report.bitninja.io Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bitninja.io/incidentReport.php?details=7ab2c26641e93cd7e6?utm_source=incident&utm_content=publicpage
Effective URL:
https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
Submission: On March 09 via manual (March 9th 2022, 6:09:51 pm UTC) from IN — Scanned from DE

Summary HTTP 90 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 40 IPs in 4 countries across 35 domains to perform 90 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is report.bitninja.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 13th 2021. Valid for: a year.

This is the only time report.bitninja.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	52.223.17.174 52.223.17.174	16509 (AMAZON-02) (AMAZON-02)
16	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	148.72.132.217 148.72.132.217	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	104.90.153.39 104.90.153.39	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
3	167.99.251.246 167.99.251.246	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	136.143.191.67 136.143.191.67	2639 (ZOHO-AS) (ZOHO-AS)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.41 13.32.121.41	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	138.199.37.226 138.199.37.226	60068 (CDN77 ^_^) (CDN77 ^_^)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:82ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.117.177.207 34.117.177.207	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:27::... 2620:1ec:27::cafe:1501	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	136.143.183.48 136.143.183.48	2639 (ZOHO-AS) (ZOHO-AS)
2	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.190.25.25 35.190.25.25	() ()
90	40

3 52.223.17.174 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ad6cf028fe6354baf.awsglobalaccelerator.com

bitninja.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bitninja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

report.bitninja.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 148.72.132.217 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)

static.bitninja.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a0::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.66 (London, United Kingdom) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.153.39 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-153-39.deploy.static.akamaitechnologies.com

a9855856441.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.99.251.246 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.143.191.67 (United States)

ASN2639 (ZOHO-AS, US)

salesiq.zoho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

rec.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-41.fra60.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.37.226 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-226.datapacket.com

gs-cdn.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:82ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.177.207 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 207.177.117.34.bc.googleusercontent.com

jfapiprod.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1501 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.143.183.48 (United States)

ASN2639 (ZOHO-AS, US)

css.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.25.25 (None, )

ASN- ()

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	bitninja.io 2 redirects bitninja.io — Cisco Umbrella Rank: 509017 report.bitninja.io static.bitninja.io	665 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6433	889 B
5	google.com www.google.com — Cisco Umbrella Rank: 2	889 B
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 68	3 KB
5	optimonk.com front.optimonk.com — Cisco Umbrella Rank: 23586 gs-cdn.optimonk.com — Cisco Umbrella Rank: 28020 jfapiprod.optimonk.com — Cisco Umbrella Rank: 25337	50 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	197 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 434 www.linkedin.com — Cisco Umbrella Rank: 609 px4.ads.linkedin.com — Cisco Umbrella Rank: 5153	3 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	564 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
3	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 916 k.clarity.ms — Cisco Umbrella Rank: 2851	23 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 338	13 KB
2	zohocdn.com css.zohocdn.com — Cisco Umbrella Rank: 13873 js.zohocdn.com — Cisco Umbrella Rank: 12909	18 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 799	4 KB
2	zoho.com salesiq.zoho.com — Cisco Umbrella Rank: 14702	41 KB
2	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 525 analytics.twitter.com — Cisco Umbrella Rank: 464	855 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	32 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	109 KB
2	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 664 logx.optimizely.com Failed a9855856441.cdn.optimizely.com	77 KB
1	mixpanel.com api-js.mixpanel.com	373 B
1	hubspot.com forms.hubspot.com — Cisco Umbrella Rank: 3048	1 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2038	20 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2051	16 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5037	25 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3167	3 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1433	157 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2209	994 B
1	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 2997 heapanalytics.com Failed	41 KB
1	tawk.to embed.tawk.to — Cisco Umbrella Rank: 8399	1 KB
1	smartlook.com rec.smartlook.com — Cisco Umbrella Rank: 16602	9 KB
1	t.co t.co — Cisco Umbrella Rank: 448	338 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 2272	18 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1376	8 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 531	6 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 828	73 KB
1	bitninja.com 1 redirects bitninja.com	315 B
90	35

	Domain	Requested by
15	report.bitninja.io	report.bitninja.io
5	www.google.de	report.bitninja.io
5	www.google.com	report.bitninja.io
5	connect.facebook.net	report.bitninja.io connect.facebook.net
4	www.facebook.com	report.bitninja.io
4	www.google-analytics.com	report.bitninja.io www.google-analytics.com
4	static.bitninja.io	report.bitninja.io
3	stats.g.doubleclick.net	www.google-analytics.com
3	bat.bing.com	report.bitninja.io bat.bing.com
3	front.optimonk.com	report.bitninja.io front.optimonk.com
2	k.clarity.ms	www.clarity.ms
2	px.ads.linkedin.com	2 redirects
2	snap.licdn.com	report.bitninja.io snap.licdn.com
2	salesiq.zoho.com	report.bitninja.io salesiq.zoho.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	www.googleadservices.com	report.bitninja.io www.googletagmanager.com
2	www.googletagmanager.com	report.bitninja.io
2	bitninja.io	2 redirects
1	api-js.mixpanel.com	cdn.mxpnl.com
1	js.zohocdn.com	salesiq.zoho.com
1	css.zohocdn.com	salesiq.zoho.com
1	forms.hubspot.com	js.hscollectedforms.net
1	www.clarity.ms	bat.bing.com
1	jfapiprod.optimonk.com	gs-cdn.optimonk.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	px4.ads.linkedin.com	report.bitninja.io
1	www.linkedin.com	1 redirects
1	gs-cdn.optimonk.com	front.optimonk.com
1	alb.reddit.com	report.bitninja.io
1	js.hs-scripts.com	www.googletagmanager.com
1	cdn.heapanalytics.com	report.bitninja.io
1	embed.tawk.to	report.bitninja.io
1	rec.smartlook.com	report.bitninja.io
1	t.co	report.bitninja.io
1	analytics.twitter.com	platform.twitter.com
1	cdn.mxpnl.com	report.bitninja.io
1	www.redditstatic.com	report.bitninja.io
1	a9855856441.cdn.optimizely.com	cdn.optimizely.com
1	static.ads-twitter.com	report.bitninja.io
1	platform.twitter.com	1 redirects
1	cdn.optimizely.com	report.bitninja.io
1	use.fontawesome.com	report.bitninja.io
1	bitninja.com	1 redirects
0	heapanalytics.com Failed	report.bitninja.io
0	logx.optimizely.com Failed	cdn.optimizely.com
90	48

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
admin.bitninja.io
doc.bitninja.io
bitninja.io
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.bitninja.io Sectigo RSA Domain Validation Secure Server CA	`2021-09-13` - `2022-09-27`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-17` - `2022-03-17`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-15` - `2022-07-28`	a year	crt.sh
*.optimonk.com AlphaSSL CA - SHA256 - G2	`2021-04-19` - `2022-05-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.zoho.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-14` - `2022-05-14`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
1610534878.rsc.cdn77.org R3	`2022-01-26` - `2022-04-26`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
gs-cdn.optimonk.com R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
jfapiprod.optimonk.com GTS CA 1D4	`2022-02-14` - `2022-05-15`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.zohocdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-30` - `2022-09-30`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
Frame ID: F893BA45A3BCF34A551748CCDD033AE3
Requests: 90 HTTP requests in this frame

Frame: https://a9855856441.cdn.optimizely.com/client_storage/a9855856441.html
Frame ID: 6979C5A2CD393009F8FD7BF2DC263267
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BitNinja.io - Incident report

Page URL History Show full URLs

http://bitninja.io/incidentReport.php?details=7ab2c26641e93cd7e6?utm_source=incident&utm_conten... HTTP 301
https://bitninja.io/incidentReport.php?details=7ab2c26641e93cd7e6?utm_source=incident&utm_conten... HTTP 301
https://bitninja.com/incidentReport.php?details=7ab2c26641e93cd7e6?utm_source=incident&utm_conten... HTTP 301
https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage Page URL

Detected technologies

October CMS (CMS) Expand

Overall confidence: 100%
Detected patterns

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

90
Requests

96 %
HTTPS

57 %
IPv6

35
Domains

48
Subdomains

40
IPs

4
Countries

1476 kB
Transfer

4128 kB
Size

36
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://admin.bitninja.io/
Title: Login

Search URL Search Domain Scan URL

URL: https://doc.bitninja.io/docs/investigations
Title: investigation site

Search URL Search Domain Scan URL

URL: https://bitninja.io/bnvl-2020-0002?utm_source=incident_view
Title: More info about this type of incident

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bitninja.io

Search URL Search Domain Scan URL

URL: https://twitter.com/bitninjaio

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bitninja-io

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bitninja.io/incidentReport.php?details=7ab2c26641e93cd7e6?utm_source=incident&utm_content=publicpage HTTP 301
https://bitninja.io/incidentReport.php?details=7ab2c26641e93cd7e6?utm_source=incident&utm_content=publicpage HTTP 301
https://bitninja.com/incidentReport.php?details=7ab2c26641e93cd7e6?utm_source=incident&utm_content=publicpage HTTP 301
https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 61

