Submitted URL: http://ngl.link/im_roxiii3
Effective URL: https://ngl.link/im_roxiii3
Submission: On January 05 via manual from RO — Scanned from US

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 28 HTTP transactions. The main IP is 104.22.79.252, located in and belongs to CLOUDFLARENET, US. The main domain is ngl.link. The Cisco Umbrella rank of the primary domain is 80270.
TLS certificate: Issued by E1 on December 12th 2022. Valid for: 3 months.
This is the only time ngl.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
9 ngl.link
ngl.link — Cisco Umbrella Rank: 80270
113 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2684
q.stripe.com — Cisco Umbrella Rank: 24056
m.stripe.com — Cisco Umbrella Rank: 2418
104 KB
6 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 520
firebasestorage.googleapis.com — Cisco Umbrella Rank: 6560
firebase.googleapis.com — Cisco Umbrella Rank: 5936
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 314
58 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 3020
16 KB
2 gstatic.com
www.gstatic.com
34 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
342 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
68 KB
1 simplelocalize.io
cdn.simplelocalize.io — Cisco Umbrella Rank: 110952
22 KB
28 8
Domain Requested by
9 ngl.link 1 redirects ngl.link
3 q.stripe.com ngl.link
3 js.stripe.com ngl.link
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 firebaseinstallations.googleapis.com www.gstatic.com
2 firebase.googleapis.com www.gstatic.com
2 www.gstatic.com ngl.link
1 m.stripe.com m.stripe.network
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.gstatic.com
1 cdn.simplelocalize.io ajax.googleapis.com
1 firebasestorage.googleapis.com ngl.link
1 ajax.googleapis.com ngl.link
28 13

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
Subject Issuer Validity Valid
*.ngl.link
E1
2022-12-12 -
2023-03-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2022-12-15 -
2024-01-11
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.simplelocalize.io
E1
2022-11-29 -
2023-02-27
3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-11-12 -
2023-03-09
4 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-15 -
2023-01-26
4 months crt.sh

This page contains 3 frames:

Primary Page: https://ngl.link/im_roxiii3
Frame ID: A20B31421D2720EE6F8E815861599EF7
Requests: 18 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: E438B5C1B629B6DEF818B1E85CDA9B01
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: BBB29BEEF8D9BC02CFC1237942AB35E7
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

@im_roxiii3

Page URL History Show full URLs

  1. http://ngl.link/im_roxiii3 HTTP 301
    https://ngl.link/im_roxiii3 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

62 %
IPv6

8
Domains

13
Subdomains

12
IPs

2
Countries

415 kB
Transfer

1102 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ngl.link/im_roxiii3 HTTP 301
    https://ngl.link/im_roxiii3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request im_roxiii3
ngl.link/
Redirect Chain
  • http://ngl.link/im_roxiii3
  • https://ngl.link/im_roxiii3
4 KB
2 KB
Document
General
Full URL
https://ngl.link/im_roxiii3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fdacd8a7eed64d47bf645fad12c3a518e5f086fb0d91a18136115845bb53db6c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, max-age=600, s-maxage=600
cf-cache-status
DYNAMIC
cf-ray
784fb552f8cc18ae-EWR
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 22:39:09 GMT
function-execution-id
mt3n07ejk7u6
server
cloudflare
strict-transport-security
max-age=31556926
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-cloud-trace-context
e323f63f47ae42fc5580b7817ab7f961
x-country-code
US
x-orig-accept-language
en-US,en;q=0.9
x-powered-by
Express
x-served-by
cache-lga21938-LGA
x-timer
S1672958349.283851,VS0,VE284

