oauth.dsh-agency.com Open in urlscan Pro
164.92.176.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://myaccount.lrwriters.com/
Effective URL:
https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Submission: On September 02 via automatic, source certstream-suspicious (September 2nd 2024, 10:17:42 am UTC) — Scanned from CA

Summary HTTP 57 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 13 domains to perform 57 HTTP transactions. The main IP is 164.92.176.90, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is oauth.dsh-agency.com.
TLS certificate: Issued by R10 on September 2nd 2024. Valid for: 3 months.

This is the only time oauth.dsh-agency.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	157.230.97.66 157.230.97.66	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	104.26.3.63 104.26.3.63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.106.101 108.138.106.101	16509 (AMAZON-02) (AMAZON-02)
1	68.70.205.2 68.70.205.2	44239 (PROINITY ...) (PROINITY PROINITY)
1	18.164.96.77 18.164.96.77	16509 (AMAZON-02) (AMAZON-02)
1	104.26.13.205 104.26.13.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.65.202 142.250.65.202	15169 (GOOGLE) (GOOGLE)
1	54.165.165.134 54.165.165.134	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.63.46 13.225.63.46	16509 (AMAZON-02) (AMAZON-02)
14	148.251.23.206 148.251.23.206	24940 (HETZNER-AS) (HETZNER-AS)
2	206.81.27.11 206.81.27.11	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	142.250.80.67 142.250.80.67	15169 (GOOGLE) (GOOGLE)
9	164.92.176.90 164.92.176.90	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	142.250.80.104 142.250.80.104	15169 (GOOGLE) (GOOGLE)
2	142.251.35.174 142.251.35.174	15169 (GOOGLE) (GOOGLE)
1	108.138.106.124 108.138.106.124	16509 (AMAZON-02) (AMAZON-02)
2	31.13.71.7 31.13.71.7	32934 (FACEBOOK) (FACEBOOK)
2	31.13.71.36 31.13.71.36	32934 (FACEBOOK) (FACEBOOK)
1	18.164.96.90 18.164.96.90	16509 (AMAZON-02) (AMAZON-02)
57	20

5 157.230.97.66 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

myaccount.lrwriters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.3.63 (None, )

ASN13335 (CLOUDFLARENET, US)

veraviews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-101.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.70.205.2 (United States)

ASN44239 (PROINITY PROINITY, CH)

cdn.signalayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-77.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.202 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.165.165.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-165-134.compute-1.amazonaws.com

pp.signalayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-46.ewr53.r.cloudfront.net

data.signalayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 148.251.23.206 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.206.23.251.148.clients.your-server.de

account.lrwriters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 206.81.27.11 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

tickettool.dsh-agency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.67 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 164.92.176.90 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

oauth.dsh-agency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth-back.dsh-agency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.104 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.35.174 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	lrwriters.com myaccount.lrwriters.com — Cisco Umbrella Rank: 855577 account.lrwriters.com — Cisco Umbrella Rank: 467725	1 MB
11	dsh-agency.com tickettool.dsh-agency.com — Cisco Umbrella Rank: 941349 oauth.dsh-agency.com Failed auth-back.dsh-agency.com	540 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	121 KB
3	signalayer.com cdn.signalayer.com — Cisco Umbrella Rank: 650189 pp.signalayer.com — Cisco Umbrella Rank: 269833 data.signalayer.com — Cisco Umbrella Rank: 672548	78 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	70 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	gstatic.com fonts.gstatic.com	46 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	102 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	853 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2512	164 B
1	veraviews.com veraviews.com — Cisco Umbrella Rank: 471255	5 KB
0	polyfill.io Failed cdn.polyfill.io Failed
57	13