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=559500&time=1646849385476&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D559500%26time%3D1646849385476%26url%3Dhttps%253A%252F%252Freport.bitninja.io%252Fincident-report%252F7ab2c26641e93cd7e6%253Futm_source%253Dincident%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=559500&time=1646849385476&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=559500&time=1646849385476&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident&liSync=true&e_ipv6=AQLmXHLTIz5f6gAAAX9v32VoirFFi1uffa_Y-LaWMeIOlJbzOH49_iEcPHRY2tzNrikVvh1H

90 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 7ab2c26641e93cd7e6 Show response
report.bitninja.io/incident-report/
Redirect Chain

http://bitninja.io/incidentReport.php?details=7ab2c26641e93cd7e6?utm_source=incident&utm_content=publicpage
https://bitninja.io/incidentReport.php?details=7ab2c26641e93cd7e6?utm_source=incident&utm_content=publicpage
https://bitninja.com/incidentReport.php?details=7ab2c26641e93cd7e6?utm_source=incident&utm_content=publicpage
https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

310 KB
18 KB

5474ms
5397ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9bbe1825458354dcf0642e237dac06a4d3de5902b0a94b8a30f31e730e82ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRHzBN9tXug9mNB6hTvuzabCeSGdLKtngY4XpFZyR6JkXET6%2FC4sIacJ5Dk2zoHOy6uRAus6slfIP37SF7yxwmyKrXjhPXZUcz7S2TbDcPEb9OVU%2F1nDaKYDes%2B7aZYJG5iu9dgj8RsrIp44FSiooC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e95c3495f8092c9-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 09 Mar 2022 18:09:38 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 0f7800724e8259fd8cc99616c05bfe16-1598438882
report.bitninja.io/combine/ 433 KB
55 KB 77ms
76ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5184d24cb91ce0e98b123e5d01b21ea34bbe213a5893053ec4f5da0382e314d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"0f7800724e8259fd8cc99616c05bfe16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00T4c5lBiTdO0RlQWeMMS5FJKDMbeA8EdoZ1yMGFK4aLPqIXgA99ZkZKMJrPUpTp81wketFSqLuWKo%2B01263kMTlDTkYtHKke2u3MOEW2dN%2B6ATJzvQ%2Byzl3vlKH1NHWIIpPfHZkIMB4U3RifWPNx%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, private
cf-ray: 6e95c36b9a8092c9-FRA

GET
H2 200 logo.png
report.bitninja.io/themes/bitninja/assets/images/ 3 KB
4 KB 52ms
52ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://report.bitninja.io/themes/bitninja/assets/images/logo.png

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31a09d63ab88373d5f7fe2785b274ea60c826d52f109b3ce4e88db440299091b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5f463de2-d5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtU7AS6f3mUm8pZY5nWZufLZ4JcAYe2nQPqO%2FMDCW61uXYGnywNvHyi0gPKTtv0cQ3GHCzsBP%2FggM2rDiYp8mmL2%2BJ4lgHeIlIelhz0qCmtITgqQewol5NRrB6r7wxfDG4VXBFPI429fvlhfuWDZ%2Fwk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000, private
cf-ray: 6e95c36b9a8492c9-FRA
expires: Fri, 08 Apr 2022 18:09:44 GMT

GET
H2 200 logo-small.png
report.bitninja.io/themes/bitninja/assets/images/ 3 KB
4 KB 44ms
44ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://report.bitninja.io/themes/bitninja/assets/images/logo-small.png

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81e64118f1bf09843324b9d9b13fbbab22a0cad9edbda5737f42fb124e04a4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5f463de2-d2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cp4JqWrRoX2oVUvN9FWoBBxyrxjwRic2S3ZCboYr1tum%2FFf2aWhG%2B4jFppW8PC1ohENhV7hwG1pizPbn8yon9gENn9pVoSZnikWcjiLs24XRFYN%2Fp0zBJN%2BqTvc1Oqig4I7qnyMxPRzSRJ91UaTZsmE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000, private
cf-ray: 6e95c36b9a9f92c9-FRA
expires: Fri, 08 Apr 2022 18:09:44 GMT

GET
H/1.1 200
OK gb.png
static.bitninja.io/themes/sbadmin/img/flags/ 599 B
1 KB 673ms
149ms Image
image/png 148.72.132.217
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.bitninja.io/themes/sbadmin/img/flags/gb.png

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.72.132.217 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
via: kong/2.1.4
x-kong-proxy-latency: 2
x-kong-upstream-latency: 0
content-length: 599
pragma: public
last-modified: Mon, 07 Mar 2022 09:36:02 GMT
server: nginx
etag: "6225d202-257"
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
expires: Wed, 09 Mar 2022 18:19:44 GMT

GET
H/1.1 200
OK BL_SMTP_REQUEST_ATTEND.png
static.bitninja.io/themes/sbadmin/img/system_icons/ 4 KB
5 KB 672ms
148ms Image
image/png 148.72.132.217
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.bitninja.io/themes/sbadmin/img/system_icons/BL_SMTP_REQUEST_ATTEND.png

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.72.132.217 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

bab96b40ce57e00068c1360399bf8fc4d2c1bfb4844acfb550d8e4e542564b86

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
content-encoding: gzip
access-control-allow-origin: *
x-kong-proxy-latency: 0
transfer-encoding: chunked
x-kong-upstream-latency: 2
pragma: public
last-modified: Mon, 07 Mar 2022 09:36:02 GMT
server: nginx
etag: W/"6225d202-1062"
x-frame-options: DENY
content-type: image/png
via: kong/2.1.4
cache-control: max-age=600, public
access-control-allow-credentials: true
expires: Wed, 09 Mar 2022 18:19:44 GMT

GET
H2 200 js_defer.I4cHjq6EEP.js Show response
report.bitninja.io/pagespeed_static/ 12 KB
4 KB 50ms
49ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59dbda86041a5f394b83391ffe0b939341aabb817fa60a6ea78c80f5835596b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Mar 2022 18:09:44 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJL%2BI2NrH9VXER%2FL8urKAb1mmTVCqYHwd20vNQI2emQzWokEVJPVqKPRkC1Swv2aTSie%2BBv9i%2BNdMQFHshZVJTrTH48hlOdWiWukEox3FdEbQFXjkicZ59o3zZonQD6d2g0U9Uz6%2BPGpgj%2F2yyh2xbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000, private
cf-ray: 6e95c36b9a9a92c9-FRA
expires: Fri, 08 Apr 2022 18:09:44 GMT

GET
H3 200 Roboto-Regular.woff2
report.bitninja.io/themes/bitninja/assets/fonts/roboto/ 48 KB
49 KB 155ms
155ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://report.bitninja.io/themes/bitninja/assets/fonts/roboto/Roboto-Regular.woff2
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

Referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Origin: https://report.bitninja.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49236
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
etag: "5f463de2-c054"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRBWi19JxMmM5720AJ89T5RxsUlR1D8%2F9JTXQ1I3rC8em8AGwLVDJxIytbW7Yoz3fBzKKhuMynqRE2p1y%2Fk2u6193sTJBikAFDyafG6gp2UMrZfTJ9%2BHTw5AsTh1jud0FTbZMHQfMSA9jo%2FR%2FmeasKU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 6e95c36c5aa392b7-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Roboto-Light.woff2
report.bitninja.io/themes/bitninja/assets/fonts/roboto/ 48 KB
49 KB 154ms
154ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://report.bitninja.io/themes/bitninja/assets/fonts/roboto/Roboto-Light.woff2
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

Referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Origin: https://report.bitninja.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49380
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
etag: "5f463de2-c0e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlHToOWxRf7DXNtOaOoBSEyLABZaVQNJN12Kllhjan7Sq3RFdxTbirnV0%2Bwn%2BakzpDZcQqcq0aZ3I5z1uomIdI7sz%2Fc2SsQ9bSWpfOYlWBxHaAXggp%2Bdnw%2FaRzUS9XZ1thW%2FZBpH4BAWNjMMINOr%2B3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 6e95c36c7b1a92b7-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Roboto-Black.woff2
report.bitninja.io/themes/bitninja/assets/fonts/roboto/ 19 KB
20 KB 171ms
171ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://report.bitninja.io/themes/bitninja/assets/fonts/roboto/Roboto-Black.woff2
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbda4e32c2422a0c9a346a5ce6f039f7f17a27991b31d248d748574c0aa19120

Request headers

Referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Origin: https://report.bitninja.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19740
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
etag: "5f463de2-4d1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1suk4Ff9hoCU6wmjTKIjwj3gnOCVWZHd8jEBp74NcPZlIaPXhMyRfNyCse4OYASkb3ZEud%2BAV8vXxJWjMmw9EMeMv3a2Jy35fcPM7K%2BQHYL8f%2BtJCRvERr9w4EBumcGpAXF%2BGtgSe9fARrcwFdfenU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 6e95c36c7b2792b7-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Roboto-Medium.woff2
report.bitninja.io/themes/bitninja/assets/fonts/roboto/ 49 KB
50 KB 89ms
89ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://report.bitninja.io/themes/bitninja/assets/fonts/roboto/Roboto-Medium.woff2
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cd5c4b37938d932110ec043ce1cc766d18cacf7a4e7cffa6a539855d5bdc08d

