pit.avenue.us Open in urlscan Pro
2606:4700::6812:809 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pit.avenue.us/register/identity-info
Submission: On August 28 via api (August 28th 2023, 3:58:25 am UTC) from BR — Scanned from US

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 17 domains to perform 56 HTTP transactions. The main IP is 2606:4700::6812:809, located in United States and belongs to CLOUDFLARENET, US. The main domain is pit.avenue.us.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 16th 2023. Valid for: a year.

This is the only time pit.avenue.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700::68... 2606:4700::6812:809	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:23c... 2600:9000:23ca:8800:2:7376:2a00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.110.1.102 13.110.1.102	14340 (SALESFORCE) (SALESFORCE)
1	13.110.35.20 13.110.35.20	14340 (SALESFORCE) (SALESFORCE)
1	13.226.34.126 13.226.34.126	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:23c... 2600:9000:23cb:1600:f:716:1cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.5.28.165 3.5.28.165	14618 (AMAZON-AES) (AMAZON-AES)
1	3.222.89.9 3.222.89.9	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
4	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80a::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:807::200a	15169 (GOOGLE) (GOOGLE)
1	108.138.106.101 108.138.106.101	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
1	18.164.96.90 18.164.96.90	16509 (AMAZON-02) (AMAZON-02)
1	52.209.99.73 52.209.99.73	16509 (AMAZON-02) (AMAZON-02)
56	23

18 2606:4700::6812:809 (United States)

ASN13335 (CLOUDFLARENET, US)

pit.avenue.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avenue.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pit-api.avenue.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23ca:8800:2:7376:2a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

mwc-cdn.morningstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.110.1.102 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl3-ncg0-phx3.la2-c2-ph2.salesforceliveagent.com

c.la2-c2-ph2.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.110.35.20 (Fremont, United States)

ASN14340 (SALESFORCE, US)
PTR: dcl7-ncg0-iad3.na129-ia2.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-126.ewr53.r.cloudfront.net

amazon-cognito-assets.us-east-1.amazoncognito.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23cb:1600:f:716:1cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.nickelled.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.28.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

falazap-sdk.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.89.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-89-9.compute-1.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::200a (United States)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::200a (United States)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:807::200a (United States)

ASN15169 (GOOGLE, US)

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-101.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.99.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-99-73.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	avenue.us pit.avenue.us avenue.us pit-api.avenue.us	3 MB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 firebase.googleapis.com — Cisco Umbrella Rank: 4836 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 568 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 479	7 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 93	477 B
4	google.com analytics.google.com — Cisco Umbrella Rank: 166 www.google.com — Cisco Umbrella Rank: 2	821 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	312 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 740 script.hotjar.com — Cisco Umbrella Rank: 946	59 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	82 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6279	161 B
1	gstatic.com fonts.gstatic.com	16 KB
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 4593	11 KB
1	amazonaws.com falazap-sdk.s3.amazonaws.com	21 KB
1	nickelled.com cdn.nickelled.com — Cisco Umbrella Rank: 304858	42 KB
1	amazoncognito.com amazon-cognito-assets.us-east-1.amazoncognito.com — Cisco Umbrella Rank: 207978	262 KB
1	force.com service.force.com — Cisco Umbrella Rank: 3613	9 KB
1	salesforceliveagent.com c.la2-c2-ph2.salesforceliveagent.com — Cisco Umbrella Rank: 110551	41 KB
1	morningstar.com mwc-cdn.morningstar.com — Cisco Umbrella Rank: 88373	37 KB
56	17

	Domain	Requested by
8	pit-api.avenue.us	pit.avenue.us
8	pit.avenue.us	pit.avenue.us
5	www.google-analytics.com	pit.avenue.us www.googletagmanager.com
4	stats.g.doubleclick.net	www.googletagmanager.com pit.avenue.us
4	www.googletagmanager.com	pit.avenue.us www.googletagmanager.com www.google-analytics.com
2	www.google.com
2	firebaseremoteconfig.googleapis.com	pit.avenue.us
2	avenue.us
2	analytics.google.com	www.googletagmanager.com
2	firebaseinstallations.googleapis.com	pit.avenue.us
2	firebase.googleapis.com	pit.avenue.us
2	connect.facebook.net	pit.avenue.us connect.facebook.net
1	content.hotjar.io	pit.avenue.us
1	script.hotjar.com	static.hotjar.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.hotjar.com	pit.avenue.us
1	fonts.googleapis.com	falazap-sdk.s3.amazonaws.com
1	w.usabilla.com	pit.avenue.us
1	falazap-sdk.s3.amazonaws.com	pit.avenue.us
1	cdn.nickelled.com	pit.avenue.us
1	amazon-cognito-assets.us-east-1.amazoncognito.com	pit.avenue.us
1	service.force.com	pit.avenue.us
1	c.la2-c2-ph2.salesforceliveagent.com	pit.avenue.us
1	mwc-cdn.morningstar.com	pit.avenue.us
56	24

This site contains no links.

Subject Issuer	Validity	Valid
avenue.us Go Daddy Secure Certificate Authority - G2	`2023-01-16` - `2024-02-17`	a year	crt.sh
00104.maa8abef.eas.morningstar.com Amazon RSA 2048 M01	`2023-02-21` - `2023-12-22`	10 months	crt.sh
la2-c2-ph2.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-15` - `2024-06-12`	a year	crt.sh
*.na129.force.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-15` - `2024-03-13`	a year	crt.sh
*.us-east-1.amazoncognito.com Amazon RSA 2048 M01	`2023-06-09` - `2024-07-07`	a year	crt.sh
*.nickelled.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-25` - `2023-12-26`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
w.usabilla.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-06` - `2023-09-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://pit.avenue.us/register/identity-info
Frame ID: 14E35934999AD57D9B07E068D4937BD3
Requests: 49 HTTP requests in this frame