	Domain	Requested by
14	account.lrwriters.com	myaccount.lrwriters.com
7	oauth.dsh-agency.com	myaccount.lrwriters.com oauth.dsh-agency.com
5	myaccount.lrwriters.com	myaccount.lrwriters.com
2	www.facebook.com	oauth.dsh-agency.com
2	connect.facebook.net	myaccount.lrwriters.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	auth-back.dsh-agency.com	oauth.dsh-agency.com
2	fonts.gstatic.com	fonts.googleapis.com
2	tickettool.dsh-agency.com	myaccount.lrwriters.com
2	script.hotjar.com	static.hotjar.com
2	static.hotjar.com	myaccount.lrwriters.com
1	www.googletagmanager.com	oauth.dsh-agency.com
1	data.signalayer.com	cdn.signalayer.com
1	pp.signalayer.com	cdn.signalayer.com
1	fonts.googleapis.com	myaccount.lrwriters.com
1	api.ipify.org	cdn.signalayer.com
1	cdn.signalayer.com	myaccount.lrwriters.com
1	veraviews.com	myaccount.lrwriters.com
0	cdn.polyfill.io Failed	oauth.dsh-agency.com
57	19

This site contains links to these domains. Also see Links.

Domain
recruiting.livingston-research.com
apply.livingston-research.com

Subject Issuer	Validity	Valid
myaccount.lrwriters.com R10	`2024-09-02` - `2024-12-01`	3 months	crt.sh
veraviews.com WE1	`2024-07-22` - `2024-10-20`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
cdn.signalayer.com R10	`2024-08-27` - `2024-11-25`	3 months	crt.sh
ipify.org WE1	`2024-07-18` - `2024-10-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.signalayer.com Amazon RSA 2048 M02	`2024-02-07` - `2025-03-05`	a year	crt.sh
account.lrwriters.com R10	`2024-08-28` - `2024-11-26`	3 months	crt.sh
tickettool.dsh-agency.com R11	`2024-09-02` - `2024-12-01`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
oauth.dsh-agency.com R10	`2024-09-02` - `2024-12-01`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
auth-back.dsh-agency.com R11	`2024-07-08` - `2024-10-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-11` - `2024-09-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Frame ID: EBDB2624142F92B0363F020D645E9702
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Livingston Research Authorization

Page URL History Show full URLs

https://myaccount.lrwriters.com/ Page URL
https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8= Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

57
Requests

86 %
HTTPS

0 %
IPv6

13
Domains

19
Subdomains

20
IPs

3
Countries

2245 kB
Transfer

7119 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://recruiting.livingston-research.com/login
Title: Login here

Search URL Search Domain Scan URL

URL: http://apply.livingston-research.com/req/stage1?ref=login-form
Title: Sign up

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://myaccount.lrwriters.com/ Page URL
https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
myaccount.lrwriters.com/ 4 KB
2 KB 429ms
112ms Document
text/html 157.230.97.66
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.lrwriters.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.97.66 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: a106745ab737317f6a9d0ed31f477ad9326c17cf055d9d5d0fec9c07c8bde516

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 02 Sep 2024 10:17:31 GMT
ETag: W/"668bfcdf-ed4"
Expires: Mon, 02 Sep 2024 10:17:31 GMT
Last-Modified: Mon, 08 Jul 2024 14:51:11 GMT
Server: nginx/1.17.10
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK main.c8150b9e.js Show response
myaccount.lrwriters.com/ 4 MB
1 MB 213ms
213ms Script
application/javascript 157.230.97.66
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.lrwriters.com/main.c8150b9e.js
Requested by: Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.97.66 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: 374d09af8bd45522f8320b89c5a3063f6fb76e9941b951e1a4ecedb1ad6b1893

Request headers

Referer: https://myaccount.lrwriters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:17:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jul 2024 14:51:11 GMT
Server: nginx/1.17.10
ETag: W/"668bfcdf-3fd9bf"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Tue, 02 Sep 2025 10:17:31 GMT

