urlscan.io logo urlscan.io
SecurityTrails logo

newtekstaging.1800accountant.com Open in urlscan Pro
3.208.136.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://newtekstaging.1800accountant.com/
Effective URL: https://newtekstaging.1800accountant.com/sso/
Submission: On July 04 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 2 countries across 30 domains to perform 83 HTTP transactions. The main IP is 3.208.136.209, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is newtekstaging.1800accountant.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on July 1st 2024. Valid for: a year.
This is the only time newtekstaging.1800accountant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 3.208.136.209 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2600:9000:214... 16509 (AMAZON-02)
1 142.250.185.130 15169 (GOOGLE)
1 18.172.103.101 16509 (AMAZON-02)
1 44.209.137.118 14618 (AMAZON-AES)
1 35.244.142.80 15169 (GOOGLE)
2 2a04:4e42::396 54113 (FASTLY)
1 7 35.227.244.1 15169 (GOOGLE)
3 2600:9000:26e... 16509 (AMAZON-02)
1 172.64.148.75 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 216.58.206.34 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 151.101.1.140 54113 (FASTLY)
1 151.101.65.140 54113 (FASTLY)
2 2600:1901:1:7... 396982 (GOOGLE-CL...)
1 1 216.58.212.130 15169 (GOOGLE)
1 4 142.250.185.196 15169 (GOOGLE)
1 172.217.16.195 15169 (GOOGLE)
1 108.138.26.47 16509 (AMAZON-02)
1 54.156.2.105 14618 (AMAZON-AES)
6 2a03:2880:f17... 32934 (FACEBOOK)
1 142.250.181.232 15169 (GOOGLE)
2 54.231.224.249 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 4 142.250.186.102 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.227.142.181 14618 (AMAZON-AES)
1 15.197.193.217 16509 (AMAZON-02)
1 16.182.42.161 16509 (AMAZON-02)
1 35.190.54.17 15169 (GOOGLE)
1 75.2.91.175 16509 (AMAZON-02)
1 35.85.106.161 16509 (AMAZON-02)
1 34.212.4.35 ()
1 216.239.32.36 ()
83 42
10    3.208.136.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-136-209.compute-1.amazonaws.com
newtekstaging.1800accountant.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2600:9000:214f:b800:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin1.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com
1    18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net
js.adsrvr.org
1    44.209.137.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-137-118.compute-1.amazonaws.com
dx.mountain.com
1    35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm
2    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
7    35.227.244.1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 1.244.227.35.bc.googleusercontent.com
shop.pe
app.shop.pe
manage.safeopt.com
3    2600:9000:26e8:0:d:370a:51c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2mjzob2nc713b.cloudfront.net
1    172.64.148.75 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
aa77c093d7c74bbea6cdbf73f6113fc6.js.ubembed.com
4    2606:4700::6812:190d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.gbqofs.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
www.googleadservices.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    2600:1901:1:7c5:: (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
pixels.spotify.com
1    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
googleads.g.doubleclick.net
4    142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net
www.google.com
1    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net
www.google.de
1    108.138.26.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-47.fra56.r.cloudfront.net
assets.ubembed.com
1    54.156.2.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-2-105.compute-1.amazonaws.com
54.156.2.105
6    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net
www.googletagmanager.com
2    54.231.224.249 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
1800-partner-logos.s3.amazonaws.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
12137571.fls.doubleclick.net
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    3.227.142.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-142-181.compute-1.amazonaws.com
c2001.report.gbss.io
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
1    16.182.42.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
addshoppers.s3.amazonaws.com
1    35.190.54.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.54.190.35.bc.googleusercontent.com
shopper.shop.pe
1    75.2.91.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: a954c1fc80b8251dc.awsglobalaccelerator.com
nytrng.com
1    35.85.106.161 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-106-161.us-west-2.compute.amazonaws.com
px.mountain.com
1    34.212.4.35 (None, )

ASN- ()
gs.mountain.com
1    216.239.32.36 (None, )

ASN- ()
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
10 1800accountant.com
newtekstaging.1800accountant.com
851 KB
7 shop.pe
shop.pe — Cisco Umbrella Rank: 13432
app.shop.pe — Cisco Umbrella Rank: 15585
shopper.shop.pe — Cisco Umbrella Rank: 16778
11 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
6 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
12137571.fls.doubleclick.net
ad.doubleclick.net Failed
1 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
237 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 5
1007 B
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 360
px4.ads.linkedin.com — Cisco Umbrella Rank: 6416
2 KB
4 gbqofs.com
cdn.gbqofs.com — Cisco Umbrella Rank: 6372
206 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
392 KB
3 amazonaws.com
1800-partner-logos.s3.amazonaws.com
addshoppers.s3.amazonaws.com — Cisco Umbrella Rank: 20536
25 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
17 B
3 cloudfront.net
d2mjzob2nc713b.cloudfront.net
55 KB
3 mountain.com
dx.mountain.com — Cisco Umbrella Rank: 6339
px.mountain.com — Cisco Umbrella Rank: 6399
gs.mountain.com
7 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 361
14 KB
2 spotify.com
pixels.spotify.com
272 B
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 2076
alb.reddit.com — Cisco Umbrella Rank: 1406
749 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
73 KB
2 ubembed.com
aa77c093d7c74bbea6cdbf73f6113fc6.js.ubembed.com
assets.ubembed.com — Cisco Umbrella Rank: 15937
50 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1200
13 KB
2 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1585
insight.adsrvr.org — Cisco Umbrella Rank: 1062
13 KB
1 nytrng.com
nytrng.com — Cisco Umbrella Rank: 10209
1 safeopt.com
manage.safeopt.com — Cisco Umbrella Rank: 25075
834 B
1 gbss.io
c2001.report.gbss.io — Cisco Umbrella Rank: 40405
715 B
1 google.de
www.google.de — Cisco Umbrella Rank: 8088
64 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 133
2 KB
1 pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 4440
22 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
52 KB
1 dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 5178
11 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 902
14 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
870 B
83 30
Domain Requested by
10 newtekstaging.1800accountant.com 1 redirects newtekstaging.1800accountant.com
6 www.facebook.com newtekstaging.1800accountant.com
4 12137571.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 www.google.com 1 redirects newtekstaging.1800accountant.com
www.gstatic.com
4 cdn.gbqofs.com newtekstaging.1800accountant.com
cdn.gbqofs.com
4 www.googletagmanager.com newtekstaging.1800accountant.com
www.googletagmanager.com
3 app.shop.pe cdn.gbqofs.com
3 fonts.gstatic.com fonts.googleapis.com
3 px.ads.linkedin.com 1 redirects snap.licdn.com
cdn.gbqofs.com
3 region1.google-analytics.com www.googletagmanager.com
cdn.gbqofs.com
3 d2mjzob2nc713b.cloudfront.net newtekstaging.1800accountant.com
shop.pe
3 shop.pe 1 redirects d2mjzob2nc713b.cloudfront.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
newtekstaging.1800accountant.com
2 1800-partner-logos.s3.amazonaws.com newtekstaging.1800accountant.com
2 pixels.spotify.com cdn.pdst.fm
2 connect.facebook.net newtekstaging.1800accountant.com
connect.facebook.net
2 www.redditstatic.com newtekstaging.1800accountant.com
www.redditstatic.com
1 gs.mountain.com px.mountain.com
1 px.mountain.com dx.mountain.com
px.mountain.com
1 nytrng.com d2mjzob2nc713b.cloudfront.net
1 manage.safeopt.com cdn.gbqofs.com
1 shopper.shop.pe shop.pe
1 addshoppers.s3.amazonaws.com d2mjzob2nc713b.cloudfront.net
1 insight.adsrvr.org js.adsrvr.org
1 c2001.report.gbss.io cdn.gbqofs.com
1 www.gstatic.com www.google.com
1 assets.ubembed.com aa77c093d7c74bbea6cdbf73f6113fc6.js.ubembed.com
1 www.google.de newtekstaging.1800accountant.com
1 googleads.g.doubleclick.net 1 redirects
1 alb.reddit.com newtekstaging.1800accountant.com
1 pixel-config.reddit.com www.redditstatic.com
1 px4.ads.linkedin.com newtekstaging.1800accountant.com
1 www.googleadservices.com www.googletagmanager.com
1 aa77c093d7c74bbea6cdbf73f6113fc6.js.ubembed.com www.googletagmanager.com
1 cdn.pdst.fm newtekstaging.1800accountant.com
1 dx.mountain.com newtekstaging.1800accountant.com
1 js.adsrvr.org www.googletagmanager.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 www.dwin1.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 fonts.googleapis.com newtekstaging.1800accountant.com
0 ad.doubleclick.net Failed newtekstaging.1800accountant.com
83 42

This site contains no links.

