865463d29e21514.js Show response
script.hotjar.com/ 361 KB
71 KB 79ms
26ms Script
application/javascript 54.192.206.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8892a865463d29e21514.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-991874.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.206.65 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-206-65.ham50.r.cloudfront.net

Software

Resource Hash

96b7353cfc0c512962840bc951b0e1009d3419defac1a37a7b1149e8ea3d43cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 11:51:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 229664
x-cache: Hit from cloudfront
status: 200
content-length: 72450
access-control-allow-origin: *
last-modified: Tue, 20 Oct 2020 11:48:03 GMT
etag: "bdab316b804b450b477b25a55b099ba6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c46d7c5a8bf0a3035249184c40b6aea4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: SaVh6ajvKfYPDAM2RstohKc26LpOZ0MaMPSM5QTqQT8iTx9x8wdfLg==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 84ms
32ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-748502255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

0bfb81a6d3e2ed2e0cb381a9f933355ff00e64cd0d80724e83559861cad12711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 03:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11472
x-xss-protection: 0
server: cafe
etag: 8286593240961886057
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 23 Oct 2020 03:39:35 GMT

GET
H2 200 hotjar-1803991.js Show response
static.hotjar.com/c/ 4 KB
2 KB 60ms
60ms Script
application/javascript 52.85.32.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1803991.js?sv=6

Requested by

Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.32.76 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-32-76.ham50.r.cloudfront.net

Software

Resource Hash

5ad4554b1985f9cca545ac379b135fe53a7bcf077f48c2054851dab1b523b1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 03:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: HAM50-C1
etag: W/59feb16c43794ce11d470220a47e208f
status: 200
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
vary: Accept-Encoding
content-length: 1666
via: 1.1 ce9a2abd25eed1f472711c23f8a0adaf.cloudfront.net (CloudFront)
x-amz-cf-id: NM_7cp1_FG9qy-xkjPDl8_YaZ6vV_MRSetn5TI5i6RaHbmKCzYIWpA==

GET
H2 200 profitwell.js Show response
public.profitwell.com/js/ 46 KB
15 KB 486ms
425ms Script
application/x-javascript 13.225.73.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=6d1267e35e3820378232c663d97f1fe3
Requested by: Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.73.15 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-15.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e464254db4f2e4385ff28663ad41b1af5b7add4a1e0922bd74a99291fb66342c

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 03:39:37 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 14:00:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"b3e14de3e4253a5bd2634a37b2d5e134"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: yNwQOLFgjN3O2ncFeey2YJ958vFRuHQu
status: 200
cache-control: public,max-age=86400
content-type: application/x-javascript
x-amz-cf-id: rfVtr2yVTYHcjqc_lhj2Mr1XFCO8zEv6c3hzm-4WfLkcRBpgXHnAAg==
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 6A82 0
0 72ms
22ms Document
text/html 99.86.2.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-991874.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-113.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8

Response headers

status: 200
content-type: text/html
content-length: 851
date: Mon, 05 Oct 2020 13:02:45 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 05 Oct 2020 11:02:22 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: xRGLcRD6eb8on2McJ-wTLjhO7n-ZiWRXE6FQ7RLOqW86LmEy_g2a5w==
age: 1521410