GET
H/1.1 200
OK main.c8150b9e.css
myaccount.lrwriters.com/ 570 KB
132 KB 463ms
226ms Stylesheet
text/css 157.230.97.66
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.lrwriters.com/main.c8150b9e.css
Requested by: Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.97.66 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: b1aae252786e642e1c24a8a0a465a17396ca96f5d8e498163028bb78754a7b78

Request headers

Referer: https://myaccount.lrwriters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:17:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jul 2024 14:51:11 GMT
Server: nginx/1.17.10
ETag: W/"668bfcdf-8e9f1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Tue, 02 Sep 2025 10:17:31 GMT

GET
H2 200 c5.js Show response
veraviews.com/scripts/ 10 KB
5 KB 137ms
65ms Script
application/javascript 104.26.3.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://veraviews.com/scripts/c5.js?srid=1501
Requested by: Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.63 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 142619e21f301b38d643d030accdb300f989ab65f27aa20f2b0102243404822e

Request headers

Referer: https://myaccount.lrwriters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:17:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 09 Aug 2024 16:21:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b64218-2785"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2BwYlMmpVBFSt%2FaGsYl2CTxJ80mM%2FWd66XKQj8AiGNwqyc9C1dadChhIDEJeDQqo0pi3DHNum50%2B4u%2B%2F1HTqFSXW%2Bfi%2BMR62dV3hsUPRGGxUM8JOLWtz58XjPfBpv04%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8bccc033edefa1fe-YYZ

GET
H2 200 hotjar-2055233.js Show response
static.hotjar.com/c/ 11 KB
5 KB 120ms
36ms Script
application/javascript 108.138.106.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2055233.js?sv=6

Requested by

Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-101.jfk50.r.cloudfront.net

Software

Resource Hash

b2ba6554c514a083e13a0fa0d1e7010728edaf1c9247db92f7f7359e7e4dcb25

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.lrwriters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 02 Sep 2024 10:17:25 GMT
via: 1.1 f07e3fd03d3423bceb1c6083ab62cf8a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 6
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/fbf4530078a56e19717c2bb5e5228f85
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: SU9avKpGL91cROhydmurHz6yE0K--rMDKj1TOCsdmz4UL62OMIkBBA==

GET
H2 200 player.js Show response
cdn.signalayer.com/static/ 465 KB
78 KB 239ms
29ms Script
application/javascript 68.70.205.2
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.signalayer.com/static/player.js
Requested by: Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.70.205.2 , United States, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: c7e52d1b3ea7535d114503d9e51c845219a1511941dce3bf1d8d69506ade2441

Request headers

Referer: https://myaccount.lrwriters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:17:31 GMT
content-encoding: gzip
x-amz-request-id: FAPH6ZET5P7Z38RD
x-edge-location: usch
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 78861
x-amz-id-2: GeVhvQUa18eqkOvB9dZbAYw9UosAz2ft14I1M3BQQNCq/zzclRAtxnQnhX7wF8LMKknoX1ROCvg=
last-modified: Tue, 31 Jan 2023 15:02:04 GMT
server: keycdn
etag: "191bc835eeccce5834de621a07cca7ba"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://s3.amazonaws.com/signalayer-static-player/static/player.js>; rel="canonical"
expires: Mon, 09 Sep 2024 10:17:31 GMT

GET
H2 200 modules.8da33a8f469c3b5ffcec.js Show response
script.hotjar.com/ 223 KB
56 KB 154ms
52ms Script
application/javascript 18.164.96.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2055233.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-77.jfk50.r.cloudfront.net

Software

Resource Hash

76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.lrwriters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e80aeefdda01afc3c41fc332ff42e7ac.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 2922865
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56385
last-modified: Tue, 30 Jul 2024 14:22:40 GMT
etag: "0728625a147ca79276a1790b9cf3175d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: CnRif63aIvJWxuGw5qLPBt7p2mzo3ybZZUL24aWp5ILN8v3YfJTelg==