Subject Issuer Validity Valid
newtekstaging.1800accountant.com
Amazon RSA 2048 M03		 2024-07-01 -
2025-07-30		 a year crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.dwin1.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-15		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
*.mountain.com
Go Daddy Secure Certificate Authority - G2		 2024-05-23 -
2025-06-24		 a year crt.sh
cdn.pdst.fm
WR3		 2024-05-17 -
2024-08-15		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
*.js.ubembed.com
E6		 2024-06-11 -
2024-09-09		 3 months crt.sh
gbqofs.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-12 -
2024-07-11		 3 months crt.sh
*.googleadservices.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-07-01 -
2025-01-01		 6 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
*.spotify.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-05 -
2025-02-04		 a year crt.sh
assets.ubembed.com
Amazon RSA 2048 M03		 2023-12-06 -
2025-01-03		 a year crt.sh
54.156.2.105
Sectigo RSA Domain Validation Secure Server CA		 2024-01-25 -
2025-02-14		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.report.gbss.io
Amazon RSA 2048 M03		 2024-02-14 -
2025-03-15		 a year crt.sh
*.shop.pe
GlobeSSL DV CA		 2024-06-13 -
2025-06-13		 a year crt.sh
*.safeopt.com
GlobeSSL DV CA		 2024-05-17 -
2025-06-14		 a year crt.sh
nytrng.com
Amazon RSA 2048 M03		 2024-02-23 -
2025-03-23		 a year crt.sh

This page contains 7 frames:

Primary Page: https://newtekstaging.1800accountant.com/sso/
Frame ID: 12B11F7A5E351545E9CC228F80BC9FD7
Requests: 75 HTTP requests in this frame

Frame: https://12137571.fls.doubleclick.net/activityi;dc_pre=CKWA89KujIcDFc30OwIdbZEF3w;src=12137571;type=global;cat=sitew0;ord=2704620009160;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps=1;pcor=271082105;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z877392707za201zb77392707;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F
Frame ID: 8AE764E5EAFED25B74159029EC897C64
Requests: 1 HTTP requests in this frame

Frame: https://12137571.fls.doubleclick.net/activityi;dc_pre=CPmG8dKujIcDFWnIOwIdR_IBvA;src=12137571;type=global;cat=sitew0;ord=8347441440840;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps=1;pcor=1417213789;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z877392707za201zb77392707;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F
Frame ID: 5FAB09CD9949AB10FCF3AD2244F69DEF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfFp3kUAAAAAG3m0hY9HPIS-uBhZ5K5_zF-7UVk&co=aHR0cHM6Ly9uZXd0ZWtzdGFnaW5nLjE4MDBhY2NvdW50YW50LmNvbTo0NDM.&hl=de&type=image&v=rKbTvxTxwcw5VqzrtN-ICwWt&theme=light&size=normal&badge=bottomright&cb=ptn7pcyibbk6
Frame ID: 9D8930AB19AAEFA002AB8FD3604F04F2
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=z24ba29&ref=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F%23%2Flogin&upid=2kdfr8n&upv=1.1.0
Frame ID: 9BD4E5E0E6F3B122045AB21C67F203B2
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LfFp3kUAAAAAG3m0hY9HPIS-uBhZ5K5_zF-7UVk
Frame ID: D1F6E347C844CD35B8D56744B4C1EDB4
Requests: 1 HTTP requests in this frame

Frame: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=d0ffd0fae66348838eaea8b1a736853a
Frame ID: AFD7350297C9F0249691990714A8F679
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In | Newtek Accounting, provided by 1-800Accountant

Page URL History Show full URLs

  1. https://newtekstaging.1800accountant.com/ HTTP 301
    https://newtekstaging.1800accountant.com/sso/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ubembed\.com
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • dwin1\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

83
Requests

92 %
HTTPS

36 %
IPv6

30
Domains

42
Subdomains

42
IPs

2
Countries

2060 kB
Transfer

5815 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://newtekstaging.1800accountant.com/ HTTP 301
    https://newtekstaging.1800accountant.com/sso/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://shop.pe/widget/widget_async.js HTTP 301
  • https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
Request Chain 25
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2047578&time=1720061023464&url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2047578&time=1720061023464&url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&e_ipv6=AQJiLXyKNk5HpQAAAZB7oFWwgQ_PEk-mYkubSCqO2J6u5NAyjpX4wbBAIzdT0Tn1HnvX8lU
Request Chain 34
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/983663865/?random=1405646278&cv=11&fst=1720061023352&bg=ffffff&guid=ON&async=1&gtm=45be4730v9134242260z877392707za201zb77392707&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&label=p3dsCJP4vocDEPmJhtUD&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20%7C%201-1800Accountant&value=0&npa=1&pscdl=noapi&auid=1529280930.1720061023&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&eitems=ChAI8O2TtAYQ1vHkqoThrbZkEh0ADSyhrrytM02h5MbJXJzLZABp953oUatTipaLiw&pscrd=IhMIgfaw0q6MhwMVMhuiAx3qyAsoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6KWh0dHBzOi8vbmV3dGVrc3RhZ2luZy4xODAwYWNjb3VudGFudC5jb20v HTTP 302
  • https://www.google.com/pagead/1p-conversion/983663865/?random=1405646278&cv=11&fst=1720061023352&bg=ffffff&guid=ON&async=1&gtm=45be4730v9134242260z877392707za201zb77392707&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&label=p3dsCJP4vocDEPmJhtUD&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20%7C%201-1800Accountant&value=0&npa=1&pscdl=noapi&auid=1529280930.1720061023&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIgfaw0q6MhwMVMhuiAx3qyAsoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6KWh0dHBzOi8vbmV3dGVrc3RhZ2luZy4xODAwYWNjb3VudGFudC5jb20v&is_vtc=1&cid=CAQSGwDaQooLBJ-rlZM74GVlSJt2CUWxCwXurPigVg&eitems=ChAI8O2TtAYQ1vHkqoThrbZkEh0ADSyhrhHn7hfjgH-1nmCKJENmdug-EFre4fvDEg&random=3943218397 HTTP 302
  • https://www.google.de/pagead/1p-conversion/983663865/?random=1405646278&cv=11&fst=1720061023352&bg=ffffff&guid=ON&async=1&gtm=45be4730v9134242260z877392707za201zb77392707&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&label=p3dsCJP4vocDEPmJhtUD&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20%7C%201-1800Accountant&value=0&npa=1&pscdl=noapi&auid=1529280930.1720061023&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIgfaw0q6MhwMVMhuiAx3qyAsoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6KWh0dHBzOi8vbmV3dGVrc3RhZ2luZy4xODAwYWNjb3VudGFudC5jb20v&is_vtc=1&cid=CAQSGwDaQooLBJ-rlZM74GVlSJt2CUWxCwXurPigVg&eitems=ChAI8O2TtAYQ1vHkqoThrbZkEh0ADSyhrhHn7hfjgH-1nmCKJENmdug-EFre4fvDEg&random=3943218397&ipr=y
Request Chain 54
  • https://12137571.fls.doubleclick.net/activityi;src=12137571;type=global;cat=sitew0;ord=2704620009160;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps=1;pcor=271082105;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z877392707za201zb77392707;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F HTTP 302
  • https://12137571.fls.doubleclick.net/activityi;dc_pre=CKWA89KujIcDFc30OwIdbZEF3w;src=12137571;type=global;cat=sitew0;ord=2704620009160;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps=1;pcor=271082105;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z877392707za201zb77392707;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F
Request Chain 55
  • https://12137571.fls.doubleclick.net/activityi;src=12137571;type=global;cat=sitew0;ord=8347441440840;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps=1;pcor=1417213789;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z877392707za201zb77392707;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F HTTP 302
  • https://12137571.fls.doubleclick.net/activityi;dc_pre=CPmG8dKujIcDFWnIOwIdR_IBvA;src=12137571;type=global;cat=sitew0;ord=8347441440840;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps=1;pcor=1417213789;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z877392707za201zb77392707;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newtekstaging.1800accountant.com/sso/
Redirect Chain
  • https://newtekstaging.1800accountant.com/
  • https://newtekstaging.1800accountant.com/sso/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.136.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-136-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
605841fa32cf0467e9c259a2228f200a9f8265dbeae9a97ca174899fc806afe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 04 Jul 2024 02:43:42 GMT
etag
W/"66600a33-5cc"
last-modified
Wed, 05 Jun 2024 06:48:19 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
134
content-type
text/html
date
Thu, 04 Jul 2024 02:43:42 GMT
location
https://newtekstaging.1800accountant.com:443/sso/
server
awselb/2.0
css
fonts.googleapis.com/ 		3 KB
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,700&display=swap
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
65f297db27fc964a20f8920a595f572eb9fd59206590fdcc81c0dd532b7dd057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jul 2024 02:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 02:15:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jul 2024 02:43:42 GMT
styles.9e379c6c92bb5187.css
newtekstaging.1800accountant.com/sso/ 		373 B
502 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newtekstaging.1800accountant.com/sso/styles.9e379c6c92bb5187.css
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.136.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-136-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
66588825495424043ad6a10e6edd6676c59617237541c940f34bdc0756b29687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/sso/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 05 Jun 2024 06:48:19 GMT
server
nginx
content-encoding
gzip
etag
W/"66600a33-175"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
main.450f4fa1a111aca5.css
newtekstaging.1800accountant.com/sso/ 		503 B
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newtekstaging.1800accountant.com/sso/main.450f4fa1a111aca5.css
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.136.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-136-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
421cbe9ece067ad952bb7cb63d215cfb92a4431f05eb6cfffa9f642304ea960d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/sso/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 05 Jun 2024 06:48:19 GMT
server
nginx
content-encoding
gzip
etag
W/"66600a33-1f7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
api.js
newtekstaging.1800accountant.com/sso/config/ 		481 B
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newtekstaging.1800accountant.com/sso/config/api.js
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.136.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-136-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3a4a98d6514c6502f2626ff48bb52584c10a0d07bba32990d9f5501af3988d9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/sso/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 21 Jun 2024 05:42:41 GMT
server
nginx
content-encoding
gzip
etag
W/"667512d1-1e1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
runtime.948d5aa9e7667afa.esm.js
newtekstaging.1800accountant.com/sso/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newtekstaging.1800accountant.com/sso/runtime.948d5aa9e7667afa.esm.js
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.136.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-136-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6564461d8954e27f39f5e0ed777ded4a0878e4a4e548d980a680bad09a72587c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/sso/
Origin
https://newtekstaging.1800accountant.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 05 Jun 2024 06:48:19 GMT
server
nginx
content-encoding
gzip
etag
W/"66600a33-6ef"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
polyfills.6e24d11424009e23.esm.js
newtekstaging.1800accountant.com/sso/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newtekstaging.1800accountant.com/sso/polyfills.6e24d11424009e23.esm.js
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.136.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-136-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
47cf7eb128466aec119c19941ba5956299b36d1627c06385598ec500041aa6f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/sso/
Origin
https://newtekstaging.1800accountant.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 05 Jun 2024 06:48:19 GMT
server
nginx
content-encoding
gzip
etag
W/"66600a33-1352a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
main.d855fc2b899d320c.esm.js
newtekstaging.1800accountant.com/sso/ 		1 MB
395 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newtekstaging.1800accountant.com/sso/main.d855fc2b899d320c.esm.js
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.136.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-136-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
db9eb108270291e580ccd03b0d66f04460d4b02189fc2e8f9315a7e249350174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/sso/
Origin
https://newtekstaging.1800accountant.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 05 Jun 2024 06:48:19 GMT
server
nginx
content-encoding
gzip
etag
W/"66600a33-1780f4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		479 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K7NCR95
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f9e16e9bb56f161af64f1aa2e7d7c1b9404a7f1d69e8c0d1f8684bd52687a2ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132741
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Jul 2024 02:43:42 GMT
js
www.googletagmanager.com/gtag/ 		302 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8TVG1SJ60Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7NCR95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38a45efcf58b8967d12a74fe60181cbc16c29c4e36724189592b97639354ad5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103966
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jul 2024 02:43:43 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7NCR95
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 04 Jul 2024 02:43:43 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 409BEC7C4BCF4708A714FD1F2BEF738E Ref B: FRA31EDGE0809 Ref C: 2024-07-04T02:43:43Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
insight.min.js
snap.licdn.com/li.lms-analytics/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7NCR95
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 16:46:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=12606
accept-ranges
bytes
content-length
14004
destination
www.googletagmanager.com/gtag/ 		241 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-983663865&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7NCR95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a91795375fc316f8d965c7de43d69e0b1da8522dd3bb9d7b783b214067ccf097
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87615
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Jul 2024 02:43:43 GMT
19038.js
www.dwin1.com/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/19038.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7NCR95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b800:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b04d72546f3d807901ac18982112fcf6c50c115095f76755040cd6be758599a7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
zR32WRrkE_nbij0xnr90P7uyNi3RXSM2
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
date
Thu, 04 Jul 2024 02:43:32 GMT
x-amz-cf-pop
FRA53-C1
age
12
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 24 May 2023 10:09:50 GMT
server
AmazonS3
etag
W/"9575e6eeef2b4a42e72a0401cbc03c24"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, s-maxage=600
x-amz-cf-id
ibaMwFISi1tCCNjwqd-TpphIJV_2z_9CFj4Tv7oZAdFR2wteX2o6kA==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7NCR95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
2c8972d4cda2b7ec184640f6e046d1d2a704b86e7faea561e950d6725dcd98f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52847
x-xss-protection
0
server
cafe
etag
4668565545290118142
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 04 Jul 2024 02:43:43 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7NCR95
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-103-101.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 05:44:24 GMT
Via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
Last-Modified
Fri, 07 Jun 2024 09:20:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P8
Age
80955
x-amz-server-side-encryption
AES256
ETag
W/"a7eb6794e868fe870db350518165c868"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12320
X-Amz-Cf-Id
j-gO4yG5nyUXlK6d7NMXHNG_gYgropmlushZfFmLeE8QlDlQchm1Cw==
spx
dx.mountain.com/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx.mountain.com/spx?dxver=4.0.0&shaid=32965&tdr=&plh=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&cb=51751783007569490term=value
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.137.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-137-118.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
5d90caa34c0c7ba0696d80b0bf67f722ad72a8a0d48575e5f1ded0cbdee9eacc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:42 GMT
content-encoding
gzip
server
istio-envoy
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding
chunked
content-type
application/javascript;charset=utf-8
x-envoy-upstream-service-time
1
be
spx-prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
ping.min.js
cdn.pdst.fm/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
80.142.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 01:57:07 GMT
age
2796
x-guploader-uploadid
ACJd0NrcVs7vM024H20DJMp9fgLxjsPNHtA_zLgGqg6ap187OeAyofZq8SH8tI7VuqmZhv2_475YG4jCKw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22096
last-modified
Tue, 25 Jun 2024 13:55:49 GMT
server
UploadServer
etag
"4eddeec95afda969b3d1b2fb970c1eb1"
x-goog-generation
1719323749654301
x-goog-hash
crc32c=NZyeaA==, md5=Tt3uyVr9qWmz0bL7lwwesQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
22096
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 04 Jul 2024 02:57:07 GMT
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:43 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
widget_async.js
d2mjzob2nc713b.cloudfront.net/widget/
Redirect Chain
  • https://shop.pe/widget/widget_async.js
  • https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Server
2600:9000:26e8:0:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f235d19f5cf10061b266c784723b2829a7acab9b88ac8924b5aac3d0be0b438