Redirect headers

CF-RAY
784fb55248ea17bd-EWR
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 05 Jan 2023 22:39:09 GMT
Expires
Thu, 05 Jan 2023 23:39:09 GMT
Location
https://ngl.link/im_roxiii3
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
normalize.css
ngl.link/stylesheets/
6 KB
2 KB
Stylesheet
General
Full URL
https://ngl.link/stylesheets/normalize.css
Requested by
Host: ngl.link
URL: https://ngl.link/im_roxiii3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ngl.link/im_roxiii3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:39:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
574
x-cache
MISS
content-length
1737
x-served-by
cache-lga21977-LGA
last-modified
Mon, 10 Oct 2022 22:10:00 GMT
server
cloudflare
x-timer
S1665439816.198403,VS0,VE38
etag
"fb5e5490c690f08fb6399c76828fae42eeb6195646961666ab1a98911113012d"
vary
x-fh-requested-host, accept-encoding
content-type
text/css; charset=utf-8
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
784fb55798b118ae-EWR
x-cache-hits
0
style.css
ngl.link/stylesheets/
7 KB
2 KB
Stylesheet
General
Full URL
https://ngl.link/stylesheets/style.css?v=4
Requested by
Host: ngl.link
URL: https://ngl.link/im_roxiii3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a8e2a38425ef684e63e06870f5fa815c3806720ccfadaca2b3c79bd03ea271e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ngl.link/im_roxiii3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:39:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
3454
x-cache
HIT
content-length
1841
x-served-by
cache-lga21962-LGA
last-modified
Thu, 29 Dec 2022 16:34:25 GMT
server
cloudflare
x-timer
S1672351508.102728,VS0,VE1
etag
"e5b9490d0ae4ec14a0ba88debfb2258e3933263dc73fe4268451c367fc8b7f29"
vary
x-fh-requested-host, accept-encoding
content-type
text/css; charset=utf-8
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
784fb55798b218ae-EWR
x-cache-hits
1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: ngl.link
URL: https://ngl.link/im_roxiii3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ngl.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 22:18:10 GMT
main.js
ngl.link/scripts/
7 KB
2 KB
Script
General
Full URL
https://ngl.link/scripts/main.js?v=3
Requested by
Host: ngl.link
URL: https://ngl.link/im_roxiii3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57adc740f4fbf33b13b4842848be7f21e24b728be894285786d5f7630b6a6a5c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ngl.link/im_roxiii3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:39:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
2097
x-cache
HIT
content-length
2348
x-served-by
cache-lga21925-LGA
last-modified
Tue, 03 Jan 2023 22:44:51 GMT
server
cloudflare
x-timer
S1672786339.093030,VS0,VE1
etag
"ee7ce4ff27269a1d77b06760829217e9b0caa1f32257630d700a0ba6fe44519a"
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
784fb55798b318ae-EWR
x-cache-hits
1
/
js.stripe.com/v3/
414 KB
100 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: ngl.link
URL: https://ngl.link/im_roxiii3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-115.iad55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
24e9687f941a3b8cbcf74df1091ff94fc3e96e8952ea963260a02ccc0745097c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ngl.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:38:16 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
x-amz-cf-pop
IAD55-P4
age
55
via
1.1 4eed67f4be7da2537d3407735b8962a8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
last-modified
Thu, 05 Jan 2023 22:36:21 GMT
server
Cloudfront
etag
W/"d0be718f2af886c5ea4d5eb3d4e14729"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
tmTbPuE7DrrBafO_ZkMpbpOCKI5uVtD61jacFq7OuXb2J9iRM3GpPw==
images%2F4E72DFF6-DCED-40A9-BBFC-973572F9D951.jpg
firebasestorage.googleapis.com/v0/b/ask-fun-d10f0.appspot.com/o/
25 KB
26 KB
Image
General
Full URL
https://firebasestorage.googleapis.com/v0/b/ask-fun-d10f0.appspot.com/o/images%2F4E72DFF6-DCED-40A9-BBFC-973572F9D951.jpg?alt=media&token=e041091d-5c83-46e5-8c1a-59229ee78b67
Requested by
Host: ngl.link
URL: https://ngl.link/im_roxiii3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
db6d6037b5b780d0f8126efa3d3095e900a73cc01d347ba83279ac854caf991e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ngl.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:39:10 GMT
x-guploader-uploadid
ADPycdvghKAgvdQ1_Zj5Rpffc9ngYXdlMrGus7TtCqq7JU1NTcuqUiNxOwcTjPu2hBFtuCeFOHyn-0-0UbM6qYmkkbF7pg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''4E72DFF6-DCED-40A9-BBFC-973572F9D951.jpg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25957
last-modified
Sun, 11 Sep 2022 20:56:19 GMT
server
UploadServer
etag
"444f7262afe0a6282bd548203654bcb0"
x-goog-generation
1662929779501071
content-type
application/octet-stream
x-goog-hash
crc32c=ozgbDw==, md5=RE9yYq/gpigr1UggNlS8sA==
cache-control
private, max-age=0
x-goog-stored-content-length
25957
x-goog-meta-firebasestoragedownloadtokens
e041091d-5c83-46e5-8c1a-59229ee78b67
accept-ranges
bytes
expires
Thu, 05 Jan 2023 22:39:10 GMT
gold.png
ngl.link/images/
100 KB
101 KB
Image
General
Full URL
https://ngl.link/images/gold.png
Requested by
Host: ngl.link
URL: https://ngl.link/im_roxiii3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0456cc9468e7165b29d55359bd3266c2576a19295e88da359af9437d881c8764
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ngl.link/im_roxiii3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:39:10 GMT
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
1993
x-cache
HIT
content-length
102848
x-served-by
cache-lga21981-LGA
last-modified
Fri, 16 Dec 2022 19:01:17 GMT
server
cloudflare
x-timer
S1671217301.807550,VS0,VE1
etag
"98543fb68e332a4e1026aad49e874c53bc7715ec0fc7911ff678330ce64e4c30"
vary
x-fh-requested-host, accept-encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
784fb558db1618ae-EWR
x-cache-hits
1
firebase-app.js