Frame: https://w.usabilla.com/ab35255e7377.js?lv=1
Frame ID: 7A3FD48478A96DD9165E9BB3C8CFA04E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Avenue App

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Salesforce Service Cloud (Live chat) Expand

Overall confidence: 100%
Detected patterns

service\.force\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

56
Requests

98 %
HTTPS

64 %
IPv6

17
Domains

24
Subdomains

23
IPs

2
Countries

3674 kB
Transfer

12212 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request identity-info Show response
pit.avenue.us/register/ 4 KB
2 KB 200ms
99ms Document
text/html 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pit.avenue.us/register/identity-info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f2fdb2bc5d9664a34bd7286cb2d77ddb866cc9037a95ab98c6fb05f7e95bdb4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7fd9a28fd9ce9aef-MIA
content-encoding: gzip
content-security-policy: frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
content-type: text/html
date: Mon, 28 Aug 2023 03:58:17 GMT
last-modified: Tue, 22 Aug 2023 22:35:37 GMT
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block

GET
H2 200 ec-component-loader.min.js Show response
mwc-cdn.morningstar.com/lib/ec-component-loader/1/dist/ 121 KB
37 KB 357ms
76ms Script
text/javascript 2600:9000:23ca:8800:2:7376:2a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mwc-cdn.morningstar.com/lib/ec-component-loader/1/dist/ec-component-loader.min.js
Requested by: Host: pit.avenue.us
URL: https://pit.avenue.us/register/identity-info
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:8800:2:7376:2a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b9515b47cec02c8b93f6c2e1ba68655705e192c1b9c0ced2a2bd156abc45136

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:45:03 GMT
x-amz-version-id: EhbgRWuLPhWbhBInhlR9a8bFqRgumq51
content-encoding: gzip
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 795
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 20 Apr 2022 07:58:51 GMT
server: AmazonS3
etag: W/"383744c3509da2d9ed214d6ed27acf26"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: must-revalidate,max-age=604800,public
vary: Accept-Encoding,Origin
x-amz-cf-id: 0E9csWrCHzELgwydBaEiJnushdL0lBoyF3_cgbLbPmY5b1BSMb7FsA==

GET
H2 200 main.762bbf04.js Show response
pit.avenue.us/static/js/ 9 MB
2 MB 62ms
59ms Script
application/javascript 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pit.avenue.us/static/js/main.762bbf04.js

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/register/identity-info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df582891110522207ed3ca40bdb31532589670654aca66ed2dd03d470cce9755

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:58:17 GMT
content-security-policy: frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6914
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 22 Aug 2023 22:36:22 GMT
server: cloudflare
etag: W/"64e53866-89dda0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7fd9a2908af99aef-MIA
expires: Mon, 28 Aug 2023 07:58:17 GMT

GET
H2 200 main.3091af95.css
pit.avenue.us/static/css/ 869 KB
152 KB 65ms
62ms Stylesheet
text/css 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pit.avenue.us/static/css/main.3091af95.css

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/register/identity-info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0171a18de24af9ecbf9c8cc4e2345de524730f73c0af8da6fc1cc94e38de99c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:58:17 GMT
content-security-policy: frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6914
cf-polished: origSize=890917
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
cf-bgj: minify
last-modified: Tue, 22 Aug 2023 22:36:21 GMT
server: cloudflare
etag: W/"64e53865-d9825"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7fd9a2908af49aef-MIA
expires: Mon, 28 Aug 2023 07:58:17 GMT

GET
H/1.1 200
OK deployment.js Show response
c.la2-c2-ph2.salesforceliveagent.com/content/g/js/46.0/ 41 KB
41 KB 550ms
185ms Script
application/javascript 13.110.1.102
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.la2-c2-ph2.salesforceliveagent.com/content/g/js/46.0/deployment.js
Requested by: Host: pit.avenue.us
URL: https://pit.avenue.us/register/identity-info
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.110.1.102 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS: dcl3-ncg0-phx3.la2-c2-ph2.salesforceliveagent.com
Software: Jetty /
Resource Hash: 378838cb53e60adb4f530cd606fda91d0c1140fbbdb81e933477c4cf4ad694de

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 03:58:18 GMT
Cache-Control: max-age=60, must-revalidate
Last-Modified: Sat, 29 Jul 2023 06:23:12 GMT
Server: Jetty
Accept-Ranges: bytes
Content-Length: 42107
Content-Type: application/javascript

GET
H/1.1 200
OK esw.min.js Show response
service.force.com/embeddedservice/5.0/ 30 KB
9 KB 245ms
55ms Script
application/x-javascript 13.110.35.20
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/register/identity-info

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.35.20 Fremont, United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg0-iad3.na129-ia2.force.com

Software

Resource Hash

f59d61052c742fb252334d4b9c6e0e4d85ee2f6a2881ab86b22c98b6a6ec2c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 21:16:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 06 Oct 2022 23:37:30 GMT
Content-Encoding: gzip
Age: 24082
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 8452
X-XSS-Protection: 1; mode=block
Expires: Mon, 28 Aug 2023 21:16:55 GMT

GET
H2 200 amazon-cognito-advanced-security-data.min.js Show response
amazon-cognito-assets.us-east-1.amazoncognito.com/ 262 KB
262 KB 212ms
59ms Script
application/javascript 13.226.34.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amazon-cognito-assets.us-east-1.amazoncognito.com/amazon-cognito-advanced-security-data.min.js
Requested by: Host: pit.avenue.us
URL: https://pit.avenue.us/register/identity-info
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-126.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76c8c8dd37624451353be94098f7f7594665abb6b9630049b5a30d9552c0c992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 27 Aug 2023 11:13:20 GMT
via: 1.1 2ef71b29bcfbfc8755cad5f92a3c329a.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2017 03:09:34 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 60298
etag: "f114c0fc11a637cf5e7b845216b144d0"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 267861
x-amz-cf-id: 75G-2jMtfdOAcWzODLZ5KfXJ6dK-_Q3wQpq_UyuIeWMFYwe5HWAMKQ==