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://newtekstaging.1800accountant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Jul 2024 02:27:57 GMT
content-encoding
gzip
via
1.1 3c13cc51908e4d37d2a5046d7703e256.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
age
947
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1192
last-modified
Mon, 20 May 2024 15:33:23 GMT
server
AmazonS3
etag
"5bcfe272ba6cc455636cdb5e7f6bce0c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
zPK8oYGrN-sTMklyCiDFykfdclCezDJcVKdZvL5FokdIU-g5yLw-1w==
x-amz-meta-mtime
1716219202.04

Redirect headers

date
Thu, 04 Jul 2024 02:43:43 GMT
content-security-policy
frame-ancestors none;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
server
nginx
x-frame-options
deny
content-type
text/html
location
https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
/
aa77c093d7c74bbea6cdbf73f6113fc6.js.ubembed.com/ 		415 B
687 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa77c093d7c74bbea6cdbf73f6113fc6.js.ubembed.com/
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7NCR95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.75 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd11493790d857287ae56c4ef0b5bdea1a8556e9800163a24f64b3d189e0e549

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:43 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
etag
W/"803e7e8e6fd058bb6c04c82f39f62f23bc98e33b"
vary
Accept-Encoding, Referer
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
cf-ray
89dbc4f42c4c450a-TXL
detector-dom.min.js
cdn.gbqofs.com/1-800accountant/u/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gbqofs.com/1-800accountant/u/detector-dom.min.js
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:190d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f622a0af5e2151febb626730108cc195956e043f09d15236ac1c29e6836bc1f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:43 GMT
x-amz-version-id
V.s9BtKCtqAnil51GkGOOsgNN2DoOKyQ
content-encoding
gzip
cf-cache-status
MISS
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 03 Jul 2024 08:56:43 GMT
server
cloudflare
etag
W/"6524e09f037820b70a918bb1f3bd2693"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
89dbc4f4cc0b1c20-FRA
x-amz-cf-id
1mAbp2zZ9HmZ8DYLtB80ZX48R7iTH_dmpBP6lZ3aUI5c9NmoFfTHfg==
expires
Thu, 04 Jul 2024 06:43:43 GMT
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 04 Jul 2024 02:43:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
a4BV0AIvNwXvOJX4RhGoeM8s5Yq0RJrlchaKun4Hgd76l28jFzoZMACJ9zZaWCrxFXyHV4pbfBAkLRJ2CQBkMQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/983663865/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/983663865/?random=1720061023352&cv=11&fst=1720061023352&bg=ffffff&guid=ON&async=1&gtm=45be4730v9134242260z877392707za201zb77392707&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&label=p3dsCJP4vocDEPmJhtUD&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20%7C%201-1800Accountant&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1529280930.1720061023&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-983663865&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
cbb9b87ad8f1e3fe9163e87e676fcb269040bf5bc7e9f86a0926e2e336009c7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 02:43:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1693
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8TVG1SJ60Z&gtm=45je4730v883875236z877392707za200zb77392707&_p=1720061022751&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1255332637.1720061023&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720061023&sct=1&seg=0&dl=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&dt=Sign%20In%20%7C%201-1800Accountant&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1334&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8TVG1SJ60Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 02:43:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newtekstaging.1800accountant.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attribution_trigger
px.ads.linkedin.com/ 		2 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=2047578&time=1720061023464&url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:43 GMT
content-encoding
gzip
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: C457D9B4F1EC490481FF7B6FAF970B74 Ref B: FRAEDGE1817 Ref C: 2024-07-04T02:43:43Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-lor1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYcYupO59aI5UXiaNaS/g==
x-fs-uuid
00061c62ea4ee7d688e545e268d692fe
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2047578&time=1720061023464&url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2047578&time=1720061023464&url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&e_ipv6=AQJiLXyKNk5HpQAAAZB7oFWwgQ_PEk-mYkubSCqO2J6u5NAyjpX...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2047578&time=1720061023464&url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&e_ipv6=AQJiLXyKNk5HpQAAAZB7oFWwgQ_PEk-mYkubSCqO2J6u5NAyjpX4wbBAIzdT0Tn1HnvX8lU
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://newtekstaging.1800accountant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Jul 2024 02:43:43 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 191E922E1CD9439489380251F1B09044 Ref B: FRAEDGE1121 Ref C: 2024-07-04T02:43:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYcYupYuoKvQpVGNs7EhQ==