GET
H2 200 / Show response
api.ipify.org/ 29 B
164 B 229ms
46ms Script
application/javascript 104.26.13.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=getIP
Requested by: Host: cdn.signalayer.com
URL: https://cdn.signalayer.com/static/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb186695b214382b71b146c968d2be5902d100df97463aae70addf6110cfff3c

Request headers

Referer: https://myaccount.lrwriters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:17:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8bccc036d8beac18-YYZ
content-length: 29
vary: Origin
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 3 KB
853 B 215ms
51ms Stylesheet
text/css 142.250.65.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/main.c8150b9e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.202 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f10.1e100.net

Software

ESF /

Resource Hash

bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://myaccount.lrwriters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Sep 2024 10:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 02 Sep 2024 08:34:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Sep 2024 10:17:32 GMT

GET
H2 200 3d214891-7e32-41b1-bfeb-615508762ca3 Show response
pp.signalayer.com/ 2 B
260 B 243ms
40ms Fetch
text/plain 54.165.165.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.signalayer.com/3d214891-7e32-41b1-bfeb-615508762ca3
Requested by: Host: cdn.signalayer.com
URL: https://cdn.signalayer.com/static/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.165.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-165-134.compute-1.amazonaws.com
Software: nginx/1.15.8 / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, application/xml, text/play, text/html, *.*
Referer: https://myaccount.lrwriters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:17:32 GMT
server: nginx/1.15.8
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization
content-length: 2

GET
H2 200 3d214891-7e32-41b1-bfeb-615508762ca3.json Show response
data.signalayer.com/player/fetch/ 2 B
476 B 278ms
76ms Fetch
application/json 13.225.63.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.signalayer.com/player/fetch/3d214891-7e32-41b1-bfeb-615508762ca3.json
Requested by: Host: cdn.signalayer.com
URL: https://cdn.signalayer.com/static/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-46.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, application/xml, text/play, text/html, *.*
Referer: https://myaccount.lrwriters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:17:33 GMT
via: 1.1 5ec6b37107376867228d2ed46a794602.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 2
last-modified: Mon, 01 Jan 2024 18:08:18 GMT
server: AmazonS3
etag: "99914b932bd37a50b983c5e7c90ae93b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: K3DmASz5DeaIh-j0k0MwUEbcaPRnP7af7VkTtDEADhhGmHlORLLcKQ==

OPTIONS
H/1.1 200
OK notices_notification
account.lrwriters.com/api/v3/profile/ 0
0 475ms
114ms Preflight
text/html 148.251.23.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.lrwriters.com/api/v3/profile/notices_notification?limit=20&sort=-created_at&event_tag[]=notify_mark_bad&event_tag[]=notify_issue_cancelled&event_tag[]=notify_issue_closed&event_tag[]=notify_notice_bad&event_tag[]=notify_writer_order_feedback_cancelled&event_tag[]=notify_veriff_declined&event_tag[]=notify_veriff_resubmission&event_tag[]=notify_group_down&event_tag[]=notify_mark_good&event_tag[]=notify_mark_update&event_tag[]=notify_mark_hide&event_tag[]=notify_writer_order_feedback_resolved&event_tag[]=notify_veriff_approved&event_tag[]=notify_group_up&event_tag[]=notify_issue_resolved&event_tag[]=notify_revision_accept&event_tag[]=notify_rdd_changed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.206.23.251.148.clients.your-server.de

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-role
Access-Control-Request-Method: GET
Origin: https://myaccount.lrwriters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-token, x-device, x-role
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://myaccount.lrwriters.com
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 02 Sep 2024 10:17:33 GMT
Server: nginx/1.4.6 (Ubuntu)
Transfer-Encoding: chunked
Vary: Origin
X-Frame-Options: SAMEORIGIN
X-Request-Id: 91da073c-6914-11ef-9271-001e67c47479

GET
H/1.1 401
UNAUTHORIZED notices_notification Show response
account.lrwriters.com/api/v3/profile/ 28 B
489 B 475ms
134ms Fetch
application/json 148.251.23.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/main.c8150b9e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.206.23.251.148.clients.your-server.de