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/748502255/ 2 KB
2 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/748502255/?random=1603424375819&cv=9&fst=1603424375819&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaae1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fagreements-invoices.nifty.pm%2Fl%2F5iyjtz3dhy8&tiba=Nifty&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b4a85323fdd938a6f00ce6dac2658d15ba3a1e0682efd30ed2e69ddcd3fa51d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 03:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1028
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/748502255/ 42 B
326 B 31ms
30ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/748502255/?random=1603424375819&cv=9&fst=1603422000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaae1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fagreements-invoices.nifty.pm%2Fl%2F5iyjtz3dhy8&tiba=Nifty&async=1&fmt=3&is_vtc=1&random=602847532&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 03:39:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/748502255/ 42 B
560 B 43ms
23ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/748502255/?random=1603424375819&cv=9&fst=1603422000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaae1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fagreements-invoices.nifty.pm%2Fl%2F5iyjtz3dhy8&tiba=Nifty&async=1&fmt=3&is_vtc=1&random=602847532&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 03:39:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/748502255/ 2 KB
2 KB 41ms
26ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/748502255/?random=1603424375887&cv=9&fst=1603424375887&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaae1&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fagreements-invoices.nifty.pm%2Fl%2F5iyjtz3dhy8&tiba=Nifty&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0773e4ae5b41d55d1a0a1f8137ee3793277fee993a63399c189b6f279095679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 03:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1032
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 162ms
147ms Other 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://agreements-invoices.nifty.pm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Fri, 23 Oct 2020 03:39:36 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 144ms
144ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/static/js/94.6e657377.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
Bugsnag-Sent-At: 2020-10-23T03:39:35.958Z
Bugsnag-Api-Key: bb15f65a391729e46641d6cbc7260ce4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Oct 2020 03:39:36 GMT
via: 1.1 google
status: 202
content-type: application/json
access-control-allow-origin: *
bugsnag-session-uuid: 18492bea-d34b-4b06-b88c-62d5f52fbaf4
alt-svc: clear
content-length: 21

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/static/js/94.6e657377.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 1427
date: Fri, 23 Oct 2020 03:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 23 Oct 2020 05:15:48 GMT

GET
H/1.1 200
OK notification.mp3 Show response
agreements-invoices.nifty.pm/l/media/ 12 KB
13 KB 421ms
421ms XHR
text/html 99.86.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agreements-invoices.nifty.pm/l/media/notification.mp3
Requested by: Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/static/js/94.6e657377.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-79.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2ca15761f525ad25317f30b4287543bc4a92604fbe1eede64443fc24cf1e29c

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 23:59:29 GMT
Via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 21 Oct 2020 23:58:31 GMT
Server: AmazonS3
Age: 13208
ETag: "e82a7da7f328b38d663a26b847c4aaba"
X-Cache: Error from cloudfront
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 12574
X-Amz-Cf-Id: vCToiShPWXx-edQOsC7Q3qSbkd3iQ7cpo0yebdWuHfmjG47R2gpXQQ==

GET
H/1.1 200
OK ShortLinkChunk.8a7cc6dc.chunk.js Show response
agreements-invoices.nifty.pm/static/js/ 5 KB
5 KB 46ms
46ms Script
application/javascript 99.86.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agreements-invoices.nifty.pm/static/js/ShortLinkChunk.8a7cc6dc.chunk.js
Requested by: Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-79.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 836e411880ea0495d6361e8781265665e4093632d9d1db22c6636b66e72b681d

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 06:17:58 GMT
Via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
Last-Modified: Wed, 21 Oct 2020 23:58:30 GMT
Server: AmazonS3
Age: 76899
ETag: "25e0cb0f8a704758859a1de35e97b93a"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 4960
X-Amz-Cf-Id: N9Ew6umMz0HYDTA7UvI0MwBKtxrLhrZOTMmvYMRBQHA8LahsqfBGvA==

GET
H/1.1 200
OK version Show response
agreements-invoices.nifty.pm/ 6 B
464 B 407ms
407ms XHR
binary/octet-stream 99.86.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agreements-invoices.nifty.pm/version?1603424376034
Requested by: Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/static/js/94.6e657377.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-79.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b363c4a5d9fa3b9bbd9f0b042325a97fe2bbd5685edb6dfd2348dce286be523

Request headers

Accept: application/json, text/plain, */*
Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 03:39:37 GMT
Via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
Last-Modified: Wed, 21 Oct 2020 23:58:30 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
ETag: "428ab18b481f920d54c376705964dd92"
X-Cache: Miss from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6
X-Amz-Cf-Id: XKmqMjP62ZZd-PSUTBZYYpiVvT2gQX3TANZlVre9SQIqGv9oOrl5ZA==

GET
H2 200 ionicons.ttf
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/fonts/ 184 KB
96 KB 23ms
11ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.0
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c5b6bb603a4f7556b94532674f3847b430b9495afbb3a4dcfe5ba718baa59ad

Request headers

Origin: https://agreements-invoices.nifty.pm
Referer: https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 03:39:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 113076
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 97438
cf-request-id: 05f5236d0a000005f976180000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:20 GMT
server: cloudflare
etag: "5eb03ea8-2e05c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603424376"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5e686e8e784b05f9-FRA
expires: Wed, 13 Oct 2021 03:39:36 GMT