Request headers

Referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Origin: https://report.bitninja.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50224
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
etag: "5f463de2-c430"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agak7zUvq9HwfHrhJHTvUQKFXiQoaiUhktYciLSHxBO5aGCMtq69sjR8JebE7xZ9QClf%2BKqKN9M3CPWWhPpD0k9luSbuk%2Bl9lRhSDopSJp%2FaeEUTpuTHxTXlzdxDgdwr99zfpNx1QA5jg%2FdkAg0oIJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 6e95c36c7b3392b7-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 world-map.png
report.bitninja.io/themes/bitninja/assets/images/ 4 KB
4 KB 193ms
193ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://report.bitninja.io/themes/bitninja/assets/images/world-map.png

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c114b978529bb527ee145a76e49651f83cb774274f510f7856499916b493f4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5f463de2-e04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTJutnzd6MGyuzrZS8%2BlM4DeakhHp9Fe%2FPIegP7JE%2FdpZ5xUOvwNO3hH4JnPwhBNjTx%2BQ%2BVZOgyUOUspCtOYeRlx%2FdIq3BV0vz71IghP4wERWegLEawDPYyAMk62yZgLKGP95YsffIGCpMhc7u6GxpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000, private
cf-ray: 6e95c36cdc7092b7-FRA
expires: Fri, 08 Apr 2022 18:09:44 GMT

GET
H3 200 icomoon.ttf
report.bitninja.io/themes/bitninja/assets/vendor/icomoon/fonts/ 190 KB
191 KB 206ms
206ms Font
application/octet-stream 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://report.bitninja.io/themes/bitninja/assets/vendor/icomoon/fonts/icomoon.ttf?195opb
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce4dc0d434cc27202dc77461c9873fd99da0b3e552b4262ce63d2fd50caa5c7

Request headers

Referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Origin: https://report.bitninja.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 194904
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
etag: "5f463de2-2f958"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLRm9t9aryKugkkMwj5bUKNf61JgsfZ40SIX%2FGgfGGtmBLTXGTO9TEow7%2BIRW%2FWlkCIODbBShTh9qH5zqJfeFX6YbbZf0u7%2BuAIYtQZiCHb%2BmJMskMbbSbeJJ5EpE8E4ahSLrPBxLADIilo1h7aeiqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 6e95c36cdc7b92b7-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Roboto-Bold.woff2
report.bitninja.io/themes/bitninja/assets/fonts/roboto/ 49 KB
49 KB 383ms
382ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://report.bitninja.io/themes/bitninja/assets/fonts/roboto/Roboto-Bold.woff2
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Request headers

Referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Origin: https://report.bitninja.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49976
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
etag: "5f463de2-c338"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FG9uVpi77Hf1OV7%2BmafgR2UyIgPBfZtMN8jBCbSCXQ2HqRUlVSEYnk3%2FrHEIsA0GzI5NsubJLz6l%2F8FGOzMegINg%2BUUZFOy00VOu2JlObEksskxf8byeTEUXu4YWptsChwB0UWAllwWJf85l%2FMGo%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 6e95c36cdc8692b7-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.2/webfonts/ 73 KB
73 KB 70ms
37ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

Request headers

Referer: https://report.bitninja.io/
Origin: https://report.bitninja.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 627227
cf-ray: 6e95c36cdca99b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74348
x-amz-id-2: nXTACf9n03fWcZ92uBB6RkNeue0c9w1iTZd6AG4Naihr3XLR1XzBImJ6z6Ya1UcGJ9ifICZDp9o=
last-modified: Wed, 30 Jun 2021 15:46:18 GMT
server: cloudflare
etag: "462806316fea535a6a57651bc2b000b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hrrkc9QzKsQBoig4TGkwYZyAt7CJOpTtiXwJber5D%2BGT9tbpnShlFO4TfOE2omRvZWDjH4zinl9FJd6d5yuZXzEpvqtHwx7jawRmrnTGVILNEJPQ%2FQJi7XxWHUY8tV02yGaU5PBT4F9ZxNGjN95UXyGO"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: JGB2TFYP6S0NFT64
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 9863944102.js Show response
cdn.optimizely.com/js/ 246 KB
76 KB 260ms
124ms Script
text/javascript 2a02:26f0:6c00:2a0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/9863944102.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4776ab4ac83d2d50183ec44db9f7f17740189de4ed8d5dfbca2e38b98979fc7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: GO7lKWbupAJ9kGNKGmRjdfgcjrcDWpsB
content-encoding: gzip
etag: "9c7d87b62118ad36ab1a365bd67d6c2b"
x-amz-request-id: 3XN8TZHHP7TAVBCV
x-amz-meta-revision: 18
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="7";dur=0,cdnip;desc="2a02:26f0:6c00:2a0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 76631
x-amz-id-2: 8vtQYFTKfVQUHRNhMzcXC3so8dF1fDR0wQ0+yq5lwMY8R1dYGAohAhGhLwYaoraNrZ5mCM0Ye6k=
last-modified: Mon, 22 Jan 2018 12:16:16 GMT
server: AmazonS3
date: Wed, 09 Mar 2022 18:09:44 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H3 200 5da2c63aafe926c4e2e18ed995fc4b02-1598438882 Show response
report.bitninja.io/combine/ 263 KB
48 KB 318ms
316ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://report.bitninja.io/combine/5da2c63aafe926c4e2e18ed995fc4b02-1598438882

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2de8d4f132044f39b69a3ccea9dcae78ac622d809f38463d85bfa823e4867454

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5da2c63aafe926c4e2e18ed995fc4b02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0essuqXr4T0gVsBmMGZnlWiJ%2Bz2t5flwYSdQ1a2MtRiW%2Fof%2FviNO49Yq9nVU3jAgcfSy0sQk4qBgrCdPhFDtF4iX6%2F%2BbMgV8tgHeJ%2By0DaBIHj3YFDkd1djGFA2jdIBzVM3ogfVWgd8VEOWdSfSaQA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, private
cf-ray: 6e95c36d1d7692b7-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 198ms
63ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-879238219

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2779557c345ddd7c38f61f3c3d5caf69fe37000ed8e0d94666a4694387baede3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40397
x-xss-protection: 0
expires: Wed, 09 Mar 2022 18:09:44 GMT

GET
H/1.1 200
OK incident-report.js Show response
static.bitninja.io/themes/sbadmin/js/modules/app-admin/views/iphistory/ 630 B
1 KB 283ms
148ms Script
application/javascript 148.72.132.217
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.bitninja.io/themes/sbadmin/js/modules/app-admin/views/iphistory/incident-report.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.72.132.217 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

f54f48bed0d5056a57db5e71efaa1692a5e889acff2f69f3422a5ebc516ee99a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
via: kong/2.1.4
x-kong-proxy-latency: 4
x-kong-upstream-latency: 1
content-length: 630
pragma: public
last-modified: Mon, 07 Mar 2022 09:36:02 GMT
server: nginx
etag: "6225d202-276"
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
expires: Wed, 09 Mar 2022 18:19:44 GMT

GET
H/1.1 200
OK index.js Show response
static.bitninja.io/themes/sbadmin/js/modules/app-admin/widgets/timeZoneWidget/ 2 KB
1 KB 283ms
149ms Script
application/javascript 148.72.132.217
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.bitninja.io/themes/sbadmin/js/modules/app-admin/widgets/timeZoneWidget/index.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.72.132.217 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

2c23671b1bdfd9c2f6567d716fe2cec5b81342b328db7d8736393ce6e6c669a8

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
content-encoding: gzip
access-control-allow-origin: *
x-kong-proxy-latency: 4
transfer-encoding: chunked
x-kong-upstream-latency: 1
pragma: public
last-modified: Mon, 07 Mar 2022 09:36:02 GMT
server: nginx
etag: W/"6225d202-959"
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
via: kong/2.1.4
cache-control: max-age=600, public
access-control-allow-credentials: true
expires: Wed, 09 Mar 2022 18:19:44 GMT

GET
H3 200 27e2f5dc9cae55ef89fcc96b7d589eed-1598438882 Show response
report.bitninja.io/combine/ 118 KB
35 KB 332ms
331ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://report.bitninja.io/combine/27e2f5dc9cae55ef89fcc96b7d589eed-1598438882

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b3e90398c657077f722fae1c3378f89cda72b842a560ff5b62e5b2a66dd38a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"27e2f5dc9cae55ef89fcc96b7d589eed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCFu37oHHtsLk6%2FdmO0PzVOWa9jR%2Btkbvxf0r2x0uox5rn9J1qiYSgUEJtY5AHuFRQZcrBqDdjHPf7pDhbgXhM5Sgz%2BZZlNSljGFg84mdps0zbdJEcT1NesIkK5CiVYq7%2BZQe2R7xPADoMPM83cm0Xw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, private
cf-ray: 6e95c36d1d9392b7-FRA

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 44 KB
17 KB 198ms
64ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

47416c97abf6445e8743d61d244f2a58f1417c3d8bb9993ac0b195dce20afe13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17259
x-xss-protection: 0
server: cafe
etag: 3097536548863330078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Mar 2022 18:09:44 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