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

5b99c9400ab7996ccd1db777e200ed0f459e3283f78f78aa2e5ee9d3c158e2ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://myaccount.lrwriters.com/
X-Role: writer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 02 Sep 2024 10:17:34 GMT
WWW-Authenticate: Token
Server: nginx/1.4.6 (Ubuntu)
Vary: Origin, Cookie
Transfer-Encoding: chunked
Content-Type: application/json
Allow: GET, POST, PATCH, HEAD, OPTIONS
Access-Control-Allow-Origin: https://myaccount.lrwriters.com
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Request-Id: 921faa6c-6914-11ef-bec3-001e67c47479

GET
H/1.1 401
UNAUTHORIZED profile Show response
account.lrwriters.com/api/v3/ 28 B
489 B 731ms
116ms Fetch
application/json 148.251.23.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.lrwriters.com/api/v3/profile

Requested by

Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/main.c8150b9e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.206.23.251.148.clients.your-server.de

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

5b99c9400ab7996ccd1db777e200ed0f459e3283f78f78aa2e5ee9d3c158e2ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://myaccount.lrwriters.com/
X-Role: writer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 02 Sep 2024 10:17:34 GMT
WWW-Authenticate: Token
Server: nginx/1.4.6 (Ubuntu)
Vary: Origin, Cookie
Transfer-Encoding: chunked
Content-Type: application/json
Allow: GET, POST, PATCH, HEAD, OPTIONS
Access-Control-Allow-Origin: https://myaccount.lrwriters.com
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Request-Id: 92586fb4-6914-11ef-b2c3-001e67c47479

GET
H/1.1 401
UNAUTHORIZED notification Show response
account.lrwriters.com/api/v3/ 24 B
472 B 651ms
134ms Fetch
application/json 148.251.23.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.lrwriters.com/api/v3/notification

Requested by

Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/main.c8150b9e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.206.23.251.148.clients.your-server.de

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

1207c6115e8c70ec062f7065cc18ea18f886133ffd5afe863a7b8b10f9d23a60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://myaccount.lrwriters.com/
X-Role: writer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 02 Sep 2024 10:17:34 GMT
WWW-Authenticate: Token
Server: nginx/1.4.6 (Ubuntu)
Vary: Origin, Cookie
Transfer-Encoding: chunked
Content-Type: application/json
Allow: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://myaccount.lrwriters.com
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Request-Id: 92498a58-6914-11ef-8221-001e67c47479

GET
H/1.1 401
UNAUTHORIZED settings Show response
account.lrwriters.com/api/v3/ 24 B
472 B 650ms
115ms Fetch
application/json 148.251.23.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.lrwriters.com/api/v3/settings?country_list=1

Requested by

Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/main.c8150b9e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.206.23.251.148.clients.your-server.de

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

1207c6115e8c70ec062f7065cc18ea18f886133ffd5afe863a7b8b10f9d23a60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://myaccount.lrwriters.com/
X-Role: writer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 02 Sep 2024 10:17:34 GMT
WWW-Authenticate: Token
Server: nginx/1.4.6 (Ubuntu)
Vary: Origin, Cookie
Transfer-Encoding: chunked
Content-Type: application/json
Allow: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://myaccount.lrwriters.com
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Request-Id: 9246667a-6914-11ef-9271-001e67c47479

GET
H/1.1 401
Unauthorized state_data
tickettool.dsh-agency.com/api/v1/ 0
0 376ms
130ms Fetch
text/html 206.81.27.11
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://tickettool.dsh-agency.com/api/v1/state_data

Requested by

Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/main.c8150b9e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.81.27.11 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.17.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.lrwriters.com/
X-Role: writer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 02 Sep 2024 10:17:33 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 9ebae578-0ada-414e-92fd-df520b425d33
X-Runtime: 0.002846
Server: nginx/1.17.2
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: https://myaccount.lrwriters.com
Access-Control-Expose-Headers
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-Frame-Options: SAMEORIGIN
Vary: Origin