GET
H2 200 launchers-2.min.js Show response
cdn.nickelled.com/ 131 KB
42 KB 254ms
75ms Script
application/javascript 2600:9000:23cb:1600:f:716:1cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nickelled.com/launchers-2.min.js
Requested by: Host: pit.avenue.us
URL: https://pit.avenue.us/register/identity-info
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:1600:f:716:1cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4a0a1aaa658eab57fb449f95612d6f208d20e2ae95747f980c07bfdfa3f3481

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:22:53 GMT
content-encoding: gzip
via: 1.1 b0e346c8169b4f8b2ad260265d95ff1a.cloudfront.net (CloudFront)
last-modified: Thu, 26 May 2022 15:39:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 2212
etag: W/"0f6be6e37ce73d3c0e7d39b329b84504"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: JPpC6CIWI0-j04bTjUVWZHh3L356PBhF56wU74df4FHrbB8Qr7cAOA==

GET
H/1.1 200
OK falazap-sdk-v4.js Show response
falazap-sdk.s3.amazonaws.com/ 20 KB
21 KB 213ms
78ms Script
application/javascript 3.5.28.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://falazap-sdk.s3.amazonaws.com/falazap-sdk-v4.js
Requested by: Host: pit.avenue.us
URL: https://pit.avenue.us/register/identity-info
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.28.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cb25492749e20a2ac44b7d544fe68ce05c7a5badc0c30925a31d3bba5894a6a5

Request headers

Referer
Origin: https://pit.avenue.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 03:58:18 GMT
Last-Modified: Tue, 09 May 2023 11:50:24 GMT
Server: AmazonS3
x-amz-request-id: SFD1VZAC023K311B
ETag: "e69853d0a46fc60c11cd262fa866261e"
x-amz-server-side-encryption: AES256
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Accept-Ranges: bytes
Content-Length: 20383
x-amz-id-2: CBLxwtjM9HLy+Cnldu5FhUX367tWkZ0qIPU+wGxYPfa25v9WbCUTycFA/GDK4C0tO3zVdfCjpzMus9kfD1I9oussiaw4GQh3

GET
H2 200 ab35255e7377.js Show response
w.usabilla.com/ Frame 7A3F 38 KB
11 KB 362ms
212ms Script
text/javascript 3.222.89.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/ab35255e7377.js?lv=1
Requested by: Host: pit.avenue.us
URL: https://pit.avenue.us/register/identity-info
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.89.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-89-9.compute-1.amazonaws.com
Software: /
Resource Hash: ba6d10b5c0dc4587b3f8d83d7bbf5080473bc7393404a2ef600cb390956f37f1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 03:58:18 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "ded6d9315e1ac6eb199f15982036e53d"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 11410

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 193 KB
52 KB 196ms
65ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Aug 2023 03:58:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52127
x-xss-protection: 0
pragma: public
x-fb-debug: bTBzFo8VOKm/512Nll2EcvUDUE2DxR0souGFLsoX4dQX2yhduOIRUE/P97OmrV/gQp2Niz+C9vtaSlUnGqxuCg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
87 KB 233ms
99ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0G0KX2E8H4

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74ca1aa4454088af20b7a6708a622c61ce6ac47842a645c92d15ff29219e3e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:58:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88823
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 28 Aug 2023 03:58:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 205ms
62ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 28 Aug 2023 02:40:55 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4643
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 28 Aug 2023 04:40:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 216ms
79ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400&display=swap

Requested by

Host: falazap-sdk.s3.amazonaws.com
URL: https://falazap-sdk.s3.amazonaws.com/falazap-sdk-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a41c153ec89d18db392d2eb0fd947ad2b0cb41b0a09fd0cbdeb35f51210076e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Aug 2023 03:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 03:58:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Aug 2023 03:58:19 GMT

GET
H3 200 MaisonNeue-Book.16aaceee061b5eac9122.otf
pit.avenue.us/static/media/ 97 KB
97 KB 60ms
60ms Font
application/octet-stream 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pit.avenue.us/static/media/MaisonNeue-Book.16aaceee061b5eac9122.otf

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/css/main.3091af95.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eade80ea8f80ec179faef670854c96dc55ff1871b79aa01e386733667b9394d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://pit.avenue.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:58:18 GMT
content-security-policy: frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 910
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 99092
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 22 Aug 2023 22:36:28 GMT
server: cloudflare
etag: "64e5386c-18314"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fd9a297cc67335e-MIA
expires: Mon, 28 Aug 2023 07:58:18 GMT

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:484725300602:web:83e06671c6b2a6d2f40ac3/ 355 B
425 B 100ms
99ms Fetch
application/json 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:484725300602:web:83e06671c6b2a6d2f40ac3/webConfig

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aec4a746f86f731ed0cba52c39e4055e8a4b5981813c5aebc756a2506fd5a7fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer
x-goog-api-key: AIzaSyC-q3kEGqKxNhMgQ4xXnbzNM0k0Vo9n2tg
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pit.avenue.us
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 235
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:484725300602:web:83e06671c6b2a6d2f40ac3/ Frame 0
0 234ms
81ms Preflight
text/html 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:484725300602:web:83e06671c6b2a6d2f40ac3/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://pit.avenue.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://pit.avenue.us
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 28 Aug 2023 03:58:19 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/trading-prod-av/ Frame 0
0 234ms
82ms Preflight
text/html 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/trading-prod-av/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://pit.avenue.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://pit.avenue.us
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 28 Aug 2023 03:58:19 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/trading-prod-av/ 623 B
677 B 299ms
299ms Fetch
application/json 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/trading-prod-av/installations