14 KB
6 KB

239ms
7ms

Script
application/javascript

199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
Protocol: H2
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 00:44:37 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100125-IAD, cache-hhn11524-HHN

Redirect headers

x-tw-cdn: VZ
Date: Wed, 09 Mar 2022 18:09:44 GMT
Server: ECS (frb/6776)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Server-Timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 0

GET
H3 200 jquery.js Show response
report.bitninja.io/themes/bitninja/assets/vendor/jquery/ 252 KB
77 KB 337ms
335ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://report.bitninja.io/themes/bitninja/assets/vendor/jquery/jquery.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a18aa92dea997bd71eb540d5f931620591e9dee27e5f817978bb385bab924d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5f463de2-3f154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70N4tCWXApG9ToVIg0tKFQc2FVu%2B2uNAvjYjTUrr9WCHAAXvqmrfNPa86Lc%2FI0S%2FBNmjqCKv5Uqy%2F%2FQuhsLuVX60NynptPZFVpgxqfBC7nAqtT%2BARSlVBoxtk6BV%2FWMx3GyI5P5H2FBuEHbvAnwr7gI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000, private
cf-ray: 6e95c36d1db192b7-FRA
expires: Fri, 08 Apr 2022 18:09:44 GMT

GET
DATA 200
OK truncated Show response
/ 27 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d190c985949e8a0962ca2cede3c214de8085dc9d11c726af6c00c1ae5bb7ba9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: text/javascript

POST event
logx.optimizely.com/log/ 0
0

GET
H2 200 a9855856441.html Show response
a9855856441.cdn.optimizely.com/client_storage/ Frame 6979 1 KB
1 KB 166ms
108ms Document
text/html 104.90.153.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a9855856441.cdn.optimizely.com/client_storage/a9855856441.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/9863944102.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.153.39 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-153-39.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

689b4bf15ccbe5c9a73eefb514819352d2965eb097094151fe549e3b50102545

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/

Response headers

x-amz-id-2: 3V3WL8HLVXkK2HUuZQ2rlpJGfTalRinC+qoi6bZpeLdGWNq3Mov2cJIKGqfQCqfvEOtdyd5q6Eg=
x-amz-request-id: X6ASQG5KAY34X651
last-modified: Mon, 22 Jan 2018 12:16:05 GMT
etag: "de2df1e9ea5ea3ba4310e4714b5c01f9"
content-encoding: gzip
x-amz-version-id: cY1_d7Vs5gxHHlG8.C095NjpjoujWaLe
accept-ranges: bytes
content-type: text/html; charset=utf-8
content-length: 697
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=120
date: Wed, 09 Mar 2022 18:09:45 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="7";dur=0,cdnip;desc="104.90.153.39";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 317ms
9ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: dc832faf8ca21fb791b9abb9a3ba334ef3e31914317791dd53510b8a24d0621d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 14 Feb 2022 14:11:16 GMT
server: snooserv
etag: "9dd34b4324742bd3f713adf7f070d3b4"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7531

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 380ms
46ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 293
date: Wed, 09 Mar 2022 18:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 09 Mar 2022 20:04:52 GMT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
3 KB 28ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

890ffd43501c87036cbb86c29e9f88138d8c273d92c56faf1774d1a905a03516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: gZ8PpiFJIoQg2siU1nDqvw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 2168
x-fb-rlafr: 0
x-fb-debug: dSeHSB3AuxT3nXDOeBA9Inkai/tvYmwNCRvmTdjGDbdnTIxx3J4aKRZNoNlu4sveB+FjBbPzB0jOVnlAj1fCDA==
x-fb-trip-id: 686109401
x-fb-content-md5: 206906dff9fc0456f9a941f2cfb9fda0
x-frame-options: DENY
date: Wed, 09 Mar 2022 18:09:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "70d0a741f6d0c9a148690b1ab5aafc7d"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 09 Mar 2022 18:14:21 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 208 KB
69 KB 110ms
59ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZ3KQ3

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db5cdb679b93121d7d37d4bf7bc49cca3595808055839e749d33f9b58e8badf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70659
x-xss-protection: 0
expires: Wed, 09 Mar 2022 18:09:45 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 383ms
80ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-879238219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Mar 2022 18:09:45 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 70ms
50ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?ver=MU

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/combine/27e2f5dc9cae55ef89fcc96b7d589eed-1598438882

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab4742e456ed1ce1e4de002917c0b9d77abcb0fda8a97430c04787693a0f55d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: W9P14E492Q6g9rHDAW2GlA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 09 Mar 2022 18:29:45 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 5fEhR7ZhreKOHMec8HcuuZgTSkzrw7hEFoXtBfj0h/Ch1+t/ZHMXZ9MZWYsq4PmyZOMEYXJABv6bb1ZLbbisHQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: b9f58ac8022baa5126b7c701f5b63716
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Mar 2022 18:09:45 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ed8b4e7cb48b278465fa64e06f52e008"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 50 KB
18 KB 169ms
14ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:04:01 GMT
content-encoding: gzip
age: 344
x-guploader-uploadid: ADPycdvuJeXQUWITssWKlIFWnFy-LySzrc6A3P29H2j4pRor4lIRIjgHMLQ5eyhJtDgB2_OL5K4RpL9rYzIWqq4NyW0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation: 1645129310876382
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 09 Mar 2022 18:14:01 GMT

GET
H2 200 preload.js Show response
front.optimonk.com/public/2717/js/ 3 KB
2 KB 176ms
24ms Script
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/2717/js/preload.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9655854fc142fd73252450141e6c41ad6878b990c899fb99ae3900b133c9ca68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"d39-ZasiEurvVgrEWcvIfvhqrq9Jd2o"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1350
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 157ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 09 Mar 2022 18:09:45 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/879238219/ 2 KB
2 KB 193ms
54ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/879238219/?random=1646849385120&cv=9&fst=1646849385120&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident%3Futm_content%3Dpublicpage&tiba=BitNinja.io%20-%20Incident%20report&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b62e0b60f2efad4d91a09e0281a0c51d7ee47e52cd43c25c5ef6f0001083299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 18:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 widget Show response
salesiq.zoho.com/ 111 KB
33 KB 499ms
165ms Script
text/javascript 136.143.191.67
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/widget

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.191.67 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

080a4b226426fb8faceb4768be5473bd22d8a7124f5801fb3d0085b2a9faf809

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
Date: Wed, 09 Mar 2022 18:09:45 GMT
Content-Encoding: gzip
Server: ZGS
ETag: W/63daca62dc2100d3d17c1e6a75b25b73384429f895b39072a87c48733d7166c5
vary: accept-encoding
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000
Expires: Wed, 09 Mar 2022 18:14:45 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1007 B
794 B 146ms
10ms Script
application/x-javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 68195809df6d702b8d2c25c97140def7f78f61a3a946a751ed0c304f96c8677f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 18:09:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Mar 2022 21:40:24 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=81862
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 481

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
459 B 233ms
123ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=l65ql&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=749e9725-736b-4548-be39-a3190fe0c074&tw_document_href=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident%3Futm_content%3Dpublicpage&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 116
date: Wed, 09 Mar 2022 18:09:44 GMT
content-encoding: gzip
server: tsa_o
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: bac7c6d1e295eca54c5c8183b546a5b2ac0400e04b7759537b4ec15ba463e551
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
338 B 224ms
114ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=l65ql&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=749e9725-736b-4548-be39-a3190fe0c074&tw_document_href=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident%3Futm_content%3Dpublicpage

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 107
date: Wed, 09 Mar 2022 18:09:45 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 081452b3a4aec83985b2d596f0c597cd70572059faaf5516bb5da67b717abffb
content-length: 43

GET
H2 200 recorder.js Show response
rec.smartlook.com/ 28 KB
9 KB 41ms
9ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rec.smartlook.com/recorder.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

394653b172e1eb8c527dba3151a9d40522d67cd0ce88f8a7097b4c3347e7080e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 09 Mar 2022 18:09:45 GMT
content-encoding: br
vary: Accept-Encoding
x-77-nzt-ray: EHdMs47Eu9M
x-77-cache: HIT
x-cache: HIT
x-age: 208
x-77-nzt: Abk73BAJhPH/0AAAAA
x-accel-expires: @1646849777
last-modified: Fri, 04 Mar 2022 10:08:35 GMT
server: CDN77-Turbo
etag: W/"6221e523-6f29"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26291
x-xss-protection: 0
pragma: public
x-fb-debug: RIBowmOYA3uoefQnxIH8LRKhdiQ835ygrIbq6vjz2+ZW2jA1BpI/yAr3uov6+kry4eNft5IiKXaq53usErnqYw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 09 Mar 2022 18:09:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1eeq7a96m Show response
embed.tawk.to/5df9f98fd96992700fccd5e9/ 2 KB
1 KB 45ms
26ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5df9f98fd96992700fccd5e9/1eeq7a96m

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

291cebd2aa45cf84eac2f7018f9b9a23237349fd4c60fab2c4133f5b31e27f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.bitninja.io/
Origin: https://report.bitninja.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1671
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"stable-v4-6228378ac71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 6e95c3721ba16969-FRA
expires: Wed, 09 Mar 2022 19:09:45 GMT