Redirect headers

date
Thu, 04 Jul 2024 02:43:43 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: EC7CBCCB692C4CA0A6AD602B74579E89 Ref B: FRAEDGE2007 Ref C: 2024-07-04T02:43:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2047578&time=1720061023464&url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&e_ipv6=AQJiLXyKNk5HpQAAAZB7oFWwgQ_PEk-mYkubSCqO2J6u5NAyjpX4wbBAIzdT0Tn1HnvX8lU
x-li-proto
http/2
content-length
0
x-li-uuid
AAYcYupOnyPcsQdm2W4FHQ==
config
pixel-config.reddit.com/pixels/t2_kptp46wy/ 		3 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_kptp46wy/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:44 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
t2_kptp46wy_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_kptp46wy_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:43 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
rp.gif
alb.reddit.com/ 		42 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1720061023624&id=t2_kptp46wy&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=7898241e-d1e9-47b0-821b-a20bf1e88d91&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:43 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
5823970.js
bat.bing.com/p/action/ 		0
119 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5823970.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 04 Jul 2024 02:43:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 43A91D9F3E3741BD93FD3C5F701176F4 Ref B: FRA31EDGE0809 Ref C: 2024-07-04T02:43:43Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5823970&tm=gtm002&Ver=2&mid=ee3fd5a6-4cff-4c5c-8e73-4909f823448c&sid=3a8f1db039af11ef82bbfb2b19a0e9c5&vid=3a8f1d4039af11ef963bd10b9486c75c&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Sign%20In%20%7C%201-1800Accountant&p=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&r=&lt=1475&evt=pageLoad&sv=1&rn=24582
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 04 Jul 2024 02:43:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6F67A019D3A44699A8D0B18C7FA9914E Ref B: FRA31EDGE0809 Ref C: 2024-07-04T02:43:43Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
newtekstaging.1800accountant.com/cbapi/app.php/ 		65 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newtekstaging.1800accountant.com/cbapi/app.php/config
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/main.d855fc2b899d320c.esm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.136.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-136-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1f48abaa1a55cc000c18dd12c711601d78beed02ed55ff2031270ecc221a3955
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://newtekstaging.1800accountant.com/sso/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
no-referrer
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-cache
x-xss-protection
1; mode=block
expires
Thu, 04 Jul 2024 02:43:42 GMT
KeyboardBackground.c4dfd32.svg
newtekstaging.1800accountant.com/sso/ 		537 KB
405 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newtekstaging.1800accountant.com/sso/KeyboardBackground.c4dfd32.svg
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.136.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-136-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
de2ac39a7f010d61500448cc883121d6e493955cc3b008edffe56f9a30ab35e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/sso/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 05 Jun 2024 06:48:19 GMT
server
nginx
content-encoding
gzip
etag
W/"66600a33-865d6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-xss-protection
1; mode=block
ingest
pixels.spotify.com/v1/ 		52 B
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pixels.spotify.com/v1/ingest
Requested by
Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
envoy /
Resource Hash
1d2d44fda9a79b09502fad83a9e4a2d4a21deda6135eec6342a07e56a7911af0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://newtekstaging.1800accountant.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
grpc-status
0
server
envoy
via
HTTP/2 edgeproxy, 1.1 google
grpc-encoding
identity
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://newtekstaging.1800accountant.com
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
grpc-accept-encoding
gzip,x-snappy-framed
/
www.google.de/pagead/1p-conversion/983663865/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/983663865/?random=1405646278&cv=11&fst=1720061023352&bg=ffffff&guid=ON&async=1&gtm=45be4730v9134242260z877392707za201zb77392707&gcd=...
  • https://www.google.com/pagead/1p-conversion/983663865/?random=1405646278&cv=11&fst=1720061023352&bg=ffffff&guid=ON&async=1&gtm=45be4730v9134242260z877392707za201zb77392707&gcd=13l3lPl2l1&dma_cps=sy...
  • https://www.google.de/pagead/1p-conversion/983663865/?random=1405646278&cv=11&fst=1720061023352&bg=ffffff&guid=ON&async=1&gtm=45be4730v9134242260z877392707za201zb77392707&gcd=13l3lPl2l1&dma_cps=syp...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/983663865/?random=1405646278&cv=11&fst=1720061023352&bg=ffffff&guid=ON&async=1&gtm=45be4730v9134242260z877392707za201zb77392707&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&label=p3dsCJP4vocDEPmJhtUD&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20%7C%201-1800Accountant&value=0&npa=1&pscdl=noapi&auid=1529280930.1720061023&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIgfaw0q6MhwMVMhuiAx3qyAsoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6KWh0dHBzOi8vbmV3dGVrc3RhZ2luZy4xODAwYWNjb3VudGFudC5jb20v&is_vtc=1&cid=CAQSGwDaQooLBJ-rlZM74GVlSJt2CUWxCwXurPigVg&eitems=ChAI8O2TtAYQ1vHkqoThrbZkEh0ADSyhrhHn7hfjgH-1nmCKJENmdug-EFre4fvDEg&random=3943218397&ipr=y
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H3
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://newtekstaging.1800accountant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 02:43:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jul 2024 02:43:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/983663865/?random=1405646278&cv=11&fst=1720061023352&bg=ffffff&guid=ON&async=1&gtm=45be4730v9134242260z877392707za201zb77392707&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&label=p3dsCJP4vocDEPmJhtUD&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20%7C%201-1800Accountant&value=0&npa=1&pscdl=noapi&auid=1529280930.1720061023&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIgfaw0q6MhwMVMhuiAx3qyAsoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6KWh0dHBzOi8vbmV3dGVrc3RhZ2luZy4xODAwYWNjb3VudGFudC5jb20v&is_vtc=1&cid=CAQSGwDaQooLBJ-rlZM74GVlSJt2CUWxCwXurPigVg&eitems=ChAI8O2TtAYQ1vHkqoThrbZkEh0ADSyhrhHn7hfjgH-1nmCKJENmdug-EFre4fvDEg&random=3943218397&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ingest
pixels.spotify.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pixels.spotify.com/v1/ingest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://newtekstaging.1800accountant.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-origin
https://newtekstaging.1800accountant.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 04 Jul 2024 02:43:43 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
1769898159978729
connect.facebook.net/signals/config/ 		65 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1769898159978729?v=2.9.160&r=stable&domain=newtekstaging.1800accountant.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8d3f4e824dfbf930ebd2a213d1f5ac6005dc1c171372e27fb5b0530406e1f7e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 04 Jul 2024 02:43:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=66, mss=1297, tbw=63822, tp=-1, tpl=-1, uplat=83, ullat=0
pragma
public
x-fb-debug
sETCRFLkivCi3hPVe9nBWGc0YYyAbZPr+gLxewEXGMEPEg4O4RuCQcRIdrbJuEHQCMlMa5xIYjIDQ8Hzbo2Cuw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bundle.js
assets.ubembed.com/universalscript/releases/v0.183.0/ 		183 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ubembed.com/universalscript/releases/v0.183.0/bundle.js
Requested by
Host: aa77c093d7c74bbea6cdbf73f6113fc6.js.ubembed.com
URL: https://aa77c093d7c74bbea6cdbf73f6113fc6.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c39fa609f4a9b43e493115c723b102147f9025008bd24841e7732c5f253edd51

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 17:52:38 GMT
content-encoding
gzip
via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2024 17:48:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
3487866
etag
W/"ce1f9daa5bfa548f0417f378eb40974e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
IFa3qlQ8elu_9KC0wRdxOY5QCWMe6xyco_jLIBvLDxCquXFSv-XGVw==
config.js
cdn.gbqofs.com/1-800accountant/u/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gbqofs.com/1-800accountant/u/config.js
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/1-800accountant/u/detector-dom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:190d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0be0be38268cf69d7669aff641b34479848fd7f6a4b0d5c84c1dbe853c45f5d0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:43 GMT
x-amz-version-id
EI509cZuB0CpgvbeghCSLrXz73Mu3Dsp
content-encoding
gzip
cf-cache-status
MISS
via
1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 03 Jul 2024 08:56:43 GMT
server
cloudflare
etag
W/"7d42253a89a2ef4fbd43bf04dfab8c7e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
89dbc4f62cd81c20-FRA
x-amz-cf-id
RV6jyNNFB31aVyQbC3at2flL2AkHo_bF3DBMYoYci7wuIJi09LfaNA==
expires
Thu, 04 Jul 2024 06:43:43 GMT
is
54.156.2.105/ 		32 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://54.156.2.105/is
Requested by
Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32965&tdr=&plh=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&cb=51751783007569490term=value
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.156.2.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-2-105.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
fa4c903f01e62b7f2adc159ccd079468cf259b620ca307bdd6d5d509275601c2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:44 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
2
connection
close
access-control-allow-headers
Accept, Content-Type, x-requested-with, X-Custom-Header
content-length
32
x-application-context
application:prod:8080
triggerRunner.js
d2mjzob2nc713b.cloudfront.net/widget/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/triggerRunner.js?v=53f4a9a
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:0:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45fdcedbeb833ea40206c98dfcbfa73842f72d53f166a26b47ecc3b01a55286d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 02:03:49 GMT
content-encoding
gzip
via
1.1 3c13cc51908e4d37d2a5046d7703e256.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
age
175195
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3876
last-modified
Mon, 20 May 2024 15:33:23 GMT
server
AmazonS3
etag
"f774f3054b32067929bcaf42657d6bb0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
mJjWF3uOgWxP0emhFvDucixlAAb9ogfV5z3Tte8WvSC_mf7Q4KLJHQ==
x-amz-meta-mtime
1716219202.02
widget.js
d2mjzob2nc713b.cloudfront.net/widget/ 		194 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=2a338b8
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:0:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bb8bd87e231ac9f9f22c98b1aae09d04ffc1bed75d096dacf0e629473151074