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a23a459e81691e24361eaa3ad6332aa0d026f86d2493e1061e61bb70f89f8cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer
x-goog-api-key: AIzaSyC-q3kEGqKxNhMgQ4xXnbzNM0k0Vo9n2tg
accept-language: en-US,en;q=0.9
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMTAgZmlyZS1jb3JlLWVzbTIwMTcvMC45LjEwIGZpcmUtanMvIGZpcmUtaWlkLzAuNi40IGZpcmUtaWlkLWVzbTIwMTcvMC42LjQgZmlyZS1hbmFseXRpY3MvMC4xMC4wIGZpcmUtYW5hbHl0aWNzLWVzbTIwMTcvMC4xMC4wIGZpcmUtanMtYWxsLWFwcC85LjIyLjAgZmlyZS1yYy8wLjQuNCBmaXJlLXJjLWVzbTIwMTcvMC40LjQiLCJkYXRlcyI6WyIyMDIzLTA4LTI4Il19XX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type: application/json

Response headers

date: Mon, 28 Aug 2023 03:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pit.avenue.us
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 487
x-xss-protection: 0

GET
H2 200 2439494666315623 Show response
connect.facebook.net/signals/config/ 110 KB
30 KB 102ms
101ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2439494666315623?v=2.9.125&r=stable&domain=pit.avenue.us

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1d22ea06fbbb6d7e88740a956b8b812cf0040d69e2ecfda0aa43af308882c1fc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Aug 2023 03:58:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: vTx4X45zYOyncT70LumHUOqSEGcDe5E0/jJT+4GwinfEJufQ0USnEzMTFEfg2svuhaw5kKSQMczGdO9Hrf3D8A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
72 KB 86ms
86ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5328LCJVNW

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3d193e13416d2ef63efc061e0488054e59ab9c1cf1322e111bc8c3e0ff77596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:58:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73108
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 28 Aug 2023 03:58:19 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
169 B 77ms
76ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0G0KX2E8H4&gtm=45je38n0&_p=45346850&cid=981239312.1693195099&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693195099&sct=1&seg=0&dl=https%3A%2F%2Fpit.avenue.us%2Fregister%2Fidentity-info&dt=Avenue%20App&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0G0KX2E8H4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 03:58:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pit.avenue.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
72 KB 98ms
98ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5328LCJVNW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0G0KX2E8H4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a522b74deb9b80b6fb006a90b7c64f1d23883a8c44d99e423b8aa88543b3a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:58:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73169
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 28 Aug 2023 03:58:19 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
252 B 210ms
77ms Ping
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-5328LCJVNW&gtm=45je38n0&_p=45346850&_gaz=1&_fid=cnLv68eODXEWFoVN8F5nCl&cid=981239312.1693195099&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693195099&sct=1&seg=0&dl=https%3A%2F%2Fpit.avenue.us%2Fregister%2Fidentity-info&dt=Avenue%20App&en=page_view&_fv=1&_ss=2&_ee=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5328LCJVNW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 03:58:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pit.avenue.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
243 B 183ms
65ms Ping
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5328LCJVNW&cid=981239312.1693195099&gtm=45je38n0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5328LCJVNW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 03:58:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pit.avenue.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 balloon-chat.svg
avenue.us/wp-content/themes/avenueus/assets/img/ 456 B
1 KB 91ms
62ms Image
image/svg+xml 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avenue.us/wp-content/themes/avenueus/assets/img/balloon-chat.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5a86d56a9c7090d58acd1dffdf04fcf44a41920c5f351fb7c4365477480ac37

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; frame-src *;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:58:19 GMT
content-security-policy: frame-ancestors 'self'; frame-src *;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-encoding: gzip
age: 391488
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=0qyv6QEPJFrmGb1HsrTaMVvOMK31ThYwCEvQBp1xb48-1693195099-0-Abf4Z42HhZiSjeQUOWU_Ry-aueWdIZeL6A66ZLlHHzKOgLRqUSXuSmSl6Nz_7I1DQFXk0TY4zAqYZdlxLHabHbEL8vBNpQAhHlX_7LOo7Ygwe-WiZr7g-aA-cidjsnuyfOzsTv2KDeCej3UDDP-R8Km6T0EQNYFDRtWyNvqJl8G4Hjagrc7U6zx87f6ZBB4GGw; report-to cf-csp-endpoint
x-wpe-request-id: 4d5c9fb72d8d7a7efa7cbc27eee72ecb
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Aug 2023 15:13:02 GMT
server: cloudflare
etag: W/"64e621fe-1c8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=0qyv6QEPJFrmGb1HsrTaMVvOMK31ThYwCEvQBp1xb48-1693195099-0-Abf4Z42HhZiSjeQUOWU_Ry-aueWdIZeL6A66ZLlHHzKOgLRqUSXuSmSl6Nz_7I1DQFXk0TY4zAqYZdlxLHabHbEL8vBNpQAhHlX_7LOo7Ygwe-WiZr7g-aA-cidjsnuyfOzsTv2KDeCej3UDDP-R8Km6T0EQNYFDRtWyNvqJl8G4Hjagrc7U6zx87f6ZBB4GGw"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, fullscreen=*, geolocation=*
cf-ray: 7fd9a29b4bd89aef-MIA
expires: Tue, 27 Aug 2024 03:58:19 GMT

POST
H2 200 firebase:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/trading-prod-av/namespaces/ 18 KB
5 KB 212ms
211ms Fetch
application/json 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/trading-prod-av/namespaces/firebase:fetch?key=AIzaSyC-q3kEGqKxNhMgQ4xXnbzNM0k0Vo9n2tg

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65e422b1fc82062a5f73229147852b3c2a2248d2305ac30ccc684f9eaf6d49f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Content-Encoding: gzip
Referer
If-None-Match: *
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Aug 2023 03:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: etag-trading-prod-av-firebase-fetch--478944481
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pit.avenue.us
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4663
x-xss-protection: 0