GET
H2 200 heap-289765868.js Show response
cdn.heapanalytics.com/js/ 105 KB
41 KB 39ms
22ms Script
application/javascript 13.32.121.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-289765868.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-41.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

6ffc7e636582f101a7bb401a9c147c2a63adc51a59ae9d844e764c22bfa6c084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:08:31 GMT
content-encoding: gzip
server: nginx
age: 74
etag: W/"1a317-BlO9uA/Nje8I3r2uK64l6g"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA60-P1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: aYhUjTXPJFxbQui8MbFZaZZAxNL7dXNcajOfz62Kr1JtimEJLXTZFQ==

GET
H2 200 14555117.js Show response
js.hs-scripts.com/ 2 KB
994 B 281ms
229ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/14555117.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ3KQ3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 222a585c209c6234d290852d1cba71ce495afe7a28ac965099dc357585085575

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 0937e50e-5564-4a3f-92e8-6ef7113243b0
last-modified: Wed, 09 Mar 2022 16:25:55 GMT
server: cloudflare
x-trace: 2B134C1797CED616561C62FE43D2A6E28AE80F3A44000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://report.bitninja.io
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6e95c3725dc65be5-FRA
expires: Wed, 09 Mar 2022 18:10:45 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 72ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:44 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 24B0A3519933422B934CCE0C5AC297E0 Ref B: FRAEDGE1408 Ref C: 2022-03-09T18:09:45Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11333

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 157ms
109ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1646849385293&id=t2_4x01z78z&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&uuid=1b9218d0-e861-4aa9-a344-d6aece7248e7&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_da535582
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 281 KB
80 KB 27ms
13ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=7b4e7f8df6e28200faa1842cd8ac73b4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?ver=MU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6573b4e2ad75b89a7ff093e76076242e2ef350678aafc8945c4fd80362f07b01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://report.bitninja.io/
Origin: https://report.bitninja.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ZDjH1cWN3f7HIRSbXuPpyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 09 Mar 2023 16:39:57 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 81488
x-fb-rlafr: 0
x-fb-debug: TOvmK6xnMMl++0uY1Wt90Ab/okz3TMublmOMeYTCkzdL6HhNm4NcZ0EhbBTwXLytte44XSZdbN3QwMZZg76QTA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 8f849bfc136526778f61494327b64748
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Mar 2022 18:09:45 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c2cf2043b2975f9f88b6e2071e1d23d7"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 preload-base.js Show response
front.optimonk.com/ 50 KB
16 KB 18ms
18ms Script
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/preload-base.js?v=33788ee8e2

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/public/2717/js/preload.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c962f5dd0481cf4bb6b0e727c818b01492453d0c8f5a055610ab90f5095a6b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"c672-Zu1GQjJBVlJTzECar75JgjEsrTY"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 16ms
12ms Script
application/x-javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c567d0068aa9d314d13047cf6af171cce476501aac5e5521bd2b2233b16fbce5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 18:09:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Mar 2022 00:03:21 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=57528
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3073

GET
H3 200 1889755577830629 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 67ms
66ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1889755577830629?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d9c658dbb2331c198b5a2f269f972f4ee0f8a651ae0bc90d6e60eac9f05eeec

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: dVzX00GjDA0Q/sN7G1AqAISQHWVBzV01V7T/OnF1CKQGNTi3te1pEJ2AsJ8mH+bbS+70o4lWgXS1MMz2ng3xQw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 09 Mar 2022 18:09:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 99ms
52ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1091994458&t=pageview&_s=1&dl=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident%3Futm_content%3Dpublicpage&ul=en-us&de=UTF-8&dt=BitNinja.io%20-%20Incident%20report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1465479610&gjid=1201922211&cid=1841508519.1646849385&tid=UA-1975075-16&_gid=1125949069.1646849385&_r=1&_slc=1&z=126751337

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.bitninja.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 18:09:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://report.bitninja.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 61ms
18ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1975075-25&cid=1841508519.1646849385&jid=268147065&gjid=1980698726&_gid=1125949069.1646849385&_u=YGDAiEABBAAAAG~&z=1465497693

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.bitninja.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Mar 2022 18:09:45 GMT
content-type: text/plain
access-control-allow-origin: https://report.bitninja.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1975075-16&cid=1841508519.1646849385&jid=1257092693&gjid=1835175969&_gid=1125949069.1646849385&_u=YGDAiEABBAAAAG~&z=998329144

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.bitninja.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Mar 2022 18:09:45 GMT
content-type: text/plain
access-control-allow-origin: https://report.bitninja.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 80ms
43ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1091994458&t=pageview&_s=1&dl=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident%3Futm_content%3Dpublicpage&ul=en-us&de=UTF-8&dt=BitNinja.io%20-%20Incident%20report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAAC~&jid=268147065&gjid=1980698726&cid=1841508519.1646849385&tid=UA-1975075-25&_gid=1125949069.1646849385&gtm=2wg370NZ3KQ3&z=1786793610

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 07:59:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36606
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 73ms
39ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1091994458&t=pageview&_s=1&dl=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident%3Futm_content%3Dpublicpage&ul=en-us&de=UTF-8&dt=BitNinja.io%20-%20Incident%20report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAAG~&jid=1257092693&gjid=1835175969&cid=1841508519.1646849385&tid=UA-1975075-16&_gid=1125949069.1646849385&gtm=2wg370NZ3KQ3&z=1840856782

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 07:59:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36606
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/879238219/ 42 B
548 B 147ms
55ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/879238219/?random=1646849385120&cv=9&fst=1646848800000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident%3Futm_content%3Dpublicpage&tiba=BitNinja.io%20-%20Incident%20report&fmt=3&is_vtc=1&random=2794462137&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 18:09:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/879238219/ 42 B
548 B 147ms
55ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/879238219/?random=1646849385120&cv=9&fst=1646848800000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident%3Futm_content%3Dpublicpage&tiba=BitNinja.io%20-%20Incident%20report&fmt=3&is_vtc=1&random=2794462137&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 18:09:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jfclientsdk.min.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 94 KB
32 KB 85ms
7ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Requested by: Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.js?v=33788ee8e2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 /
Resource Hash: ee5ed73474157f116c1cb6fce405f06f687e0d87764b9d4a5fd4b9df97ec1917

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
content-encoding: br
cdn-edgestorageid: 832
age: 0
x-guploader-uploadid: ADPycduZTHUjgEvTjPByACu685XrQK4gcqZBPgBy_cTxHZYrI01hiEAe_EnUpQ9LYR65svOk90QWp9u82PyFKndd7U_iu_rR0A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
cdn-cachedat: 01/08/2022 15:05:19
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
server: BunnyCDN-DE1-832
last-modified: Mon, 15 Nov 2021 07:16:43 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"ac90471cc044cec1e0eca7ec2dc372b9"
content-language: en
vary: Accept-Encoding, Accept-Encoding
x-goog-hash: crc32c=uThalw==, md5=rJBHHMBEzsHg7KfsLcNyuQ==
x-goog-generation: 1636960603316435
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 96381
cdn-requestid: 3fb0b8173bbccf19317196cedeb4648e
content-type: application/javascript
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET h
heapanalytics.com/ 0
0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/879238219/ 2 KB
1 KB 120ms
71ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/879238219/?random=1646849385458&cv=9&fst=1646849385458&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident%3Futm_content%3Dpublicpage&tiba=BitNinja.io%20-%20Incident%20report&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98b73a119c12479d6fb68703373eca9e0e36a51265d004ee938d5da4cfb1a797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 18:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1083
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=559500&time=1646849385476&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D559500%26time%3D1646849385476%26url%3Dhttps%253A%252F%252Freport.bitninja.io%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=559500&time=1646849385476&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=559500&time=1646849385476&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident&liSync=true&e_ipv6=...

0
265 B

134ms
111ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=559500&time=1646849385476&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident&liSync=true&e_ipv6=AQLmXHLTIz5f6gAAAX9v32VoirFFi1uffa_Y-LaWMeIOlJbzOH49_iEcPHRY2tzNrikVvh1H
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: ED83B4AAF9584F45A7E32ABEEADB17A2 Ref B: FRAEDGE0817 Ref C: 2022-03-09T18:09:45Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXZzQCmCorYZo3KUEldeA==
x-li-fabric: prod-lva1

Redirect headers

date: Wed, 09 Mar 2022 18:09:45 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4578B810AFBE4AE88FCB5D2A103288B8 Ref B: FRAEDGE1107 Ref C: 2022-03-09T18:09:45Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=559500&time=1646849385476&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident&liSync=true&e_ipv6=AQLmXHLTIz5f6gAAAX9v32VoirFFi1uffa_Y-LaWMeIOlJbzOH49_iEcPHRY2tzNrikVvh1H
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXZzQCj6xeGiXXt419D9w==

POST
H2 200 load Show response
front.optimonk.com/public/2717/js/ 0
347 B 38ms
19ms XHR
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/2717/js/load

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.js?v=33788ee8e2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://report.bitninja.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 67ms
66ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1975075-25&cid=1841508519.1646849385&jid=268147065&_u=YGDAiEABBAAAAG~&z=928883756