www.gstatic.com/firebasejs/9.6.1/
50 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/9.6.1/firebase-app.js
Requested by
Host: ngl.link
URL: https://ngl.link/im_roxiii3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bbe7684eb6a67961ba3b5c9425ccadd5fedcb1902cdb472be693576abed78b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ngl.link/
Origin
https://ngl.link
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10807
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 21:53:39 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 19:11:49 GMT
firebase-analytics.js
www.gstatic.com/firebasejs/9.6.1/
104 KB
22 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/9.6.1/firebase-analytics.js
Requested by
Host: ngl.link
URL: https://ngl.link/im_roxiii3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdf47d917624ac8cb0feaf89d010753fa26340ef309e4cc487db96c692346ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ngl.link/
Origin
https://ngl.link
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 11:01:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
214645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22853
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 21:53:42 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 11:01:45 GMT
profilePlaceholder.png
ngl.link/images/
2 KB
2 KB
Image
General
Full URL
https://ngl.link/images/profilePlaceholder.png
Requested by
Host: ngl.link
URL: https://ngl.link/stylesheets/style.css?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e38d23ec9f6fa0a2b8979ed3ca1fc36679f5d12981a7e22053b7bb2c84e47a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ngl.link/stylesheets/style.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:39:10 GMT
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
556
x-cache
MISS
content-length
2184
x-served-by
cache-lga21951-LGA
last-modified
Mon, 10 Oct 2022 22:10:00 GMT
server
cloudflare
x-timer
S1665439816.375370,VS0,VE41
etag
"8ab6a311021074047e138394f24c1bc0713304657511800fad512f0e00db4e0c"
vary
x-fh-requested-host, accept-encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
784fb558fb4d18ae-EWR
x-cache-hits
0
top-right-corner.svg
ngl.link/images/
192 B
344 B
Image
General
Full URL
https://ngl.link/images/top-right-corner.svg
Requested by
Host: ngl.link
URL: https://ngl.link/stylesheets/style.css?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3057d47542d53b8fc17c61d8eb59f450ae74d58b1c1319b61162c493583f728c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ngl.link/stylesheets/style.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:39:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
2716
x-cache
MISS
content-length
173
x-served-by
cache-lga21966-LGA
last-modified
Mon, 10 Oct 2022 22:10:00 GMT
server
cloudflare
x-timer
S1665439816.394095,VS0,VE53
etag
"63f6106e6deecc4f9966743d912ca543f2ec93c401d9b219da094e460435853b"
vary
x-fh-requested-host, accept-encoding
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
784fb558fb5318ae-EWR
x-cache-hits
0
top-left-corner.svg
ngl.link/images/
192 B
344 B
Image
General
Full URL
https://ngl.link/images/top-left-corner.svg
Requested by
Host: ngl.link
URL: https://ngl.link/stylesheets/style.css?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3f9a8b87caf44fef2a52cddd6781f6089c94b2398a23291a2f45fc53a43b68
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ngl.link/stylesheets/style.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:39:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
3453
x-cache
MISS
content-length
174
x-served-by
cache-lga21967-LGA
last-modified
Mon, 10 Oct 2022 22:10:00 GMT
server
cloudflare
x-timer
S1665439816.390453,VS0,VE43
etag
"35796a31e03302b46418a4e3a1520f23e6fd14ecb398f5fd58d9bf7daf149f9c"
vary
x-fh-requested-host, accept-encoding
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
784fb558fb5618ae-EWR
x-cache-hits
0
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame E438
200 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-115.iad55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ngl.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
230
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 22:35:21 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Wed, 21 Dec 2022 18:20:45 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 4eed67f4be7da2537d3407735b8962a8.cloudfront.net (CloudFront)
x-amz-cf-id
zo1JNqi83OsY5lTiogVN_93w7Wc7zAgPwIz1tjLU0vvNt05Bl127Iw==
x-amz-cf-pop
IAD55-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:214597529567:web:d49e8aeef77b9e0a039e6a/
362 B
431 B
Fetch
General
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:214597529567:web:d49e8aeef77b9e0a039e6a/webConfig
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.6.1/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4afb03c681843dcfad8bfa9e946d32adb8fcb706a1dd459face91823f58fe44a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://ngl.link/
x-goog-api-key
AIzaSyCmL3X8pQOHhtXMIFTxJsO7KHQ2nDr_G6w
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ngl.link
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
242
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:214597529567:web:d49e8aeef77b9e0a039e6a/ Frame
0
0
Preflight
General
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:214597529567:web:d49e8aeef77b9e0a039e6a/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://ngl.link
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://ngl.link
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 05 Jan 2023 22:39:10 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
ro
cdn.simplelocalize.io/57157aec81d54cb6b2a43f8b34a61d47/_production/
22 KB
22 KB
XHR
General
Full URL
https://cdn.simplelocalize.io/57157aec81d54cb6b2a43f8b34a61d47/_production/ro
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a309adff8e2667f181bb869de51014ed4b324fb6d7cda34d5e44324e414f8e73