OPTIONS
H2 200 firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/trading-prod-av/namespaces/ Frame 0
0 241ms
81ms Preflight
text/html 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/trading-prod-av/namespaces/firebase:fetch?key=AIzaSyC-q3kEGqKxNhMgQ4xXnbzNM0k0Vo9n2tg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,if-none-match
Access-Control-Request-Method: POST
Origin: https://pit.avenue.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers: content-encoding,content-type,if-none-match
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://pit.avenue.us
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 28 Aug 2023 03:58:19 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 226.7dc1bf2c.chunk.js Show response
pit.avenue.us/static/js/ 8 KB
3 KB 58ms
57ms Script
application/javascript 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pit.avenue.us/static/js/226.7dc1bf2c.chunk.js

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d704ca70a71b5e928c4e570c00f8aad21bbfb0bf88867d4a454f727642ecc837

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:58:20 GMT
content-security-policy: frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 909
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 22 Aug 2023 22:36:21 GMT
server: cloudflare
etag: W/"64e53865-2162"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7fd9a29efebc335e-MIA
expires: Mon, 28 Aug 2023 07:58:20 GMT

GET
H2 200 configs Show response
pit-api.avenue.us/api/commondata/ 30 B
91 B 204ms
89ms XHR
application/json 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pit-api.avenue.us/api/commondata/configs

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62391056ead58afef1e4c01691ca244a8a835e98a4fec637d156b515ca69cf0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:58:20 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://pit.avenue.us
access-control-expose-headers: Authorization,IdToken,RefreshToken
access-control-allow-credentials: true
cf-ray: 7fd9a29fa9544c2a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 30

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 76ms
76ms XHR
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=45346850&t=event&_s=1&dl=https%3A%2F%2Fpit.avenue.us%2Fregister%2Fidentity-info&ul=en-us&de=UTF-8&dt=Avenue%20App&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Registration&ea=Invitation&_u=KEDAAAABAAAAAC~&jid=1283606930&gjid=1639568074&cid=981239312.1693195099&tid=UA-122962423-2&_gid=672695113.1693195099&_r=1&_slc=1&z=329996085

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 03:58:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pit.avenue.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 77ms
76ms XHR
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=45346850&t=event&_s=1&dl=https%3A%2F%2Fpit.avenue.us%2Fregister%2Fidentity-info&ul=en-us&de=UTF-8&dt=Avenue%20App&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Registration&ea=Invitation&_u=KEDAAAABAAAAAC~&jid=1595494021&gjid=398804175&cid=981239312.1693195099&tid=UA-154513583-1&_gid=672695113.1693195099&_r=1&_slc=1&z=314970269

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

309cfc1c278e30cb527905dfe0dd549a2f6ab84ddf90a9724bfa80e09c20c640

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 03:58:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pit.avenue.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-1534854.js Show response
static.hotjar.com/c/ 10 KB
4 KB 301ms
141ms Script
application/javascript 108.138.106.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1534854.js?sv=6

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-101.jfk50.r.cloudfront.net

Software

Resource Hash

5f75e1b43a5921338b0e8b9d1618a8277f19c408cf7f1c0aabf086491903cbc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 28 Aug 2023 03:58:20 GMT
via: 1.1 7225c7fb64d09bab64bc17e314ef26a2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/687860a61f2b16fbf4395510770462e7
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: hQwV8HeVWlMvf7QUVbtoGaciZOUE2jCoV9UdXWs5v9kg1x_nNI2dng==

GET
H3 200 icon-question.svg
avenue.us/wp-content/themes/avenueus/assets/img/ 1 KB
1 KB 55ms
54ms Image
image/svg+xml 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avenue.us/wp-content/themes/avenueus/assets/img/icon-question.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a7e113c4fd6b6d3b950afeceff22485b4ede90caab838119f99078cdcf91fd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; frame-src *;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:58:20 GMT
content-security-policy: frame-ancestors 'self'; frame-src *;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-encoding: gzip
age: 391488
x-wpe-request-id: 4c051940c411ec048bcc194c105b11d0
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Aug 2023 15:13:02 GMT
server: cloudflare
etag: W/"64e621fe-517"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, fullscreen=*, geolocation=*
cf-ray: 7fd9a29f7fc6335e-MIA
expires: Tue, 27 Aug 2024 03:58:20 GMT

GET
H2 200 countries Show response
pit-api.avenue.us/api/registration/lists/ 23 KB
5 KB 120ms
88ms XHR
application/json 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pit-api.avenue.us/api/registration/lists/countries

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aff6f3a38315e9d7101b55e350f4b3ba6cba9969f3d1ff99eb6fcb430fb1ca1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:58:20 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://pit.avenue.us
access-control-expose-headers: Authorization,IdToken,RefreshToken
access-control-allow-credentials: true
cf-ray: 7fd9a29fa95a4c2a-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Roboto-Thin.4d2d45dec46afe9b9c6c.otf
pit.avenue.us/static/media/ 197 KB
198 KB 61ms
61ms Font
application/octet-stream 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pit.avenue.us/static/media/Roboto-Thin.4d2d45dec46afe9b9c6c.otf

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/css/main.3091af95.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2623e8a1797ad9406256b601b74173a9719b7c1ee44f6958005c4394321ffac0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://pit.avenue.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:58:20 GMT
content-security-policy: frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 909
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 201776
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 22 Aug 2023 22:36:34 GMT
server: cloudflare
etag: "64e53872-31430"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fd9a29f8fda335e-MIA
expires: Mon, 28 Aug 2023 07:58:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 199ms
63ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pit.avenue.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 16:08:08 GMT
x-content-type-options: nosniff
age: 388212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 16:08:08 GMT