GET
H/1.1 200
OK SFProText-Regular.ea57e093.woff2
agreements-invoices.nifty.pm/static/media/ 106 KB
106 KB 38ms
38ms Font
binary/octet-stream 99.86.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agreements-invoices.nifty.pm/static/media/SFProText-Regular.ea57e093.woff2
Requested by: Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/static/css/96.a36956c5.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-79.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8638e80df6b599e0d531a7923439678ee905fbc13a330a0ebca30d6f7f9b1f39

Request headers

Origin: https://agreements-invoices.nifty.pm
Referer: https://agreements-invoices.nifty.pm/static/css/96.a36956c5.chunk.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 03:39:36 GMT
Via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
Last-Modified: Tue, 20 Oct 2020 09:02:30 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
ETag: "ea57e0931ee301b2789bf36088565f2a"
X-Cache: Hit from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 108400
X-Amz-Cf-Id: VvNOknW8D5AyojrGB-eIVmYtlGLlmG0Si8CdsUf0yWnLim2IbaXkmQ==

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/748502255/ 42 B
519 B 82ms
66ms Image
image/gif 2a00:1450:4001:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/748502255/?random=1603424375887&cv=9&fst=1603422000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaae1&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fagreements-invoices.nifty.pm%2Fl%2F5iyjtz3dhy8&tiba=Nifty&async=1&fmt=3&is_vtc=1&random=2705730250&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 03:39:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/748502255/ 42 B
538 B 44ms
28ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/748502255/?random=1603424375887&cv=9&fst=1603422000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaae1&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fagreements-invoices.nifty.pm%2Fl%2F5iyjtz3dhy8&tiba=Nifty&async=1&fmt=3&is_vtc=1&random=2705730250&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 03:39:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found 5iyjtz3dhy8 Show response
api.niftypm.com/api/unshorten/ 120 B
531 B 115ms
115ms XHR
application/json 167.172.235.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.niftypm.com/api/unshorten/5iyjtz3dhy8?
Requested by: Host: agreements-invoices.nifty.pm
URL: https://agreements-invoices.nifty.pm/static/js/96.43edda4a.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.172.235.9 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 5b7b03e45facbfb2b97219f25a5b2d16c0a2fd0f419535e3ed1ff5fdcffdffb4

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Session-Token: undefined

Response headers

Date: Fri, 23 Oct 2020 03:39:36 GMT
ETag: W/"78-mVgbTJCmSeXX3nBeJeVqF+QDI3U"
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 120

OPTIONS
H/1.1 204
No Content 5iyjtz3dhy8
api.niftypm.com/api/unshorten/ Frame 0
0 304ms
102ms Other 167.172.235.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.niftypm.com/api/unshorten/5iyjtz3dhy8?
Protocol: HTTP/1.1
Server: 167.172.235.9 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-session-token
Origin: https://agreements-invoices.nifty.pm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Fri, 23 Oct 2020 03:39:36 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: x-session-token

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/j8z82yl3
https://js.intercomcdn.com/shim.latest.js

11 KB
5 KB

75ms
22ms

Script
application/javascript

13.225.73.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.73.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-26.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1995b5b7f42fb1d8f540aebeb89979d8efb588eef906f2df52a264754630fc7

Request headers

Referer: https://agreements-invoices.nifty.pm/l/5iyjtz3dhy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 03:35:50 GMT
content-encoding: gzip
age: 227
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 4217
last-modified: Thu, 22 Oct 2020 19:25:48 GMT
server: AmazonS3
etag: "fddcc5c4747c6f9fc3545e7f73d94326"
content-type: application/javascript; charset=UTF-8
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: TWjrH54N2Ug8vCnUeZQmnMPR7bR2RJaAMfs5YMu5eaBDQ3u3GbH4NA==

Redirect headers

date: Thu, 22 Oct 2020 13:41:44 GMT
via: 1.1 b0897b3c9ccbfb930a1fb81cc0ac17d4.cloudfront.net (CloudFront)
server: AmazonS3
age: 50273
status: 302
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: HAM50-C3
content-length: 0
x-amz-cf-id: xXIbA-v-cB6tmvOj1Gg_JIMmPp5ViH0D8z8LuOu8B3_EyuER7ZPkOw==