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 18:09:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 65ms
65ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1975075-25&cid=1841508519.1646849385&jid=268147065&_u=YGDAiEABBAAAAG~&z=928883756

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 18:09:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 73ms
72ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1975075-16&cid=1841508519.1646849385&jid=1257092693&_u=YGDAiEABBAAAAG~&z=54305452

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 18:09:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 72ms
71ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1975075-16&cid=1841508519.1646849385&jid=1257092693&_u=YGDAiEABBAAAAG~&z=54305452

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 18:09:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 134003891.js Show response
bat.bing.com/p/action/ 787 B
824 B 210ms
210ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/134003891.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a14c5cf8d397a9480a4a20bd02df43774d7e2a6a4dbcd4978046ca196c136c10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 18:09:45 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 13E4DA3A6A354C7CBD84323E41D328A6 Ref B: FRAEDGE1408 Ref C: 2022-03-09T18:09:45Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 650

GET
H2 204 0
bat.bing.com/action/ 0
150 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=134003891&Ver=2&mid=f2ad7ec1-6080-4a96-b118-b086174d7be2&sid=19bbdfb09fd411ec89902d38f013295a&vid=19bc92009fd411eca900256c9bf4fa14&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=BitNinja.io%20-%20Incident%20report&p=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident%3Futm_content%3Dpublicpage&r=&lt=6047&evt=pageLoad&msclkid=N&sv=1&rn=557985
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 18:09:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1C8AC6E7012A4319813AB7239737BC75 Ref B: FRAEDGE1408 Ref C: 2022-03-09T18:09:45Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 26ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1889755577830629&ev=PageView&dl=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident%3Futm_content%3Dpublicpage&rl=&if=false&ts=1646849385564&sw=1600&sh=1200&v=2.9.55&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1646849385562.1572654254&it=1646849385335&coo=false&rqm=GET

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 18:09:45 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 41ms
21ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1975075-16&cid=1841508519.1646849385&jid=1465479610&gjid=1201922211&_gid=1125949069.1646849385&_u=IEBAAEAAAAAAAC~&z=2032007891

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.bitninja.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Mar 2022 18:09:45 GMT
content-type: text/plain
access-control-allow-origin: https://report.bitninja.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 325ms
49ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14555117.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb225958987016b36f094989fbe48ad4a7ce3bba2d0e7b37959201882e1221ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
via: 1.1 ea3bfccd683c652cb849f6ec1b5606a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 239
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.269/bundles/pixels-release.js&cfRay=6e95bd9acd57912b-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 07 Mar 2022 01:20:12 UTC
server: cloudflare
etag: W/"cd6791191c766c4b4cd5212993b31719"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: En6lmXZtHf0knKuoSy740cltB31X5OXh
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6e95c375ed079bb2-FRA
x-amz-cf-id: RNcQ4I7kInUOA5RWZjO8IbfpWWKeoPzm8PvDkn7J8ySxPfjDb53Fxg==
x-hs-target-asset: adsscriptloaderstatic/static-1.269/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 73 KB
25 KB 325ms
50ms Script
application/javascript 2606:4700::6811:82ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14555117.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a996803be97bd6eed2f13e2aaceed65ee5cc24e0669fcbd223788c5cf9159c2e

Request headers

Referer: https://report.bitninja.io/
Origin: https://report.bitninja.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
via: 1.1 68261aebcfc232344da2ef3bf1d3f9ea.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 49880
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.273/bundles/project.js&cfRay=6e9101acaf5d6964-IAD
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6e95c375ecbc6946-FRA
last-modified: Fri, 04 Mar 2022 03:24:42 UTC
server: cloudflare
etag: W/"5655d6c20b8fbd0326ccba67c4a94b8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: d8qvQ4NJOEEA6UgWpFiA1cbs11TvqQym
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: U8kq19yyVNrdZsmcUopYHAB2gQjag0V8XClN3-6KwbrynKskuJZo0w==
x-hs-target-asset: collected-forms-embed-js/static-1.273/bundles/project.js

GET
H2 200 14555117.js Show response
js.hs-banner.com/ 61 KB
16 KB 707ms
433ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/14555117.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14555117.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8e1d138b6bc1afceb16981230b56620189f21e73f6ef616737bdc30a6577c9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 4JEA6R5BFP35C8RV
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: tqxtG1BC7n4BJMsL1/MS0reDRhosUikgMbq8a27mP3+1W6wZ+11NpOGH8AQdVd1HDLtW/rQOZ7I=
timing-allow-origin: *
last-modified: Mon, 28 Feb 2022 11:20:49 GMT
server: cloudflare
etag: W/"855bc92d9913b96e6e6a953be520a0c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: eajCRSEEAorV0W8b1HwUKcJZE078KwyY
access-control-allow-origin: https://reseller.bitninja.io
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6e95c375eb739271-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 09 Mar 2022 18:14:46 GMT

GET
H2 200 14555117.js Show response
js.hs-analytics.net/analytics/1646849100000/ 62 KB
20 KB 309ms
39ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1646849100000/14555117.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14555117.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 747f0fed9d46a9afa9cea519f1bdfe225054eb26a8554e0841f068d2af9648ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
content-encoding: br
cf-cache-status: HIT
age: 32
x-amz-server-side-encryption: AES256
x-amz-request-id: R3BSFQN9EGW9K5NZ
x-amz-id-2: 6qJ4zS0Ovp29yher3zzMkcEvU7YGVY54O55B5DOrT5ikVhzOwp0bwxPBKvPowowtnCpKtF17Xa8=
last-modified: Mon, 28 Feb 2022 11:20:53 GMT
server: cloudflare
etag: W/"e8a680d5ea1cc1104e5ef0c88ef6f943"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 6e95c375eb8c9bdd-FRA
expires: Wed, 09 Mar 2022 18:14:13 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/879238219/ 42 B
64 B 322ms
56ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/879238219/?random=1646849385458&cv=9&fst=1646848800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident%3Futm_content%3Dpublicpage&tiba=BitNinja.io%20-%20Incident%20report&async=1&fmt=3&is_vtc=1&random=529132912&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 18:09:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/879238219/ 42 B
64 B 321ms
55ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/879238219/?random=1646849385458&cv=9&fst=1646848800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident%3Futm_content%3Dpublicpage&tiba=BitNinja.io%20-%20Incident%20report&async=1&fmt=3&is_vtc=1&random=529132912&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 18:09:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
196 B 386ms
137ms Fetch
application/json 34.117.177.207
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://report.bitninja.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 09 Mar 2022 18:09:45 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26
content-type: application/json; charset=utf-8

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-e/s/0.6.31/ 52 KB
23 KB 278ms
113ms Script
application/javascript 2620:1ec:27::cafe:1501
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-e/s/0.6.31/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/134003891.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1501 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
content-encoding: br
etag: "1d8314040aa9d00"
last-modified: Sun, 06 Mar 2022 09:55:04 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0ae0oYgAAAABiKj6GcCNKRIGu6jpRk9RqQlJVMzBFREdFMDQxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H/1.1 200 website Show response
salesiq.zoho.com/visitor/v2/channels/ 19 KB
8 KB 194ms
194ms XHR
application/json 136.143.191.67
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/visitor/v2/channels/website?widgetcode=bfa7e82fc35241522a511c08ee5c6dbcfe42e781ab852b534cca940e33f947d9&internal_channel_req=true&language_api=true&browser_language=en&current_domain=https%3A%2F%2Freport.bitninja.io&pagetitle=BitNinja.io%20-%20Incident%20report&include_fields=avuid

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.191.67 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

3907f8c53d2a626123017611e4b9bb30260e1e90a237dc5c3a29635b6f54b394

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 18:09:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET
Connection: keep-alive
X-XSS-Protection: 1
Access-Control-Allow-Headers: Content-Type,x-siq-internal-channel
Server: ZGS
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000
Content-Language: de-DE
Access-Control-Allow-Origin: https://report.bitninja.io
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Content-Type: application/json;charset=UTF-8
Encoding: UTF-8

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1442211302682868&ev=PixelInitialized&dl=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident%3Futm_content%3Dpublicpage&rl=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident%3Futm_content%3Dpublicpage&if=false&ts=1646849385791

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 18:09:45 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 61ms
61ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1975075-16&cid=1841508519.1646849385&jid=1465479610&_u=IEBAAEAAAAAAAC~&z=1250176232

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 18:09:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 64ms
64ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1975075-16&cid=1841508519.1646849385&jid=1465479610&_u=IEBAAEAAAAAAAC~&z=1250176232

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 18:09:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 116 B
1 KB 189ms
149ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=14555117&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67fb872d7b80bdfbbacc55c2d5d6efe50833e130c3685bdabee232b92f367348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://report.bitninja.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 0860eae5-8eea-47a6-b81e-b46049511500
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rn89%2BGaH5LmAtZfVhYgtVRC6YwvQ%2FTmkem3ikO8J3PaZKy6rCQBvvmrzs5mYd8lOQXbQyLlR8UMfSfyukT%2FAePhcJe%2B%2BlKOXkI4z33SkZdvJ6ym1xBNlqVGrYtQYPjHuM2MFLBYwetWO1jxX1Wi9"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://report.bitninja.io
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 6e95c3769a879bb3-FRA
access-control-allow-headers: *