GET
H/1.1 401
UNAUTHORIZED notices Show response
account.lrwriters.com/api/v3/profile/ 28 B
489 B 557ms
116ms Fetch
application/json 148.251.23.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.lrwriters.com/api/v3/profile/notices

Requested by

Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/main.c8150b9e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.206.23.251.148.clients.your-server.de

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

5b99c9400ab7996ccd1db777e200ed0f459e3283f78f78aa2e5ee9d3c158e2ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://myaccount.lrwriters.com/
X-Role: writer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 02 Sep 2024 10:17:34 GMT
WWW-Authenticate: Token
Server: nginx/1.4.6 (Ubuntu)
Vary: Origin, Cookie
Transfer-Encoding: chunked
Content-Type: application/json
Allow: GET, POST, PATCH, HEAD, OPTIONS
Access-Control-Allow-Origin: https://myaccount.lrwriters.com
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Request-Id: 9234e364-6914-11ef-8a43-001e67c47479

GET
H/1.1 401
UNAUTHORIZED live_schedules Show response
account.lrwriters.com/api/v3/ 24 B
472 B 558ms
175ms Fetch
application/json 148.251.23.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.lrwriters.com/api/v3/live_schedules?all=true&deleted=true

Requested by

Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/main.c8150b9e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.206.23.251.148.clients.your-server.de

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

1207c6115e8c70ec062f7065cc18ea18f886133ffd5afe863a7b8b10f9d23a60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://myaccount.lrwriters.com/
X-Role: writer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 02 Sep 2024 10:17:34 GMT
WWW-Authenticate: Token
Server: nginx/1.4.6 (Ubuntu)
Vary: Origin, Cookie
Transfer-Encoding: chunked
Content-Type: application/json
Allow: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://myaccount.lrwriters.com
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Request-Id: 9233ca88-6914-11ef-bec3-001e67c47479

OPTIONS
H/1.1 200
OK profile
account.lrwriters.com/api/v3/ 0
0 573ms
199ms Preflight
text/html 148.251.23.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.lrwriters.com/api/v3/profile

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.206.23.251.148.clients.your-server.de

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-role
Access-Control-Request-Method: GET
Origin: https://myaccount.lrwriters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-token, x-device, x-role
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://myaccount.lrwriters.com
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 02 Sep 2024 10:17:34 GMT
Server: nginx/1.4.6 (Ubuntu)
Transfer-Encoding: chunked
Vary: Origin
X-Frame-Options: SAMEORIGIN
X-Request-Id: 91e9370c-6914-11ef-b2c3-001e67c47479

OPTIONS
H/1.1 200
OK notification
account.lrwriters.com/api/v3/ 0
0 554ms
186ms Preflight
text/html 148.251.23.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.lrwriters.com/api/v3/notification

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.206.23.251.148.clients.your-server.de

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-role
Access-Control-Request-Method: GET
Origin: https://myaccount.lrwriters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-token, x-device, x-role
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://myaccount.lrwriters.com
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 02 Sep 2024 10:17:33 GMT
Server: nginx/1.4.6 (Ubuntu)
Transfer-Encoding: chunked
Vary: Origin
X-Frame-Options: SAMEORIGIN
X-Request-Id: 91e6271a-6914-11ef-9cbc-001e67c47479

OPTIONS
H/1.1 200
OK settings
account.lrwriters.com/api/v3/ 0
0 531ms
166ms Preflight
text/html 148.251.23.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.lrwriters.com/api/v3/settings?country_list=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.206.23.251.148.clients.your-server.de