OPTIONS
H2 200 validate
pit-api.avenue.us/auth/ Frame 0
0 148ms
81ms Preflight 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pit-api.avenue.us/auth/validate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pit.avenue.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT,PATCH
access-control-allow-origin: https://pit.avenue.us
access-control-expose-headers: Authorization,IdToken,RefreshToken
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fd9a2a00a1f3712-MIA
content-length: 0
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=iWr7UGPuyHdw3SmT0sXeiV5_43lacED8P1jcmSvFDoM-1693195100-0-ARN5wiK_dGy2VAmUO3WmDd_GiO88iA9oe6R1ebkAgaCNJLBeScS_ceNIogIbO75flOSZqH0K4BNWnVfwHHNzworTQz4xkni38tIQGrKw14yZwos2S_66KZicUiwWXj50KTqjs9SW2Cwqc0Ya04Z4ttEL0S-zUyIZJOr7iExQfLsgz3LxAR1mbEdu9bihH8XHuA; report-to cf-csp-endpoint
date: Mon, 28 Aug 2023 03:58:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=iWr7UGPuyHdw3SmT0sXeiV5_43lacED8P1jcmSvFDoM-1693195100-0-ARN5wiK_dGy2VAmUO3WmDd_GiO88iA9oe6R1ebkAgaCNJLBeScS_ceNIogIbO75flOSZqH0K4BNWnVfwHHNzworTQz4xkni38tIQGrKw14yZwos2S_66KZicUiwWXj50KTqjs9SW2Cwqc0Ya04Z4ttEL0S-zUyIZJOr7iExQfLsgz3LxAR1mbEdu9bihH8XHuA"}],"group":"cf-csp-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff

OPTIONS
H2 200 validate
pit-api.avenue.us/auth/ Frame 0
0 148ms
82ms Preflight 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pit-api.avenue.us/auth/validate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pit.avenue.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT,PATCH
access-control-allow-origin: https://pit.avenue.us
access-control-expose-headers: Authorization,IdToken,RefreshToken
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fd9a2a00a213712-MIA
content-length: 0
date: Mon, 28 Aug 2023 03:58:20 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff

POST
H2 401 validate Show response
pit-api.avenue.us/auth/ 102 B
160 B 98ms
94ms XHR
application/json 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pit-api.avenue.us/auth/validate

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a4996595d7addef97cb9d49b0b96f5b1a184334066f300c2be65b4fe00c821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 28 Aug 2023 03:58:20 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://pit.avenue.us
access-control-expose-headers: Authorization,IdToken,RefreshToken
access-control-allow-credentials: true
cf-ray: 7fd9a2a08a4f4c2a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 102

POST
H2 401 validate Show response
pit-api.avenue.us/auth/ 102 B
166 B 83ms
81ms XHR
application/json 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pit-api.avenue.us/auth/validate

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a4996595d7addef97cb9d49b0b96f5b1a184334066f300c2be65b4fe00c821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 28 Aug 2023 03:58:20 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://pit.avenue.us
access-control-expose-headers: Authorization,IdToken,RefreshToken
access-control-allow-credentials: true
cf-ray: 7fd9a2a08a514c2a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 102

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 65ms
64ms XHR
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-122962423-2&cid=981239312.1693195099&jid=1283606930&gjid=1639568074&_gid=672695113.1693195099&_u=KEDAAAAAAAAAAC~&z=850524223

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Aug 2023 03:58:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pit.avenue.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
68 B 66ms
65ms XHR
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-154513583-1&cid=981239312.1693195099&jid=1595494021&gjid=398804175&_gid=672695113.1693195099&_u=KEDAAAABAAAAAC~&z=695256259

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Aug 2023 03:58:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pit.avenue.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
82 KB 96ms
95ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ER08Y8RLDY&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

145d6807bad055e81292a5301ab988a74949d8c4defac22749cb129edb1292ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:58:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83949
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 28 Aug 2023 03:58:20 GMT

POST
H3 401 validate Show response
pit-api.avenue.us/auth/ 102 B
353 B 92ms
91ms XHR
application/json 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pit-api.avenue.us/auth/validate

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a4996595d7addef97cb9d49b0b96f5b1a184334066f300c2be65b4fe00c821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 28 Aug 2023 03:58:20 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://pit.avenue.us
access-control-expose-headers: Authorization,IdToken,RefreshToken
access-control-allow-credentials: true
cf-ray: 7fd9a2a0d951d9a1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 102

OPTIONS
H2 200 validate
pit-api.avenue.us/auth/ Frame 0
0 88ms
88ms Preflight 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pit-api.avenue.us/auth/validate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pit.avenue.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT,PATCH
access-control-allow-origin: https://pit.avenue.us
access-control-expose-headers: Authorization,IdToken,RefreshToken
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fd9a2a04a483712-MIA
content-length: 0
date: Mon, 28 Aug 2023 03:58:20 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 213ms
79ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-122962423-2&cid=981239312.1693195099&jid=1283606930&_u=KEDAAAAAAAAAAC~&z=793710840

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 03:58:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 225ms
92ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-154513583-1&cid=981239312.1693195099&jid=1595494021&_u=KEDAAAABAAAAAC~&z=1997904018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 03:58:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.1cfaab4c8cd12d2d55e6.js Show response
script.hotjar.com/ 223 KB
55 KB 212ms
69ms Script
application/javascript 18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.1cfaab4c8cd12d2d55e6.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1534854.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-90.jfk50.r.cloudfront.net

Software

Resource Hash

a0cd3e612d572a75068d14e2792b7e7acc7751603846d82343baffa8caa64c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 15:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 fa503ecd9278a874859948f3b586c782.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 218294
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55616
last-modified: Fri, 25 Aug 2023 15:19:13 GMT
etag: "b2ccfe0674387307eb50dd2e6c57d8fa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: GmGr9bwvr87U_3o2r8IUqbmVRevpEAqg_SPHtsw77_7uDd2Oq1ycHA==