Request headers

Accept
*/*
Referer
https://ngl.link/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:39:10 GMT
content-encoding
utf-8
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
266MGKF78VXBZK43
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22082
x-amz-id-2
XJxKAu+NVi8JWH6YXEz4DOAHYFIstZoXQD30Bzkx6zB7SukCZfqCnJluz0AzrJTIeddaZPKCUbM=
last-modified
Fri, 30 Dec 2022 22:02:13 GMT
server
cloudflare
etag
"3488a814222d3458e737d8ab26485264"
access-control-max-age
1800
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=it03ca1pT4g0tX%2BQcSOjD%2FFUrBu1G2iZ%2BMB%2FJ8c9YGb0j1a5wlLe9mpj6%2BAYuZnVr8oPrrLEGUu1sBweZ%2FLFQVl8IF3JiEc9MoUYoP%2BpzG%2FiEvaKuhSEqRhATuh%2FwTN6cZiqHXWQIcHrvk8J4r0lnLA2pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=120
accept-ranges
bytes
cf-ray
784fb559ef9519cf-EWR
installations
firebaseinstallations.googleapis.com/v1/projects/ask-fun-d10f0/
625 B
678 B
Fetch
General
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/ask-fun-d10f0/installations
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.6.1/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
37919daa8e7e527aedb3266fb31078375b2e5041eacf6a0a2c5abb35d176be59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://ngl.link/
x-goog-api-key
AIzaSyCmL3X8pQOHhtXMIFTxJsO7KHQ2nDr_G6w
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json