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 02:03:49 GMT
content-encoding
gzip
via
1.1 3c13cc51908e4d37d2a5046d7703e256.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
age
175194
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
50190
last-modified
Mon, 20 May 2024 15:33:24 GMT
server
AmazonS3
etag
"41961d3c766c3993d219e2cc934e33c0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
tJwl2Be7VVXGdcHAUIlL4mlDuGlh8KM4sEq8lgeqZ7INNkIhjype6g==
x-amz-meta-mtime
1716219200.28
/
www.facebook.com/tr/ 		0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1769898159978729&ev=PageView&dl=https%3A%2F%2Fnewtekstaging.1800accountant.com&rl=&if=false&ts=1720061023845&sw=1600&sh=1200&v=2.9.160&r=stable&a=gtmss&ec=0&o=4124&fbp=fb.1.1720061023842.426064427604453806&pm=1&hrl=2c672a&ler=empty&cdl=API_unavailable&it=1720061023678&coo=false&eid=db43e1a0-8ff3-4889-9a3c-9edb67e55166_1720061022751.18&cs_cc=1&cas=7743565595675235%2C3005407556205821&rqm=GET
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1297, tbw=2845, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 04 Jul 2024 02:43:44 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1022 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1769898159978729&ev=PageView&dl=https%3A%2F%2Fnewtekstaging.1800accountant.com&rl=&if=false&ts=1720061023845&sw=1600&sh=1200&v=2.9.160&r=stable&a=gtmss&ec=0&o=4124&fbp=fb.1.1720061023842.426064427604453806&pm=1&hrl=2c672a&ler=empty&cdl=API_unavailable&it=1720061023678&coo=false&eid=db43e1a0-8ff3-4889-9a3c-9edb67e55166_1720061022751.18&cs_cc=1&cas=7743565595675235%2C3005407556205821&rqm=FGET
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc61b00aed2f2d300","source_keys":["1","2"]},{"key_piece":"0xef544c0c4e13fff5","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 04 Jul 2024 02:43:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387605847304892606", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=14, mss=1297, tbw=6394, tp=-1, tpl=-1, uplat=173, ullat=0
pragma
no-cache
x-fb-debug
Muldq//0CQqKeg6Ki5Itf+hMAy+pBUri9YDCTe5hqKOY90A26ce7a/dyhoUVzKsDldg/jXH0u05+zBZV+Vhz0g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387605847304892606"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
detector-bootstrap.min.js
cdn.gbqofs.com/sv/c/ 		531 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gbqofs.com/sv/c/detector-bootstrap.min.js
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/1-800accountant/u/detector-dom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:190d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5feb9809df90e6d140e6e1cd02512ca43970d200fbbf205b10ffeca89b42e85

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Origin
https://newtekstaging.1800accountant.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:44 GMT
x-amz-version-id
Rwm7yvatZsAA6GERYzsXnmg0xwE.p0Ge
content-encoding
gzip
cf-cache-status
MISS
via
1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 26 Jun 2024 20:01:43 GMT
server
cloudflare
etag
W/"b23d0b720610d76979cd2ae05d29e748"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers
access-control-allow-methods
PUT, HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
89dbc4f858556943-FRA
x-amz-cf-id
eNSAGRDimUIOOTTW7MJAb2_gQaiFR9M0qslYrLMVXb1H6XnonZec7A==
expires
Thu, 04 Jul 2024 06:43:44 GMT
destination
www.googletagmanager.com/gtag/ 		205 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-12137571&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7NCR95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
aa1e4349a7bf3334ac772cbc06cdd326f747d47b20d8a9f2e31d839c442b67ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76206
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Jul 2024 02:43:44 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8TVG1SJ60Z&gtm=45je4730v883875236za200zb77392707&_p=1720061022751&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1255332637.1720061023&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1720061023&sct=1&seg=0&dl=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&dt=Sign%20In%20%7C%201-1800Accountant&en=scroll&epn.percent_scrolled=90&_et=23&tfd=1981&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8TVG1SJ60Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 02:43:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newtekstaging.1800accountant.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1769898159978729&ev=PageView&dl=https%3A%2F%2Fnewtekstaging.1800accountant.com&rl=&if=false&ts=1720061024086&sw=1600&sh=1200&v=2.9.160&r=stable&a=gtmss&ec=1&o=4124&fbp=fb.1.1720061023842.426064427604453806&pm=1&hrl=921b82&ler=empty&cdl=API_unavailable&it=1720061023678&coo=false&cs_cc=1&cas=7743565595675235%2C6106969449417693%2C3005407556205821&rqm=GET
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1297, tbw=2845, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 04 Jul 2024 02:43:44 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1769898159978729&ev=PageView&dl=https%3A%2F%2Fnewtekstaging.1800accountant.com&rl=&if=false&ts=1720061024086&sw=1600&sh=1200&v=2.9.160&r=stable&a=gtmss&ec=1&o=4124&fbp=fb.1.1720061023842.426064427604453806&pm=1&hrl=921b82&ler=empty&cdl=API_unavailable&it=1720061023678&coo=false&cs_cc=1&cas=7743565595675235%2C6106969449417693%2C3005407556205821&rqm=FGET
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc61b00aed2f2d300","source_keys":["1","2"]},{"key_piece":"0xef544c0c4e13fff5","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 04 Jul 2024 02:43:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387605846144102548", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=14, mss=1297, tbw=3196, tp=-1, tpl=-1, uplat=111, ullat=0
pragma
no-cache
x-fb-debug
YWoh1ThjrSpAb1ZiPKaqDzO0MuqSGAZffbVzEkyCrXDNYIPLA/jeuQh6KeoLfdIHzPKQQI0Lw3tKMwfz+EfUKg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387605846144102548"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
api.js
www.google.com/recaptcha/ 		1 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/main.d855fc2b899d320c.esm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
GSE /
Resource Hash
2657935e468a24a6a7c5e62921feb0d59d6453f8d142be8a86a9521b6c7b654e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 04 Jul 2024 02:43:44 GMT
partnerLogo.svg
1800-partner-logos.s3.amazonaws.com/newtek/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1800-partner-logos.s3.amazonaws.com/newtek/partnerLogo.svg
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
54.231.224.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9ddb826214d4f527d64c1e4d2a99932f5c3a756037795488e85959a73326e819

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 02:43:45 GMT
Last-Modified
Fri, 25 Aug 2023 10:13:23 GMT
Server
AmazonS3
x-amz-request-id
CAK841KW1YVDG67E
ETag
"488ea41854f21e2a9c638dd71f80a1e6"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
23768
x-amz-id-2
l0zt3+UOIfKCs7nYWQfNOJICzJCaBhf5mhDBq6Knk+Q9ts85WoUdqFt70QyDvWYV9HhwgXvJd8o=
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://newtekstaging.1800accountant.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:57:16 GMT
x-content-type-options
nosniff
age
546388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 18:57:16 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://newtekstaging.1800accountant.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 16:21:03 GMT
x-content-type-options
nosniff
age
555761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 16:21:03 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://newtekstaging.1800accountant.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:55:50 GMT
x-content-type-options
nosniff
age
128874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 14:55:50 GMT
activityi;dc_pre=CKWA89KujIcDFc30OwIdbZEF3w;src=12137571;type=global;cat=sitew0;ord=2704620009160;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps=1;...
12137571.fls.doubleclick.net/ Frame 8AE7
Redirect Chain
  • https://12137571.fls.doubleclick.net/activityi;src=12137571;type=global;cat=sitew0;ord=2704620009160;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps...
  • https://12137571.fls.doubleclick.net/activityi;dc_pre=CKWA89KujIcDFc30OwIdbZEF3w;src=12137571;type=global;cat=sitew0;ord=2704620009160;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12137571.fls.doubleclick.net/activityi;dc_pre=CKWA89KujIcDFc30OwIdbZEF3w;src=12137571;type=global;cat=sitew0;ord=2704620009160;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps=1;pcor=271082105;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z877392707za201zb77392707;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12137571&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://newtekstaging.1800accountant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
686
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 02:43:44 GMT
expires
Thu, 04 Jul 2024 02:43:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 02:43:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12137571.fls.doubleclick.net/activityi;dc_pre=CKWA89KujIcDFc30OwIdbZEF3w;src=12137571;type=global;cat=sitew0;ord=2704620009160;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps=1;pcor=271082105;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z877392707za201zb77392707;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CPmG8dKujIcDFWnIOwIdR_IBvA;src=12137571;type=global;cat=sitew0;ord=8347441440840;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps=1;...
12137571.fls.doubleclick.net/ Frame 5FAB
Redirect Chain
  • https://12137571.fls.doubleclick.net/activityi;src=12137571;type=global;cat=sitew0;ord=8347441440840;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps...
  • https://12137571.fls.doubleclick.net/activityi;dc_pre=CPmG8dKujIcDFWnIOwIdR_IBvA;src=12137571;type=global;cat=sitew0;ord=8347441440840;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12137571.fls.doubleclick.net/activityi;dc_pre=CPmG8dKujIcDFWnIOwIdR_IBvA;src=12137571;type=global;cat=sitew0;ord=8347441440840;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps=1;pcor=1417213789;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z877392707za201zb77392707;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12137571&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://newtekstaging.1800accountant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
687
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 02:43:44 GMT
expires
Thu, 04 Jul 2024 02:43:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 02:43:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12137571.fls.doubleclick.net/activityi;dc_pre=CPmG8dKujIcDFWnIOwIdR_IBvA;src=12137571;type=global;cat=sitew0;ord=8347441440840;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps=1;pcor=1417213789;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z877392707za201zb77392707;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=12137571;type=global;cat=sitew0;ord=2704620009160;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps=1;pcor=27108210...
ad.doubleclick.net/ 		0
0
activity;register_conversion=1;src=12137571;type=global;cat=sitew0;ord=8347441440840;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps=1;pcor=14172137...
ad.doubleclick.net/ 		0
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		536 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Origin
https://newtekstaging.1800accountant.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217833
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Jul 2025 00:25:59 GMT
detector-lazy.min.js
cdn.gbqofs.com/sv/c/ 		161 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gbqofs.com/sv/c/detector-lazy.min.js
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/sv/c/detector-bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:190d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6aa08b80019c73da6720c6043b03f79471926a7eb9402d8ea9bf4f07d284547