GET
H2 200 floatbutton1_887d3a254db86298e670386e8feb898c_.css
css.zohocdn.com/salesiq/styles/ 22 KB
5 KB 374ms
123ms Stylesheet
text/css 136.143.183.48
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/floatbutton1_887d3a254db86298e670386e8feb898c_.css

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.143.183.48 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

0d0c3dca675d0e16c1052ebbbd524a0a87cb0b856e0fd127bf8b74862c5b49dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css;charset=UTF-8
x-cache: HIT
last-modified: Tue, 01 Mar 2022 17:15:41 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 5046
x-xss-protection: 1
nb-request-id: 347534962aafab5d725d46becfa01e4a
server: ZGS
etag: "ed0a42c88ffbf3a6e6f70497f5b13508"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ux4-fe73cc3f735543a8ac134bae95ec3cc0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 floatbutton1_5ea82580742733c0e6c7fb554c738aec_.js Show response
js.zohocdn.com/salesiq/js/ 35 KB
13 KB 374ms
124ms Script
application/javascript 136.143.183.48
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/js/floatbutton1_5ea82580742733c0e6c7fb554c738aec_.js

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.143.183.48 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

30b89715e633387512371f0acf6da2619e6c1c104e00d3588643f4457c1fd62d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript;charset=UTF-8
x-cache: HIT
last-modified: Tue, 01 Mar 2022 17:15:42 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 12256
x-xss-protection: 1
nb-request-id: 6560e4d9551b9bc90173544ca8c0e192
server: ZGS
etag: "d9f97ed2c17727958548b84ca4b3fe9f"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ux4-8ebf1ca4ff77407cb6bd3f4e8e322f4c
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1889755577830629&ev=Microdata&dl=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%3Futm_source%3Dincident%3Futm_content%3Dpublicpage&rl=&if=false&ts=1646849386084&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BitNinja.io%20-%20Incident%20report%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Freport.bitninja.io%2Fincident-report%2F7ab2c26641e93cd7e6%22%2C%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Freport.bitninja.io%2Fthemes%2Fbitninja%2Fassets%2Fimages%2Fbitninja.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.55&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1646849385562.1572654254&it=1646849385335&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/7ab2c26641e93cd7e6?utm_source=incident?utm_content=publicpage

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:09:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 18:09:46 GMT

POST
H2 204 collect Show response
k.clarity.ms/ 0
178 B 404ms
202ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://report.bitninja.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://report.bitninja.io
date: Wed, 09 Mar 2022 18:09:46 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H2 204 collect Show response
k.clarity.ms/ 0
48 B 94ms
94ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://report.bitninja.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://report.bitninja.io
date: Wed, 09 Mar 2022 18:09:47 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
373 B 110ms
33ms XHR
application/json 35.190.25.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1646849390305

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://report.bitninja.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Wed, 09 Mar 2022 18:09:50 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://report.bitninja.io
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
alt-svc: clear
content-length: 25

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: logx.optimizely.com
URL: https://logx.optimizely.com/log/event

Domain: heapanalytics.com
URL: https://heapanalytics.com/h?a=289765868&u=3478157416516867&v=6752897132478951&s=8384310604262846&b=web&tv=4.0&z=0&h=%2Fincident-report%2F7ab2c26641e93cd7e6&q=%3Futm_source%3Dincident%3Futm_content%3Dpublicpage&d=report.bitninja.io&t=BitNinja.io%20-%20Incident%20report&us=incident%3Futm_content%3Dpublicpage&uc=publicpage&ts=1646849385453&st=1646849385455