Response headers

date
Thu, 05 Jan 2023 22:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ngl.link
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
488
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/ask-fun-d10f0/ Frame
0
0
Preflight
General
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/ask-fun-d10f0/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://ngl.link
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://ngl.link
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 05 Jan 2023 22:39:10 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
csp-report
q.stripe.com/ Frame E438
0
571 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: ngl.link
URL: https://ngl.link/im_roxiii3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 05 Jan 2023 22:39:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame E438
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: ngl.link
URL: https://ngl.link/im_roxiii3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 05 Jan 2023 22:39:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame E438
631 B
1 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-115.iad55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Thu, 05 Jan 2023 22:28:31 GMT
x-content-type-options
nosniff
via
1.1 4eed67f4be7da2537d3407735b8962a8.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4
age
640
x-cache
Hit from cloudfront
content-length
631
last-modified
Wed, 21 Dec 2022 18:20:44 GMT
server
Cloudfront
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
-12fWf99a6WEJym9w_-PCTAnDwy3akhCxxnc5zofPp1vbqhBolcZOg==
inner.html
m.stripe.network/ Frame BBB2
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250a:9a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
288
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 22:34:22 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
x-amz-cf-id
zBYb5KV-tH-2CDQVV4Hf-NSUphumTwffNXJugZuasEtms9lhcxMYyg==
x-amz-cf-pop
IAD12-P3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
js
www.googletagmanager.com/gtag/
184 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5DV1ZR5ZHG
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.6.1/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ff1902daede4ff13bd13946b1f2dbc7e40e920c0968c53880eccecd9aef32d8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ngl.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:39:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69017
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 05 Jan 2023 22:39:10 GMT
csp-report
q.stripe.com/ Frame BBB2
0
344 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: ngl.link
URL: https://ngl.link/im_roxiii3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 22:39:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
x-robots-tag
none
content-length
0
expires
0
out-4.5.42.js
m.stripe.network/ Frame BBB2
86 KB
14 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250a:9a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 05 Jan 2023 22:35:07 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
243
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
BsOBV2lFlFwSJI6w8z2AJ0yYKBTbUT4lPvMtbM2RR6uFWkFJzA7_RQ==
collect
www.google-analytics.com/g/
0
342 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-5DV1ZR5ZHG&gtm=2oe120&_p=190039178&_fid=e34pTXyPmBoNPSvnxsmkGa&cid=180029275.1672958351&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672958350&sct=1&seg=0&dl=https%3A%2F%2Fngl.link%2Fim_roxiii3&dt=%40im_roxiii3&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&ep.origin=firebase
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5DV1ZR5ZHG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ngl.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 22:39:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ngl.link
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6
m.stripe.com/ Frame BBB2
156 B
522 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.232.234 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-232-234.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
436d7dc0700cc13c00d13de2776c424017880dbff977f25e3b9831a7cda9f212
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 05 Jan 2023 22:39:10 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| $ function| jQuery object| webpackChunkStripeJSouter function| Stripe boolean| priorityInboxEnabled string| username string| gameSlug object| dataLayer function| gtag object| questionId object| google_tag_manager object| google_tag_data object| gaGlobal

5 Cookies

Domain/Path Name / Value
.ngl.link/ Name: _ga_5DV1ZR5ZHG
Value: GS1.1.1672958350.1.0.1672958350.0.0.0
.ngl.link/ Name: _ga
Value: GA1.1.180029275.1672958351
m.stripe.com/ Name: m
Value: 29963f7c-5a00-4574-af2c-350846fc2701317c1b
.ngl.link/ Name: __stripe_mid
Value: b46772f6-67cb-4e06-9d17-01c36cb2e6e6ec5905
.ngl.link/ Name: __stripe_sid
Value: 38360849-f594-4d07-a5e5-b6f528489429681857

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.simplelocalize.io
firebase.googleapis.com
firebaseinstallations.googleapis.com
firebasestorage.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
ngl.link
q.stripe.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
104.22.78.252
104.22.79.252
18.165.98.115
2001:4860:4802:36::178
2600:9000:250a:9a00:19:7d10:bd80:93a1
2606:4700:20::ac43:4899
2607:f8b0:4006:809::2003
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80f::200a
2607:f8b0:4006:817::200a
2607:f8b0:4006:81f::200a
54.187.119.242
54.187.232.234
0456cc9468e7165b29d55359bd3266c2576a19295e88da359af9437d881c8764
24e9687f941a3b8cbcf74df1091ff94fc3e96e8952ea963260a02ccc0745097c
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2a8e2a38425ef684e63e06870f5fa815c3806720ccfadaca2b3c79bd03ea271e
3057d47542d53b8fc17c61d8eb59f450ae74d58b1c1319b61162c493583f728c
37919daa8e7e527aedb3266fb31078375b2e5041eacf6a0a2c5abb35d176be59
436d7dc0700cc13c00d13de2776c424017880dbff977f25e3b9831a7cda9f212
4afb03c681843dcfad8bfa9e946d32adb8fcb706a1dd459face91823f58fe44a
57adc740f4fbf33b13b4842848be7f21e24b728be894285786d5f7630b6a6a5c
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
7bbe7684eb6a67961ba3b5c9425ccadd5fedcb1902cdb472be693576abed78b8
7d3f9a8b87caf44fef2a52cddd6781f6089c94b2398a23291a2f45fc53a43b68
a309adff8e2667f181bb869de51014ed4b324fb6d7cda34d5e44324e414f8e73
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
cdf47d917624ac8cb0feaf89d010753fa26340ef309e4cc487db96c692346ac6
d2e38d23ec9f6fa0a2b8979ed3ca1fc36679f5d12981a7e22053b7bb2c84e47a
db6d6037b5b780d0f8126efa3d3095e900a73cc01d347ba83279ac854caf991e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fdacd8a7eed64d47bf645fad12c3a518e5f086fb0d91a18136115845bb53db6c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff1902daede4ff13bd13946b1f2dbc7e40e920c0968c53880eccecd9aef32d8a