GET
H2 200 frame-modern.058f1f19.js Show response
js.intercomcdn.com/ Frame BD0C 233 KB
63 KB 28ms
27ms Script
application/javascript 13.225.73.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.058f1f19.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/j8z82yl3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.73.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-26.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ec469691df7d711bb5ec7e5769fcaf87b970c67a32bda2d3dc12f03d9d4ee8a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 03:25:51 GMT
content-encoding: gzip
age: 826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 64352
last-modified: Thu, 22 Oct 2020 19:16:54 GMT
server: AmazonS3
etag: "076b351ac83be8c4ac2692b983a20b2f"
content-type: application/javascript; charset=UTF-8
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: nYJ4lyaVQ0GGdQOoSZ1dWAUg_QTmDjCnhR5vn7He1yLL68nnDnpSUg==

GET
H2 200 vendor-modern.f8491c25.js Show response
js.intercomcdn.com/ Frame BD0C 123 KB
38 KB 28ms
28ms Script
application/javascript 13.225.73.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.f8491c25.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/j8z82yl3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.73.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-26.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9df82ad6a78049cfcb5ff4041cc2c089aec4fa231aee36ccc512c68b25b469ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 03:03:32 GMT
content-encoding: gzip
age: 2165
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 38308
last-modified: Thu, 22 Oct 2020 13:02:51 GMT
server: AmazonS3
etag: "42c75f5c0d716182ee9c0fcbaf98cdca"
content-type: application/javascript; charset=UTF-8
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: jhQA47wi9lvjC-ViH71MkXtA9ewZMBB92QtNnCSR-RSgneB1Pa7yQw==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame BD0C 5 KB
2 KB 571ms
372ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.058f1f19.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

42249428a5d61d1d5a5aa5e21456de326b7b6e087abfd747201f4c62f54b7df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 23 Oct 2020 03:39:37 GMT
content-encoding: gzip
x-ami-version: ami-05a6e99af1102e0b9
status: 200, 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 000h0ursadbvtkcpjhqg
x-runtime: 0.263533
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"42249428a5d61d1d5a5aa5e21456de32"
x-ratelimit-remaining: 19977
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://agreements-invoices.nifty.pm
x-intercom-version: 158730d179ebdbdc0a11635da83a81e3d4ddcf80
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1603424400
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame BD0C 5 KB
2 KB 341ms
340ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.058f1f19.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