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bitninja.io/	1970-01-20 01:27:32	Name: geekbee-session-cookie Value: 55d995e6f44d41654b6630df16920ae0\|6f836f060eb11103e64cace28618979d
bitninja.com/	1970-01-20 01:27:32	Name: geekbee-session-cookie Value: ffeaa164ab41291fd4add17b5e59108d\|c5956839966b3483e1f1e822cf58c622
report.bitninja.io/	1970-01-20 01:27:36	Name: october_session Value: eyJpdiI6Ik1wTXBmcHVERHJpdTFmMEtYdFBxWkE9PSIsInZhbHVlIjoiT0E1WEpGQ1BubUhtVW9lQXRLNURjTEJPUHIxT0NzOGhEcVBISVE3Q290YTBMbGplam5cL09iaTI5QUFiRG1RVTdOQlJBT3BoMHltSWVYNXpwZHp6MUhnPT0iLCJtYWMiOiI5YTkyZjU5NjlkMmZhMzZjYjg3OTM3OWQ2Y2EzODk4YWI3ZTIyNWVmMGE3NGQ2NmQwYWJmZDIyMDViYzE3ZTI1In0%3D
.bitninja.io/	1970-01-23 17:03:29	Name: optimizelyEndUserId Value: oeu1646849384889r0.633835378904555
.bitninja.io/	1970-01-20 03:37:05	Name: _gcl_au Value: 1.1.1631315767.1646849385
.bitninja.io/	1970-01-20 03:37:05	Name: _rdt_uuid Value: 1646849385292.1b9218d0-e861-4aa9-a344-d6aece7248e7
.bitninja.io/	1970-01-20 10:13:05	Name: mp_6b52cb025104e4f948adb8e81433352f_mixpanel Value: %7B%22distinct_id%22%3A%20%2217f6fdf635c458-06775e9de980e7-977173c-1d4c00-17f6fdf635dd3e%22%2C%22%24device_id%22%3A%20%2217f6fdf635c458-06775e9de980e7-977173c-1d4c00-17f6fdf635dd3e%22%2C%22first_page%22%3A%20%22BitNinja.io%20-%20Incident%20report%22%2C%22first_contact%22%3A%20%22Wed%20Mar%2009%202022%22%2C%22utm_source%22%3A%20%22incident%3Futm_content%3Dpublicpage%22%2C%22utm_content%22%3A%20%22publicpage%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.bing.com/	1970-01-20 10:49:05	Name: MUID Value: 255A7CFAE14560FB3BEA6D98E02E61DF
.t.co/	1970-01-20 18:58:41	Name: muc_ads Value: 54c4aee3-7d43-4849-9daa-deddafea46e3
.bitninja.io/	1970-01-20 18:58:41	Name: _ga Value: GA1.2.1841508519.1646849385
.bitninja.io/	1970-01-20 01:28:55	Name: _gid Value: GA1.2.1125949069.1646849385
.twitter.com/	1970-01-20 18:58:41	Name: personalization_id Value: "v1_roNnK3B7voYNgNLo+G70Ew=="
.bitninja.io/	1970-01-20 01:27:29	Name: _gat Value: 1
.bitninja.io/	1970-01-20 01:27:29	Name: _dc_gtm_UA-1975075-25 Value: 1
.bitninja.io/	1970-01-20 01:27:29	Name: _dc_gtm_UA-1975075-16 Value: 1
report.bitninja.io/	1970-01-20 10:13:05	Name: optiMonkClientId Value: 692ad87b-7fbb-66eb-2e51-557ad900b630
.bitninja.io/	1970-01-20 10:55:26	Name: _hp2_id.289765868 Value: %7B%22userId%22%3A%223478157416516867%22%2C%22pageviewId%22%3A%226752897132478951%22%2C%22sessionId%22%3A%228384310604262846%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.bitninja.io/	1970-01-20 01:27:31	Name: _hp2_ses_props.289765868 Value: %7B%22z%22%3A0%2C%22us%22%3A%22incident%3Futm_content%3Dpublicpage%22%2C%22uc%22%3A%22publicpage%22%2C%22ts%22%3A1646849385453%2C%22d%22%3A%22report.bitninja.io%22%2C%22h%22%3A%22%2Fincident-report%2F7ab2c26641e93cd7e6%22%2C%22t%22%3A%22BitNinja.io%20-%20Incident%20report%22%2C%22q%22%3A%22%3Futm_source%3Dincident%3Futm_content%3Dpublicpage%22%7D
.bitninja.io/	1970-01-20 01:28:55	Name: _uetsid Value: 19bbdfb09fd411ec89902d38f013295a
.bitninja.io/	1970-01-20 10:49:05	Name: _uetvid Value: 19bc92009fd411eca900256c9bf4fa14
.bitninja.io/	1970-01-20 03:37:05	Name: _fbp Value: fb.1.1646849385562.1572654254
.doubleclick.net/	1970-01-20 10:49:05	Name: IDE Value: AHWqTUmn0L_jBeMDjtlZjr0oCjnnjyhSaMmry2btW6-MbevfymUQtoxxxq8_Fbe5
.linkedin.com/	1970-01-20 02:10:41	Name: UserMatchHistory Value: AQJz6MfNNrKMMQAAAX9v32RxYsMSWhXnxf0b6P3oPEDz8GaiUVlmwHV_7G7LEKDuHoREoMSaZtd-kw
.linkedin.com/	1970-01-20 02:10:41	Name: AnalyticsSyncHistory Value: AQI7Qnxe1HaNXgAAAX9v32RyUidUJM1B2EpfLnDsNrW9eDVpEfpmA0_Odk9nBJ-LEJxYdMBaAi8VfQF40pyWkw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:59:23	Name: bcookie Value: "v=2&85c63619-9a4e-4175-8471-8387f1b24ef0"
.linkedin.com/	1970-01-20 01:28:55	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2247:u=1:x=1:i=1646849385:t=1646935785:v=2:sig=AQEtfAaDdit6V5hBc3f3sHfIhPwwjMes"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:59:23	Name: bscookie Value: "v=1&202203091809454e445808-ab24-461e-8960-b15b5fe6c7eaAQGaW9v9eRULOWtRdjKeyqlCL-Y8LzaD"
.linkedin.com/	1970-01-20 18:57:19	Name: li_gc Value: MTswOzE2NDY4NDkzODU7MjswMjG+bWU7HAbJWgtT2aN8GPLuo/bZ861RKfhLhsabOdKbug==
salesiq.zoho.com/	1969-12-31 23:59:59	Name: LS_CSRF_TOKEN Value: 3f1d1ae0-9bae-4ec5-80d9-4d88b67ee8e5
.bitninja.io/	1970-01-20 10:13:05	Name: _clck Value: djj5sm\|1\|ezm\|0
.report.bitninja.io/	1970-01-20 01:27:29	Name: zld367633000000002043state Value: 0
.bitninja.io/	1970-01-20 01:28:55	Name: _clsk Value: 1r15ii4\|1646849386539\|1\|1\|k.clarity.ms/collect
.report.bitninja.io/	1970-01-20 18:58:41	Name: bitninja-_zldp Value: Vr4ZOFVYbvC5dsRZ9WpnyViHvhqTBN5O%2F6h4H0uoksL2vKC8tv4r%2BXVXTZbex9T%2BpB40U3fWMDM%3D
.report.bitninja.io/	1970-01-20 01:28:55	Name: bitninja-_zldt Value: 0ef4cd9f-30c0-4b02-bf42-9abdfa6514c8-1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a9855856441.cdn.optimizely.com
alb.reddit.com
analytics.twitter.com
api-js.mixpanel.com
bat.bing.com
bitninja.com
bitninja.io
cdn.heapanalytics.com
cdn.mxpnl.com
cdn.optimizely.com
connect.facebook.net
css.zohocdn.com
embed.tawk.to
forms.hubspot.com
front.optimonk.com
googleads.g.doubleclick.net
gs-cdn.optimonk.com
heapanalytics.com
jfapiprod.optimonk.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.zohocdn.com
k.clarity.ms
logx.optimizely.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
rec.smartlook.com
report.bitninja.io
salesiq.zoho.com
snap.licdn.com
static.ads-twitter.com
static.bitninja.io
stats.g.doubleclick.net
t.co
use.fontawesome.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
heapanalytics.com
logx.optimizely.com
104.244.42.131
104.244.42.5
104.90.153.39
13.107.42.14
13.32.121.41
136.143.183.48
136.143.191.67
138.199.37.226
142.250.186.130
148.72.132.217
151.101.129.140
167.99.251.246
199.232.136.157
20.96.88.162
2600:1901:0:bc29::
2606:4700:10::6816:1883
2606:4700::6811:47b0
2606:4700::6811:71b0
2606:4700::6811:82ab
2606:4700::6811:d5cc
2606:4700::6812:14bf
2606:4700::6813:9a53
2620:1ec:21::14
2620:1ec:27::cafe:1501
2620:1ec:c11::200
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2008
2a00:1450:400c:c06::9a
2a02:26f0:6c00:2a0::13b8
2a02:26f0:6c00::210:ba0a
2a02:6ea0:c700::10
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::396
2a06:98c1:3120::7
34.117.177.207
35.190.25.25
52.223.17.174
93.184.220.66
080a4b226426fb8faceb4768be5473bd22d8a7124f5801fb3d0085b2a9faf809
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0d0c3dca675d0e16c1052ebbbd524a0a87cb0b856e0fd127bf8b74862c5b49dc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1cd5c4b37938d932110ec043ce1cc766d18cacf7a4e7cffa6a539855d5bdc08d
222a585c209c6234d290852d1cba71ce495afe7a28ac965099dc357585085575
2779557c345ddd7c38f61f3c3d5caf69fe37000ed8e0d94666a4694387baede3
291cebd2aa45cf84eac2f7018f9b9a23237349fd4c60fab2c4133f5b31e27f7f
2c23671b1bdfd9c2f6567d716fe2cec5b81342b328db7d8736393ce6e6c669a8
2ce4dc0d434cc27202dc77461c9873fd99da0b3e552b4262ce63d2fd50caa5c7
2de8d4f132044f39b69a3ccea9dcae78ac622d809f38463d85bfa823e4867454
30b89715e633387512371f0acf6da2619e6c1c104e00d3588643f4457c1fd62d
31a09d63ab88373d5f7fe2785b274ea60c826d52f109b3ce4e88db440299091b
3907f8c53d2a626123017611e4b9bb30260e1e90a237dc5c3a29635b6f54b394
394653b172e1eb8c527dba3151a9d40522d67cd0ce88f8a7097b4c3347e7080e
3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854
47416c97abf6445e8743d61d244f2a58f1417c3d8bb9993ac0b195dce20afe13
4776ab4ac83d2d50183ec44db9f7f17740189de4ed8d5dfbca2e38b98979fc7e
4b3e90398c657077f722fae1c3378f89cda72b842a560ff5b62e5b2a66dd38a0
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
59dbda86041a5f394b83391ffe0b939341aabb817fa60a6ea78c80f5835596b5
5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc
5d9c658dbb2331c198b5a2f269f972f4ee0f8a651ae0bc90d6e60eac9f05eeec
6573b4e2ad75b89a7ff093e76076242e2ef350678aafc8945c4fd80362f07b01
67fb872d7b80bdfbbacc55c2d5d6efe50833e130c3685bdabee232b92f367348
68195809df6d702b8d2c25c97140def7f78f61a3a946a751ed0c304f96c8677f
689b4bf15ccbe5c9a73eefb514819352d2965eb097094151fe549e3b50102545
6b62e0b60f2efad4d91a09e0281a0c51d7ee47e52cd43c25c5ef6f0001083299
6d190c985949e8a0962ca2cede3c214de8085dc9d11c726af6c00c1ae5bb7ba9
6ffc7e636582f101a7bb401a9c147c2a63adc51a59ae9d844e764c22bfa6c084
747f0fed9d46a9afa9cea519f1bdfe225054eb26a8554e0841f068d2af9648ad
81e64118f1bf09843324b9d9b13fbbab22a0cad9edbda5737f42fb124e04a4c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
890ffd43501c87036cbb86c29e9f88138d8c273d92c56faf1774d1a905a03516
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
9655854fc142fd73252450141e6c41ad6878b990c899fb99ae3900b133c9ca68
98b73a119c12479d6fb68703373eca9e0e36a51265d004ee938d5da4cfb1a797
a14c5cf8d397a9480a4a20bd02df43774d7e2a6a4dbcd4978046ca196c136c10
a18aa92dea997bd71eb540d5f931620591e9dee27e5f817978bb385bab924d21
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a996803be97bd6eed2f13e2aaceed65ee5cc24e0669fcbd223788c5cf9159c2e
ab4742e456ed1ce1e4de002917c0b9d77abcb0fda8a97430c04787693a0f55d5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
bab96b40ce57e00068c1360399bf8fc4d2c1bfb4844acfb550d8e4e542564b86
c114b978529bb527ee145a76e49651f83cb774274f510f7856499916b493f4fe
c567d0068aa9d314d13047cf6af171cce476501aac5e5521bd2b2233b16fbce5
c962f5dd0481cf4bb6b0e727c818b01492453d0c8f5a055610ab90f5095a6b9f
d5184d24cb91ce0e98b123e5d01b21ea34bbe213a5893053ec4f5da0382e314d
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
db5cdb679b93121d7d37d4bf7bc49cca3595808055839e749d33f9b58e8badf4
dbda4e32c2422a0c9a346a5ce6f039f7f17a27991b31d248d748574c0aa19120
dc832faf8ca21fb791b9abb9a3ba334ef3e31914317791dd53510b8a24d0621d
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e1d138b6bc1afceb16981230b56620189f21e73f6ef616737bdc30a6577c9f
eb225958987016b36f094989fbe48ad4a7ce3bba2d0e7b37959201882e1221ed
ee5ed73474157f116c1cb6fce405f06f687e0d87764b9d4a5fd4b9df97ec1917
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
f54f48bed0d5056a57db5e71efaa1692a5e889acff2f69f3422a5ebc516ee99a
f9bbe1825458354dcf0642e237dac06a4d3de5902b0a94b8a30f31e730e82ccb

report.bitninja.io Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

96 %HTTPS

57 %IPv6

35 Domains

48 Subdomains

40 IPs

4 Countries

1476 kBTransfer

4128 kBSize

36 Cookies

7 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

report.bitninja.io Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

96 %
HTTPS

57 %
IPv6

35
Domains

48
Subdomains

40
IPs

4
Countries

1476 kB
Transfer

4128 kB
Size

36
Cookies

90 HTTP transactions
1 data transactions