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 77ms
72ms Ping
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-ER08Y8RLDY&gtm=45je38n0&_p=45346850&_gaz=1&ul=en-us&sr=1600x1200&cid=981239312.1693195099&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fpit.avenue.us%2Fregister%2Fidentity-info&dt=Avenue%20App&sid=1693195100&sct=1&seg=0&en=Invitation&_fv=1&_ss=1&_ee=1&ep.event_category=Registration
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ER08Y8RLDY&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 03:58:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pit.avenue.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 69ms
65ms Ping
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ER08Y8RLDY&cid=981239312.1693195099&gtm=45je38n0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ER08Y8RLDY&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 03:58:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pit.avenue.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 735ms
279ms XHR
application/json 52.209.99.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: pit.avenue.us
URL: https://pit.avenue.us/static/js/main.762bbf04.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.209.99.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-99-73.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01a81dafe695b7be29048d82f97a25ac722117d8cb6387b2c392472ef2445fec

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 28 Aug 2023 03:58:21 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H3 200 roboto-latin-700-normal.227c93190fe7f82de3f8.woff2
pit.avenue.us/static/media/ 15 KB
16 KB 57ms
56ms Font
font/woff2 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pit.avenue.us/static/media/roboto-latin-700-normal.227c93190fe7f82de3f8.woff2

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/css/main.3091af95.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://pit.avenue.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:58:21 GMT
content-security-policy: frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 908
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 15860
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 22 Aug 2023 22:36:33 GMT
server: cloudflare
etag: "64e53871-3df4"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fd9a2a54fd5335e-MIA
expires: Mon, 28 Aug 2023 07:58:21 GMT

GET
H3 200 roboto-latin-500-normal.f25d774ecfe0996f8eb5.woff2
pit.avenue.us/static/media/ 16 KB
16 KB 68ms
67ms Font
font/woff2 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pit.avenue.us/static/media/roboto-latin-500-normal.f25d774ecfe0996f8eb5.woff2

Requested by

Host: pit.avenue.us
URL: https://pit.avenue.us/static/css/main.3091af95.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://pit.avenue.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 03:58:21 GMT
content-security-policy: frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 908
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
content-length: 15920
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 22 Aug 2023 22:36:33 GMT
server: cloudflare
etag: "64e53871-3e30"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fd9a2a54fd7335e-MIA
expires: Mon, 28 Aug 2023 07:58:21 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 77ms
77ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0G0KX2E8H4&gtm=45je38n0&_p=45346850&cid=981239312.1693195099&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1693195099&sct=1&seg=0&dl=https%3A%2F%2Fpit.avenue.us%2Fregister%2Fidentity-info&dt=Avenue%20App&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0G0KX2E8H4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 03:58:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pit.avenue.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
analytics.google.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.google.com
URL: https://analytics.google.com/g/collect?v=2&tid=G-5328LCJVNW&gtm=45je38n0&_p=45346850&_fid=cnLv68eODXEWFoVN8F5nCl&cid=981239312.1693195099&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1693195099&sct=1&seg=0&dl=https%3A%2F%2Fpit.avenue.us%2Fregister%2Fidentity-info&dt=Avenue%20App&en=Invitation&_ee=1&ep.origin=firebase&_et=737

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.avenue.us/	1970-01-20 14:19:56	Name: __cf_bm Value: yYVDVhIPwnjYvcJ2pJw08BgepHdOeSOmGjTuSm75CNk-1693195097-0-AQ6NpzJp6lzoo2l072ZV4UE2zNZTRHHbyqQv7+518NdH9bU/G5LyxFag2bgJJMlCMRhEacmEMK6wAjEbmrmlQRs=
.avenue.us/	1969-12-31 23:59:59	Name: _cfuvid Value: TTj97O3415uyZ2WoXIjKVtF1GpH.zCgl7wH_X6J8g9o-1693195097636-0-604800000
pit.avenue.us/	1969-12-31 23:59:59	Name: i18next Value: pt
.pit.avenue.us/	1970-01-20 23:55:55	Name: _ga Value: GA1.3.981239312.1693195099
.pit.avenue.us/	1970-01-20 14:21:21	Name: _gid Value: GA1.3.672695113.1693195099
.avenue.us/	1970-01-20 23:55:55	Name: _ga Value: GA1.1.981239312.1693195099
.avenue.us/	1970-01-20 23:55:55	Name: _ga_0G0KX2E8H4 Value: GS1.1.1693195099.1.0.1693195099.0.0.0
.pit.avenue.us/	1970-01-20 14:19:55	Name: _gat Value: 1
.pit.avenue.us/	1970-01-20 14:19:55	Name: _gat_mkt Value: 1
.avenue.us/	1970-01-20 23:55:55	Name: _ga_5328LCJVNW Value: GS1.1.1693195099.1.0.1693195100.59.0.0
.pit.avenue.us/	1970-01-20 23:55:55	Name: _ga_ER08Y8RLDY Value: GS1.3.1693195100.1.0.1693195100.60.0.0
.avenue.us/	1970-01-20 23:05:31	Name: _hjSessionUser_1534854 Value: eyJpZCI6IjgxNzIxZWQyLWFiMTktNTZjZi1iZTRmLTc2NzZiMjk5ODlmNiIsImNyZWF0ZWQiOjE2OTMxOTUxMDA2OTgsImV4aXN0aW5nIjpmYWxzZX0=
.avenue.us/	1970-01-20 14:19:56	Name: _hjFirstSeen Value: 1
.avenue.us/	1970-01-20 14:19:55	Name: _hjIncludedInSessionSample_1534854 Value: 1
.avenue.us/	1970-01-20 14:19:56	Name: _hjSession_1534854 Value: eyJpZCI6IjY4ZGM4MGZjLTYyYTQtNDczNC1hN2E4LTQ3YzU4YzllMTk4NyIsImNyZWF0ZWQiOjE2OTMxOTUxMDA3MDYsImluU2FtcGxlIjp0cnVlfQ==
.avenue.us/	1970-01-20 14:19:56	Name: _hjAbsoluteSessionInProgress Value: 0
pit.avenue.us/	1970-01-20 14:19:56	Name: _dd_s Value: rum=0&expire=1693195999952