c46662319fa93f08720f2ef1b9abade97491e20c9d3d387acfd9cbeef89d22c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 23 Oct 2020 03:39:37 GMT
content-encoding: gzip
x-ami-version: ami-05a6e99af1102e0b9
status: 200, 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 000h0sgqfjbc7aur1ti0
x-runtime: 0.234735
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"c46662319fa93f08720f2ef1b9abade9"
x-ratelimit-remaining: 19976
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://agreements-invoices.nifty.pm
x-intercom-version: 158730d179ebdbdc0a11635da83a81e3d4ddcf80
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1603424400
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.agreements-invoices.nifty.pm/	1970-01-20 06:54:56	Name: _ga Value: GA1.3.1249026581.1603424376
.agreements-invoices.nifty.pm/	1970-01-19 13:25:10	Name: _gid Value: GA1.3.531650850.1603424376
.nifty.pm/	1970-01-19 22:09:20	Name: nifty_auth Value: {%22teamUrl%22:%22agreements-invoices%22}
.nifty.pm/	1970-01-19 13:23:46	Name: _hjAbsoluteSessionInProgress Value: 0
.nifty.pm/	1970-01-19 22:09:20	Name: _hjid Value: def70b21-9b05-4b0d-8ed2-e0e35cf3e8f1
.nifty.pm/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://agreements-invoices.nifty.pm/static/js/94.6e657377.chunk.js(Line 2) Message: [bugsnag] Loaded!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agreements-invoices.nifty.pm
api-iam.intercom.io
api.niftypm.com
apis.google.com
cdnjs.cloudflare.com
googleads.g.doubleclick.net
js.intercomcdn.com
js.stripe.com
public.profitwell.com
script.hotjar.com
sessions.bugsnag.com
static.hotjar.com
vars.hotjar.com
widget.intercom.io
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.225.73.15
13.225.73.26
151.101.112.176
167.172.235.9
172.217.16.194
2600:1901:0:7a0b::
2606:4700::6810:125e
2606:4700::6810:135e
2a00:1450:4001:802::2003
2a00:1450:4001:806::2008
2a00:1450:4001:819::2004
2a00:1450:4001:81b::2002
2a00:1450:4001:81b::200e
2a00:1450:4001:821::2004
2a00:1450:4001:824::200e
52.85.32.76
54.192.206.2
54.192.206.65
99.83.219.81
99.86.2.113
99.86.2.79
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bfb81a6d3e2ed2e0cb381a9f933355ff00e64cd0d80724e83559861cad12711
0ec469691df7d711bb5ec7e5769fcaf87b970c67a32bda2d3dc12f03d9d4ee8a
25d6e04dd64a08e73f3003d395409661fb20d894a43ff07ea369e31a1bec521e
2b363c4a5d9fa3b9bbd9f0b042325a97fe2bbd5685edb6dfd2348dce286be523
2d89ee843475b21e0722a6a3d02f3f9acad2fb736d2ff914cd508217b0693d38
3c5b6bb603a4f7556b94532674f3847b430b9495afbb3a4dcfe5ba718baa59ad
4190cb4349c3941895bc7d4c6a4b6e5149369754de6f1ea57fb8d7d2bccaae07
42249428a5d61d1d5a5aa5e21456de326b7b6e087abfd747201f4c62f54b7df0
4e1f1d9d4f58420e2389c25c6d71aad83bcd7e9591db4a60a5a2fc3ff81661e8
4f3aa61fec58dc593e3e3140ec67e7dcfcf0d367f375c5515150374fef762bd4
5ad4554b1985f9cca545ac379b135fe53a7bcf077f48c2054851dab1b523b1e7
5b7b03e45facbfb2b97219f25a5b2d16c0a2fd0f419535e3ed1ff5fdcffdffb4
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
61d553751186d8bbeeaafcddd375fa33c5bf78bb5100fd389e6a7701f4b43a0d
6b4a85323fdd938a6f00ce6dac2658d15ba3a1e0682efd30ed2e69ddcd3fa51d
834c19e975674a917315c09fff5886cb7aaf54dc68bcbf30a88c40eded3fb2e3
836e411880ea0495d6361e8781265665e4093632d9d1db22c6636b66e72b681d
8638e80df6b599e0d531a7923439678ee905fbc13a330a0ebca30d6f7f9b1f39
96b7353cfc0c512962840bc951b0e1009d3419defac1a37a7b1149e8ea3d43cc
9df82ad6a78049cfcb5ff4041cc2c089aec4fa231aee36ccc512c68b25b469ba
a0773e4ae5b41d55d1a0a1f8137ee3793277fee993a63399c189b6f279095679
a3ae107fc7d7f6ac810beaf6b1395f3ccfefd4414f385a26deec0c33e8fa1ca5
c1995b5b7f42fb1d8f540aebeb89979d8efb588eef906f2df52a264754630fc7
c46662319fa93f08720f2ef1b9abade97491e20c9d3d387acfd9cbeef89d22c6
c538ef8369576f70c8239bc75cd99e58c9d3de035f923a3bbe667e44c7140494
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
e24250df7e447cab27330a173c756a1b41ecfaba2b054f945e6ce7d4eda3ec3a
e464254db4f2e4385ff28663ad41b1af5b7add4a1e0922bd74a99291fb66342c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ca15761f525ad25317f30b4287543bc4a92604fbe1eede64443fc24cf1e29c

agreements-invoices.nifty.pm Open in urlscan Pro 99.86.2.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

48 %IPv6

15 Domains

19 Subdomains

20 IPs

2 Countries

2823 kBTransfer

3961 kBSize

6 Cookies

0 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

agreements-invoices.nifty.pm Open in urlscan Pro
99.86.2.79 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

48 %
IPv6

15
Domains

19
Subdomains

20
IPs

2
Countries

2823 kB
Transfer

3961 kB
Size

6
Cookies

39 HTTP transactions
0 data transactions