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:44 GMT
x-amz-version-id
Vh3nLvLQERCEzV5aSyvYtUDvnapGgzNN
content-encoding
gzip
cf-cache-status
HIT
via
1.1 1b77603a6f6f7fc033b1967170e8a7c0.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP53-P2
age
1236
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 26 Jun 2024 20:01:43 GMT
server
cloudflare
etag
W/"4be196f32ed5790078a01156c15cc9d2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
89dbc4fb1fb01c20-FRA
x-amz-cf-id
-InZff1vxaGNRMwWisOpMgOGQUA35darRNaH3KLjfujvSbqvgiXGhA==
expires
Thu, 04 Jul 2024 06:43:44 GMT
cls_report
c2001.report.gbss.io/b8wdf3a4/reporting/19c94dcf-f413-9f33-b461-92ecf9265cd7/ 		454 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2001.report.gbss.io/b8wdf3a4/reporting/19c94dcf-f413-9f33-b461-92ecf9265cd7/cls_report?_cls_s=fb14d1f6-4295-4123-aa44-9d13290e3ee1%3A0&_cls_v=6ed85cbb-4946-4d94-ae15-54cb68c53d98&pv=2&f_cls_s=true
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/sv/c/detector-bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.227.142.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-142-181.compute-1.amazonaws.com
Software
Glassbox Cligate /
Resource Hash
c4fa09f8a3e2e00550e316c55a5cfd80e21badeccc82ff3c9f6108cc62bfc569

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:44 GMT
content-encoding
gzip
server
Glassbox Cligate
vary
origin
content-type
application/json
access-control-allow-origin
https://newtekstaging.1800accountant.com
access-control-allow-credentials
true
content-length
301
/
px.ads.linkedin.com/wa/ 		0
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/sv/c/detector-bootstrap.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://newtekstaging.1800accountant.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:44 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 226DF9C525604A9FA1A7D8BFB56D423C Ref B: FRAEDGE2007 Ref C: 2024-07-04T02:43:44Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://newtekstaging.1800accountant.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYcYupdAB5CCBe8ULK1Wg==
anchor
www.google.com/recaptcha/api2/ Frame 9D89 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfFp3kUAAAAAG3m0hY9HPIS-uBhZ5K5_zF-7UVk&co=aHR0cHM6Ly9uZXd0ZWtzdGFnaW5nLjE4MDBhY2NvdW50YW50LmNvbTo0NDM.&hl=de&type=image&v=rKbTvxTxwcw5VqzrtN-ICwWt&theme=light&size=normal&badge=bottomright&cb=ptn7pcyibbk6
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/main.d855fc2b899d320c.esm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dwxwoz0MWFMb_byXDKO9WQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://newtekstaging.1800accountant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-dwxwoz0MWFMb_byXDKO9WQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 02:43:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
e090a045-7c64-427f-ae9a-36041f6a7582
https://newtekstaging.1800accountant.com/ 		151 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://newtekstaging.1800accountant.com/e090a045-7c64-427f-ae9a-36041f6a7582
Requested by
Host: newtekstaging.1800accountant.com
URL: https://newtekstaging.1800accountant.com/sso/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7fe6544c8bb8c42931915084abfeaeb22b41fca6add8cdbafce6259f89ba62c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
151
Content-Type
application/javascript
params
shop.pe/widget/main/init/ 		260 B
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.pe/widget/main/init/params?siteid=6372a01ea7ee9104e597c4ab&product=Sign%20In%20%7C%20Newtek%20Accounting%2C%20provided%20by%201-800Accountant&product_url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F%23%2Flogin&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&sos=false&rand=50715&cookie=&referer=
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=2a338b8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
40ca9002da219f501accbc477e73d25002a3c4e1d4fe640f41bc5ea0f6ecbdf7
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:45 GMT
content-security-policy
frame-ancestors none;
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced
true
referrer-policy
no-referrer-when-downgrade
server
nginx
etag
W/"e8ea65b87662bbc18e6a7536b4607f56402220ed"
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
content-type
text/javascript
access-control-allow-origin
https://my.addshoppers.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
up
insight.adsrvr.org/track/ Frame 9BD4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=z24ba29&ref=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F%23%2Flogin&upid=2kdfr8n&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://newtekstaging.1800accountant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
content-type
text/html
date
Thu, 04 Jul 2024 02:43:45 GMT
server
Kestrel
/
www.facebook.com/tr/ 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1769898159978729&ev=GA4%20-%20User%20Interest&dl=https%3A%2F%2Fnewtekstaging.1800accountant.com&rl=&if=false&ts=1720061025564&sw=1600&sh=1200&v=2.9.160&r=stable&a=gtmss&ec=2&o=4124&fbp=fb.1.1720061023842.426064427604453806&pm=1&hrl=97511a&ler=empty&cdl=API_unavailable&it=1720061023678&coo=false&eid=db43e1a0-8ff3-4889-9a3c-9edb67e55166_1720061022751.48&cs_cc=1&cas=9547918145282579%2C6106969449417693%2C3005407556205821&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1297, tbw=7508, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 04 Jul 2024 02:43:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1769898159978729&ev=GA4%20-%20User%20Interest&dl=https%3A%2F%2Fnewtekstaging.1800accountant.com&rl=&if=false&ts=1720061025564&sw=1600&sh=1200&v=2.9.160&r=stable&a=gtmss&ec=2&o=4124&fbp=fb.1.1720061023842.426064427604453806&pm=1&hrl=97511a&ler=empty&cdl=API_unavailable&it=1720061023678&coo=false&eid=db43e1a0-8ff3-4889-9a3c-9edb67e55166_1720061022751.48&cs_cc=1&cas=9547918145282579%2C6106969449417693%2C3005407556205821&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x26e437bec978da86","source_keys":["1","2"]},{"key_piece":"0xd19456ce53d2172c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 04 Jul 2024 02:43:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387605851450103683", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=7678, tp=-1, tpl=-1, uplat=44, ullat=0
pragma
no-cache
x-fb-debug
NzZM29FqDe1GA5wE/ImLq4X/SteS8UnUCt4Y9jQFgqF3VoLwxWgfoyQBoKG8Lo6fL1F7Ul7MpevYvi1hYUDEGw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387605851450103683"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
partnerLogo.svg
1800-partner-logos.s3.amazonaws.com/newtek/ 		23 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://1800-partner-logos.s3.amazonaws.com/newtek/partnerLogo.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
54.231.224.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9ddb826214d4f527d64c1e4d2a99932f5c3a756037795488e85959a73326e819

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 02:43:45 GMT
Last-Modified
Fri, 25 Aug 2023 10:13:23 GMT
Server
AmazonS3
x-amz-request-id
CAK841KW1YVDG67E
ETag
"488ea41854f21e2a9c638dd71f80a1e6"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
23768
x-amz-id-2
l0zt3+UOIfKCs7nYWQfNOJICzJCaBhf5mhDBq6Knk+Q9ts85WoUdqFt70QyDvWYV9HhwgXvJd8o=
params
shop.pe/widget/main/init/ 		1 KB
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.pe/widget/main/init/params?siteid=6372a01ea7ee9104e597c4ab&product=Sign%20In%20%7C%20Newtek%20Accounting%2C%20provided%20by%201-800Accountant&product_url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F%23%2Flogin&callback=AddShoppersWidget.load_widget&rand=91642&cookie=2%7C1%3A0%7C10%3A1720061025%7C15%3Aaddshoppers.com%7C44%3AZDBmZmQwZmFlNjYzNDg4MzhlYWVhOGIxYTczNjg1M2E%3D%7C8cc75e46fb6d1aace5b15ab6b0293de4e677c15dca69d021daa27f018b76485e&referer=
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=2a338b8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
473308c10869e38017d61ed65258e6c2a71ce70605af3413def101ad8c1fff37
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:45 GMT
content-security-policy
frame-ancestors none;
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced
true
referrer-policy
no-referrer-when-downgrade
server
nginx
etag
W/"2b6225a114e2190d937c1b3ec235ca52f92ef178"
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
content-type
text/javascript
access-control-allow-origin
https://my.addshoppers.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
bframe
www.google.com/recaptcha/api2/ Frame D1F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LfFp3kUAAAAAG3m0hY9HPIS-uBhZ5K5_zF-7UVk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rsNSlX2Gt2_zLw2B91G1gQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://newtekstaging.1800accountant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-rsNSlX2Gt2_zLw2B91G1gQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 02:43:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
attribution
app.shop.pe/app/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.shop.pe/app/attribution
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://newtekstaging.1800accountant.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 04 Jul 2024 02:43:46 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-frame-options
deny
attribution
app.shop.pe/app/ 		32 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.shop.pe/app/attribution
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/sv/c/detector-bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2bccea39c98365b0e567bb0fa75d34a33157553223aaf68a8e123d518c544f90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 04 Jul 2024 02:43:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
nginx
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
application/json; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
9d3ffa73447149929e6e04660f5eb636.js
addshoppers.s3.amazonaws.com/customize/6372a01ea7ee9104e597c4ab/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://addshoppers.s3.amazonaws.com/customize/6372a01ea7ee9104e597c4ab/9d3ffa73447149929e6e04660f5eb636.js?_t=1700487617
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=2a338b8
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
16.182.42.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
59555ca135b4d072d1a1b43f92abe43145bd124fead11b72300c882ba0ed2628

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 02:43:47 GMT
Content-Encoding
gzip
x-amz-version-id
h2Yur_VNcqn09peHfzpFMj4gf0TwSCY6
Last-Modified
Mon, 20 Nov 2023 13:40:18 GMT
Server
AmazonS3
x-amz-request-id
H522DK8P0TAKS39P
ETag
"012784496a7761f796513cbdfa2a0fbe"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000, public
Accept-Ranges
bytes
Content-Length
1125
x-amz-id-2
i2rgRb9LJdDqtNR0GP7zf4F6MvznbHbOWvMw8pWfVj+THQWZCNKJRFV5h4e9/ROoMt3D7w4ZnPA=
input.js
shopper.shop.pe/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shopper.shop.pe/input.js
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.54.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
620a97911c6964bfc7cfacf4df74b3ba598ef728f2117675d171e4c62d500add