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://pit.avenue.us/register/identity-info Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
security	error	URL: https://pit.avenue.us/register/identity-info Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
security	error	URL: https://pit.avenue.us/register/identity-info Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
security	error	URL: https://w.usabilla.com/ab35255e7377.js?lv=1(Line 64) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
security	error	URL: https://w.usabilla.com/ab35255e7377.js?lv=1(Line 64) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
network	error	URL: https://pit-api.avenue.us/auth/validate Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://pit-api.avenue.us/auth/validate Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://pit-api.avenue.us/auth/validate Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://script.hotjar.com/modules.1cfaab4c8cd12d2d55e6.js Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
security	error	URL: https://script.hotjar.com/modules.1cfaab4c8cd12d2d55e6.js Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; object-src 'self' blob: filesystem:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazon-cognito-assets.us-east-1.amazoncognito.com
analytics.google.com
avenue.us
c.la2-c2-ph2.salesforceliveagent.com
cdn.nickelled.com
connect.facebook.net
content.hotjar.io
falazap-sdk.s3.amazonaws.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
mwc-cdn.morningstar.com
pit-api.avenue.us
pit.avenue.us
script.hotjar.com
service.force.com
static.hotjar.com
stats.g.doubleclick.net
w.usabilla.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
analytics.google.com
108.138.106.101
13.110.1.102
13.110.35.20
13.226.34.126
18.164.96.90
2600:9000:23ca:8800:2:7376:2a00:93a1
2600:9000:23cb:1600:f:716:1cc0:93a1
2606:4700::6812:809
2607:f8b0:4004:c08::9a
2607:f8b0:4006:807::200a
2607:f8b0:4006:80a::200a
2607:f8b0:4006:816::200a
2607:f8b0:4006:816::200e
2607:f8b0:4006:821::2003
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2004
2607:f8b0:4006:823::200e
2607:f8b0:4006:824::200a
2a03:2880:f012:8:face:b00c:0:1
3.222.89.9
3.5.28.165
52.209.99.73
01a81dafe695b7be29048d82f97a25ac722117d8cb6387b2c392472ef2445fec
0eade80ea8f80ec179faef670854c96dc55ff1871b79aa01e386733667b9394d
145d6807bad055e81292a5301ab988a74949d8c4defac22749cb129edb1292ee
1b9515b47cec02c8b93f6c2e1ba68655705e192c1b9c0ced2a2bd156abc45136
1d22ea06fbbb6d7e88740a956b8b812cf0040d69e2ecfda0aa43af308882c1fc
2623e8a1797ad9406256b601b74173a9719b7c1ee44f6958005c4394321ffac0
309cfc1c278e30cb527905dfe0dd549a2f6ab84ddf90a9724bfa80e09c20c640
378838cb53e60adb4f530cd606fda91d0c1140fbbdb81e933477c4cf4ad694de
3a522b74deb9b80b6fb006a90b7c64f1d23883a8c44d99e423b8aa88543b3a35
5f75e1b43a5921338b0e8b9d1618a8277f19c408cf7f1c0aabf086491903cbc3
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
62391056ead58afef1e4c01691ca244a8a835e98a4fec637d156b515ca69cf0b
65e422b1fc82062a5f73229147852b3c2a2248d2305ac30ccc684f9eaf6d49f9
74ca1aa4454088af20b7a6708a622c61ce6ac47842a645c92d15ff29219e3e41
76c8c8dd37624451353be94098f7f7594665abb6b9630049b5a30d9552c0c992
8a23a459e81691e24361eaa3ad6332aa0d026f86d2493e1061e61bb70f89f8cc
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
9f2fdb2bc5d9664a34bd7286cb2d77ddb866cc9037a95ab98c6fb05f7e95bdb4
a0171a18de24af9ecbf9c8cc4e2345de524730f73c0af8da6fc1cc94e38de99c
a0cd3e612d572a75068d14e2792b7e7acc7751603846d82343baffa8caa64c3a
a41c153ec89d18db392d2eb0fd947ad2b0cb41b0a09fd0cbdeb35f51210076e6
aec4a746f86f731ed0cba52c39e4055e8a4b5981813c5aebc756a2506fd5a7fa
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aff6f3a38315e9d7101b55e350f4b3ba6cba9969f3d1ff99eb6fcb430fb1ca1e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
ba6d10b5c0dc4587b3f8d83d7bbf5080473bc7393404a2ef600cb390956f37f1
c1a7e113c4fd6b6d3b950afeceff22485b4ede90caab838119f99078cdcf91fd
c3d193e13416d2ef63efc061e0488054e59ab9c1cf1322e111bc8c3e0ff77596
cb25492749e20a2ac44b7d544fe68ce05c7a5badc0c30925a31d3bba5894a6a5
d704ca70a71b5e928c4e570c00f8aad21bbfb0bf88867d4a454f727642ecc837
d7a4996595d7addef97cb9d49b0b96f5b1a184334066f300c2be65b4fe00c821
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df582891110522207ed3ca40bdb31532589670654aca66ed2dd03d470cce9755
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a0a1aaa658eab57fb449f95612d6f208d20e2ae95747f980c07bfdfa3f3481
f59d61052c742fb252334d4b9c6e0e4d85ee2f6a2881ab86b22c98b6a6ec2c30
f5a86d56a9c7090d58acd1dffdf04fcf44a41920c5f351fb7c4365477480ac37
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

pit.avenue.us Open in urlscan Pro 2606:4700::6812:809 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

98 %HTTPS

64 %IPv6

17 Domains

24 Subdomains

23 IPs

2 Countries

3674 kBTransfer

12212 kBSize

17 Cookies

0 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pit.avenue.us Open in urlscan Pro
2606:4700::6812:809 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

98 %
HTTPS

64 %
IPv6

17
Domains

24
Subdomains

23
IPs

2
Countries

3674 kB
Transfer

12212 kB
Size

17
Cookies

56 HTTP transactions
0 data transactions