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 01:15:52 GMT
content-encoding
gzip
age
5273
x-guploader-uploadid
ACJd0NobbGx9F14agcJk-4Cv6mcy-57PSiXGNIiE1w8VFI_a4gvxsqejGPOXJuDd-vVXKf3cXeVSxVr_tg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8831
last-modified
Tue, 13 Feb 2024 16:47:53 GMT
server
UploadServer
etag
"d311745e83077b078fa566c77a15d9b5"
vary
Accept-Encoding
x-goog-generation
1707842873418606
x-goog-hash
crc32c=mi0bhQ==, md5=0xF0XoMHewePpWbHehXZtQ==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=14400
x-goog-stored-content-length
8831
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Thu, 04 Jul 2024 05:15:52 GMT
status
app.shop.pe/app/datapartners/ 		34 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.shop.pe/app/datapartners/status?usersite_id=6372a01ea7ee9104e597c4ab
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/sv/c/detector-bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
nginx
etag
W/"0467ba22658b680d6de72dc567071b5bc495547f"
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
application/json; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
consent
manage.safeopt.com/ 		0
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://manage.safeopt.com/consent
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/sv/c/detector-bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
data-regulation-gdpr-enforced
true
server
nginx
etag
"da39a3ee5e6b4b0d3255bfef95601890afd80709"
x-frame-options
deny
access-control-allow-methods
HEAD, GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Data-Regulation-Gdpr-Enforced
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, Data-Regulation-Gdpr-Enforced
iframe
nytrng.com/ Frame AFD7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://nytrng.com/iframe?vcp=4dd5h0np&as_id=d0ffd0fae66348838eaea8b1a736853a
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=2a338b8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.91.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a954c1fc80b8251dc.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://newtekstaging.1800accountant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
431
content-type
text/html; charset=utf-8
date
Thu, 04 Jul 2024 02:43:46 GMT
server
gunicorn
st
px.mountain.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.mountain.com/st?ga_tracking_id=UA-37700219-1&shpt=Sign%20In%20%7C%201-1800Accountant&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22UA-37700219-1%22%2C%22shpt%22%3A%22Sign%20In%20%7C%201-1800Accountant%22%2C%22dcm_cid%22%3A%221255332637.1720061023%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dcm_cid=1255332637.1720061023&available_ga=%5B%7B%22id%22%3A%22G-8TVG1SJ60Z%22%2C%22sess_id%22%3A%221720061023%22%7D%5D&hardcoded_ga=UA-37700219-1&dxver=4.0.0&shaid=32965&plh=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&cb=51751783007569490term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
Requested by
Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32965&tdr=&plh=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&cb=51751783007569490term=value
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.85.106.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-85-106-161.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e17e963edc0f1d6d80a1a80b7ef9c3b6fefa828689bfbf360697d986056518e8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:47 GMT
content-encoding
gzip
server
istio-envoy
transfer-encoding
chunked
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time
0
connection
close
gs
gs.mountain.com/ 		144 B
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gs.mountain.com/gs
Requested by
Host: px.mountain.com
URL: https://px.mountain.com/st?ga_tracking_id=UA-37700219-1&shpt=Sign%20In%20%7C%201-1800Accountant&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22UA-37700219-1%22%2C%22shpt%22%3A%22Sign%20In%20%7C%201-1800Accountant%22%2C%22dcm_cid%22%3A%221255332637.1720061023%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dcm_cid=1255332637.1720061023&available_ga=%5B%7B%22id%22%3A%22G-8TVG1SJ60Z%22%2C%22sess_id%22%3A%221720061023%22%7D%5D&hardcoded_ga=UA-37700219-1&dxver=4.0.0&shaid=32965&plh=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&cb=51751783007569490term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.212.4.35 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
045a8fa2a74e3442705d3fdd7cb35d6528accd068784ec92b0c5267a872857b6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 02:43:48 GMT
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
2
connection
close
access-control-allow-headers
Accept, Content-Type, x-requested-with, X-Custom-Header
content-length
144
x-application-context
application:prod:8080
st
px.mountain.com/ 		0
0
collect
region1.google-analytics.com/g/ 		0
17 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8TVG1SJ60Z&gtm=45je4730v883875236z877392707za200zb77392707&_p=1720061022751&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1255332637.1720061023&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&sid=1720061023&sct=1&seg=0&dl=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&dt=Sign%20In%20%7C%20Newtek%20Accounting%2C%20provided%20by%201-800Accountant&_s=3&tfd=6981&_z=fetch
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/sv/c/detector-bootstrap.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://newtekstaging.1800accountant.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 02:43:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newtekstaging.1800accountant.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.doubleclick.net
URL
https://ad.doubleclick.net/activity;register_conversion=1;src=12137571;type=global;cat=sitew0;ord=2704620009160;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps=1;pcor=271082105;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z877392707za201zb77392707;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F?
Domain
ad.doubleclick.net
URL
https://ad.doubleclick.net/activity;register_conversion=1;src=12137571;type=global;cat=sitew0;ord=8347441440840;npa=1;auiddc=1529280930.1720061023;u12=null;u13=null;u14=null;u15=null;u16=null;u21=%2Fsso%2F;ps=1;pcor=1417213789;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z877392707za201zb77392707;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F?
Domain
px.mountain.com
URL
https://px.mountain.com/st?ga_tracking_id=UA-37700219-1&shpt=Sign%20In%20%7C%201-1800Accountant&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22UA-37700219-1%22%2C%22shpt%22%3A%22Sign%20In%20%7C%201-1800Accountant%22%2C%22dcm_cid%22%3A%221255332637.1720061023%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dcm_cid=1255332637.1720061023&available_ga=%5B%7B%22id%22%3A%22G-8TVG1SJ60Z%22%2C%22sess_id%22%3A%221720061023%22%7D%5D&hardcoded_ga=UA-37700219-1&dxver=4.0.0&shaid=32965&plh=https%3A%2F%2Fnewtekstaging.1800accountant.com%2Fsso%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1720061027752566&shguid=85e20887-0fe9-30eb-b1ef-47f30179c051&shgts=1720061028806

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 undefined| event object| fence object| sharedStorage object| dataLayer object| google_tag_manager object| google_tag_data string| _linkedin_data_partner_id function| crumbleCookie function| bakeCookie function| writeLogic function| getParam function| calculateTrafficSource function| getTrafficSource string| ref_domain string| ref_path string| ref_search function| am_isNullOrUndefined function| am_checkQuery string| qString object| uParams object| med object| acc_sscid boolean| found object| acc_ss string| acc_ref object| acc_loc undefined| srchEngines undefined| socials object| CAConversion function| pdst function| getCookie function| rdt string| loc object| AddShoppersWidgetOptions function| am_checkForNotFound string| sameInput string| prevInput number| am_interval_NF string| contentPath undefined| contentCat string| uatSrc object| webUatScript object| ApiConfig object| webpackChunk function| setImmediate function| clearImmediate object| date string| dateFin string| source1 string| source1a string| source1Fin string| medium1 string| medium1a string| medium1Fin object| gclid object| nameArray object| nameArray1 function| fbq function| _fbq function| am_checkForNav number| am_nav_loadTime object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal function| lintrk boolean| _already_called_lintrk number| 2f1acc6c3a606b082e5eef5e54414ffb function| IMask object| AWIN function| getErrorMessage function| isIE function| sendDebugEvent object| shrslImgs function| AwinCustomEvent function| UET function| UET_init function| UET_push function| spdt function| redditNormalizeEmail object| ueto_cc7fe891e1 object| uetq object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint function| ttd_dom_ready object| ttd_up_api function| TTDUniversalPixelApi object| ttdPixel boolean| detectorSupportedBrowsersCompatible string| loaderPath object| configAtt undefined| currentScript number| lastSeparatorIndex string| configPath function| loadGBScript string| dcm_cid undefined| dcm_tid undefined| dcm_gid object| AddShoppersLoader object| AddShoppersLoaderErrorHandlers function| AddShoppersTriggerRunner object| ube function| as_cleanse_field function| as_detect_cc function| as_gaPageView function| as_gaSocial function| as_gaEvent function| as_gaSet function| as_logMessage function| DataPartnerStatusGeo function| as_logError function| as_resolveEnvironmentURL function| asShopifyCPTag function| asShopifyCPCartUpdate function| asShopifyParseImageSrc function| asShopifyCPProductBrowsed function| asShopifyCMPushCart function| asShopifyCPConversion function| asShopifyCPCartAddItem object| _mag object| AddShoppersWidget function| AddShoppersWidget_plus_one object| SchemaParser object| _add number| ieVer object| obj number| AddShoppersWidgetLoaded object| AddShoppersWidgetLang object| _cls_config object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| webpackChunkdetector function| GBdetectIncognito object| _gbLocalStorage object| _gbSessionStorage string| _detectorDomPath object| _detector object| convertize object| ORIBILI object| recaptcha object| closure_lm_753583 object| stored object| result boolean| _iml function| setCookie undefined| gclsrc function| readCookie undefined| FirstSessionCookie undefined| ReturningSessionCookie function| am_checkFor404 number| am_interval_404 function| am_stop_interval_onload function| getEmail function| sitewide_bing_event function| am_checkForConfirmation number| am_interval_conf boolean| is_mocked function| asCartItems function| asCart function| asIsProductPage function| asCartRows string| avail_ga_sorted function| sh_pixel object| irongate

27 Cookies

Domain/Path Name / Value
c2001.report.gbss.io/b8wdf3a4/reporting/19c94dcf-f413-9f33-b461-92ecf9265cd7 Name: _cls_cfgver
Value: 0
c2001.report.gbss.io/b8wdf3a4/reporting/19c94dcf-f413-9f33-b461-92ecf9265cd7 Name: _cls_v
Value: 6ed85cbb-4946-4d94-ae15-54cb68c53d98
c2001.report.gbss.io/b8wdf3a4/reporting/19c94dcf-f413-9f33-b461-92ecf9265cd7 Name: _cls_s
Value: fb14d1f6-4295-4123-aa44-9d13290e3ee1:0
c2001.report.gbss.io/b8wdf3a4/reporting/19c94dcf-f413-9f33-b461-92ecf9265cd7 Name: rto
Value: c0
.1800accountant.com/ Name: _gcl_au
Value: 1.1.1529280930.1720061023
newtekstaging.1800accountant.com/ Name: FirstSession
Value: source%3Ddirect%26medium%3Dnone%26campaign%3Ddirect%26term%3D%26content%3D%26date%3D20240704
.1800accountant.com/ Name: _ga
Value: GA1.1.1255332637.1720061023
.js.ubembed.com/ Name: __cf_bm
Value: 46lMLdHgB4GRyaEZAyzXhm6R.wpnZCbZ.h3hDyJELRw-1720061023-1.0.1.1-ZjXQRP12VK8MuXGgNIoUmpYwxwuL0wL6Ufr97Z0QTgu3H2iFTI5EmescAwr.UWIfF4Mtne47YFK2oVUUr2GGyQ
newtekstaging.1800accountant.com/ Name: __pdst
Value: 21088dcfe1df4bd0b0b206ed8abb3fb1
.1800accountant.com/ Name: _rdt_uuid
Value: 1720061023622.7898241e-d1e9-47b0-821b-a20bf1e88d91
.1800accountant.com/ Name: _uetsid
Value: 3a8f1db039af11ef82bbfb2b19a0e9c5
.1800accountant.com/ Name: _uetvid
Value: 3a8f1d4039af11ef963bd10b9486c75c
.linkedin.com/ Name: bcookie
Value: "v=2&ff60e40e-99ab-4c0a-8783-7442da2498b7"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjAwNjEwMjM7MjswMjE7NiMkzwkQvVXn10K5nObcG9cGAlm3+bQwrBW2OijYSw==
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2822:u=1:x=1:i=1720061023:t=1720147423:v=2:sig=AQHrOZIve6QPeRBY8KhfTr1csPUjUOH4"
.bing.com/ Name: MUID
Value: 35FB531E7F5861551EE847AC7EF460B5
.1800accountant.com/ Name: _fbp
Value: fb.1.1720061023842.426064427604453806
.1800accountant.com/ Name: _cls_v
Value: 6ed85cbb-4946-4d94-ae15-54cb68c53d98
.1800accountant.com/ Name: _cls_s
Value: fb14d1f6-4295-4123-aa44-9d13290e3ee1:0
.doubleclick.net/ Name: IDE
Value: AHWqTUnOJth18nvfrkjkEP2pGWlvtCjYFewTlY6rsGNU-JfkbFubm63nNjbGROVP
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.1800accountant.com/ Name: rto
Value: c0
.1800accountant.com/ Name: cls_e
Value: fb14d1f6-4295-4123-aa44-9d13290e3ee1:244350746520436
.1800accountant.com/ Name: _ga_8TVG1SJ60Z
Value: GS1.1.1720061023.1.0.1720061025.0.0.0
shop.pe/ Name: addshoppers
Value: "2|1:0|10:1720061025|11:addshoppers|44:ZDBmZmQwZmFlNjYzNDg4MzhlYWVhOGIxYTczNjg1M2E=|99980319b6c47f1e9528eda61222f3a92e789bb298441c0570956b884435d73a"
newtekstaging.1800accountant.com/ Name: addshoppers.com
Value: 2%7C1%3A0%7C10%3A1720061025%7C15%3Aaddshoppers.com%7C44%3AZDBmZmQwZmFlNjYzNDg4MzhlYWVhOGIxYTczNjg1M2E%3D%7C8cc75e46fb6d1aace5b15ab6b0293de4e677c15dca69d021daa27f018b76485e
.mountain.com/ Name: guid
Value: 3d04330d-39af-11ef-bb09-fb7dbb4657ee

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://newtekstaging.1800accountant.com/sso/#/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12137571.fls.doubleclick.net
1800-partner-logos.s3.amazonaws.com
aa77c093d7c74bbea6cdbf73f6113fc6.js.ubembed.com
ad.doubleclick.net
addshoppers.s3.amazonaws.com
alb.reddit.com
app.shop.pe
assets.ubembed.com
bat.bing.com
c2001.report.gbss.io
cdn.gbqofs.com
cdn.pdst.fm
connect.facebook.net
d2mjzob2nc713b.cloudfront.net
dx.mountain.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gs.mountain.com
insight.adsrvr.org
js.adsrvr.org
manage.safeopt.com
newtekstaging.1800accountant.com
nytrng.com
pagead2.googlesyndication.com
pixel-config.reddit.com
pixels.spotify.com
px.ads.linkedin.com
px.mountain.com
px4.ads.linkedin.com
region1.google-analytics.com
shop.pe
shopper.shop.pe
snap.licdn.com
www.dwin1.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
ad.doubleclick.net
px.mountain.com
108.138.26.47
13.107.42.14
142.250.181.232
142.250.185.130
142.250.185.196
142.250.186.102
15.197.193.217
151.101.1.140
151.101.65.140
16.182.42.161
172.217.16.195
172.64.148.75
18.172.103.101
2001:4860:4802:32::36
216.239.32.36
216.58.206.34
216.58.212.130
2600:1901:1:7c5::
2600:9000:214f:b800:f:8ce2:fb80:93a1
2600:9000:26e8:0:d:370a:51c0:93a1
2606:4700::6812:190d
2620:1ec:21::14
2620:1ec:c11::237
2a00:1450:4001:80b::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a02:26f0:3500:10::210:a9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::396
3.208.136.209
3.227.142.181
34.212.4.35
35.190.54.17
35.227.244.1
35.244.142.80
35.85.106.161
44.209.137.118
54.156.2.105
54.231.224.249
75.2.91.175
045a8fa2a74e3442705d3fdd7cb35d6528accd068784ec92b0c5267a872857b6
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
0be0be38268cf69d7669aff641b34479848fd7f6a4b0d5c84c1dbe853c45f5d0
1d2d44fda9a79b09502fad83a9e4a2d4a21deda6135eec6342a07e56a7911af0
1f48abaa1a55cc000c18dd12c711601d78beed02ed55ff2031270ecc221a3955
2657935e468a24a6a7c5e62921feb0d59d6453f8d142be8a86a9521b6c7b654e
2bb8bd87e231ac9f9f22c98b1aae09d04ffc1bed75d096dacf0e629473151074
2bccea39c98365b0e567bb0fa75d34a33157553223aaf68a8e123d518c544f90
2c8972d4cda2b7ec184640f6e046d1d2a704b86e7faea561e950d6725dcd98f2
38a45efcf58b8967d12a74fe60181cbc16c29c4e36724189592b97639354ad5b
3a4a98d6514c6502f2626ff48bb52584c10a0d07bba32990d9f5501af3988d9d
40ca9002da219f501accbc477e73d25002a3c4e1d4fe640f41bc5ea0f6ecbdf7
421cbe9ece067ad952bb7cb63d215cfb92a4431f05eb6cfffa9f642304ea960d
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
45fdcedbeb833ea40206c98dfcbfa73842f72d53f166a26b47ecc3b01a55286d
473308c10869e38017d61ed65258e6c2a71ce70605af3413def101ad8c1fff37
47cf7eb128466aec119c19941ba5956299b36d1627c06385598ec500041aa6f8
4f622a0af5e2151febb626730108cc195956e043f09d15236ac1c29e6836bc1f
59555ca135b4d072d1a1b43f92abe43145bd124fead11b72300c882ba0ed2628
5d90caa34c0c7ba0696d80b0bf67f722ad72a8a0d48575e5f1ded0cbdee9eacc
605841fa32cf0467e9c259a2228f200a9f8265dbeae9a97ca174899fc806afe3
620a97911c6964bfc7cfacf4df74b3ba598ef728f2117675d171e4c62d500add
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
6564461d8954e27f39f5e0ed777ded4a0878e4a4e548d980a680bad09a72587c
65f297db27fc964a20f8920a595f572eb9fd59206590fdcc81c0dd532b7dd057
66588825495424043ad6a10e6edd6676c59617237541c940f34bdc0756b29687
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8f235d19f5cf10061b266c784723b2829a7acab9b88ac8924b5aac3d0be0b438
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
9ddb826214d4f527d64c1e4d2a99932f5c3a756037795488e85959a73326e819
a91795375fc316f8d965c7de43d69e0b1da8522dd3bb9d7b783b214067ccf097
aa1e4349a7bf3334ac772cbc06cdd326f747d47b20d8a9f2e31d839c442b67ce
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b04d72546f3d807901ac18982112fcf6c50c115095f76755040cd6be758599a7
b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1
b7fe6544c8bb8c42931915084abfeaeb22b41fca6add8cdbafce6259f89ba62c
c39fa609f4a9b43e493115c723b102147f9025008bd24841e7732c5f253edd51
c4fa09f8a3e2e00550e316c55a5cfd80e21badeccc82ff3c9f6108cc62bfc569
c5feb9809df90e6d140e6e1cd02512ca43970d200fbbf205b10ffeca89b42e85
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbb9b87ad8f1e3fe9163e87e676fcb269040bf5bc7e9f86a0926e2e336009c7d
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
db9eb108270291e580ccd03b0d66f04460d4b02189fc2e8f9315a7e249350174
de2ac39a7f010d61500448cc883121d6e493955cc3b008edffe56f9a30ab35e6
e17e963edc0f1d6d80a1a80b7ef9c3b6fefa828689bfbf360697d986056518e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f6aa08b80019c73da6720c6043b03f79471926a7eb9402d8ea9bf4f07d284547
f8d3f4e824dfbf930ebd2a213d1f5ac6005dc1c171372e27fb5b0530406e1f7e
f9e16e9bb56f161af64f1aa2e7d7c1b9404a7f1d69e8c0d1f8684bd52687a2ca
fa4c903f01e62b7f2adc159ccd079468cf259b620ca307bdd6d5d509275601c2
fd11493790d857287ae56c4ef0b5bdea1a8556e9800163a24f64b3d189e0e549