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-role
Access-Control-Request-Method: GET
Origin: https://myaccount.lrwriters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-token, x-device, x-role
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://myaccount.lrwriters.com
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 02 Sep 2024 10:17:33 GMT
Server: nginx/1.4.6 (Ubuntu)
Transfer-Encoding: chunked
Vary: Origin
X-Frame-Options: SAMEORIGIN
X-Request-Id: 91e320ba-6914-11ef-8a43-001e67c47479

OPTIONS
H/1.1 200
OK state_data
tickettool.dsh-agency.com/api/v1/ 0
0 385ms
117ms Preflight
text/plain 206.81.27.11
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://tickettool.dsh-agency.com/api/v1/state_data
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 206.81.27.11 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-role
Access-Control-Request-Method: GET
Origin: https://myaccount.lrwriters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-role
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
Access-Control-Allow-Origin: https://myaccount.lrwriters.com
Access-Control-Expose-Headers
Access-Control-Max-Age: 1728000
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/plain
Date: Mon, 02 Sep 2024 10:17:33 GMT
Expires: Wed, 02 Oct 2024 10:17:33 GMT
Server: nginx/1.17.2
Transfer-Encoding: chunked
Vary: Accept-Encoding

OPTIONS
H/1.1 200
OK notices
account.lrwriters.com/api/v3/profile/ 0
0 503ms
152ms Preflight
text/html 148.251.23.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.lrwriters.com/api/v3/profile/notices

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.206.23.251.148.clients.your-server.de

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-role
Access-Control-Request-Method: GET
Origin: https://myaccount.lrwriters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-token, x-device, x-role
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://myaccount.lrwriters.com
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 02 Sep 2024 10:17:33 GMT
Server: nginx/1.4.6 (Ubuntu)
Transfer-Encoding: chunked
Vary: Origin
X-Frame-Options: SAMEORIGIN
X-Request-Id: 91e008a8-6914-11ef-9271-001e67c47479

OPTIONS
H/1.1 200
OK live_schedules
account.lrwriters.com/api/v3/ 0
0 489ms
139ms Preflight
text/html 148.251.23.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.lrwriters.com/api/v3/live_schedules?all=true&deleted=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.206.23.251.148.clients.your-server.de

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-role
Access-Control-Request-Method: GET
Origin: https://myaccount.lrwriters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-token, x-device, x-role
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://myaccount.lrwriters.com
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 02 Sep 2024 10:17:33 GMT
Server: nginx/1.4.6 (Ubuntu)
Transfer-Encoding: chunked
Vary: Origin
X-Frame-Options: SAMEORIGIN
X-Request-Id: 91dcf438-6914-11ef-b2c3-001e67c47479

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4861eef33264cde0ef2e2e07eead9165336b43afd2d67c344daacc039b45092

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 140ms
47ms Font
font/woff2 142.250.80.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.67 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://myaccount.lrwriters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:08 GMT
x-content-type-options: nosniff
age: 246325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Aug 2025 13:52:08 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 122ms
31ms Font
font/woff2 142.250.80.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.67 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://myaccount.lrwriters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 14:39:32 GMT
x-content-type-options: nosniff
age: 329881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Aug 2025 14:39:32 GMT

GET
H/1.1 206
Partial Content nt_new_message.ogg
myaccount.lrwriters.com/media/ 41 KB
42 KB 235ms
227ms Media
audio/ogg 157.230.97.66
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.lrwriters.com/media/nt_new_message.ogg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.97.66 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: 05e5618d28b91d57efcc7724a29f4ef1e7bd0b66ddb32fef88e5eb905e47ffcc

Request headers

Referer: https://myaccount.lrwriters.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 02 Sep 2024 10:17:33 GMT
Last-Modified: Mon, 08 Jul 2024 14:51:11 GMT
Server: nginx/1.17.10
ETag: "668bfcdf-a564"
Content-Type: audio/ogg
Content-Range: bytes 0-42339/42340
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 42340
Expires: Wed, 02 Oct 2024 10:17:33 GMT

GET
H/1.1 200
OK favicon.ico
myaccount.lrwriters.com/favicons/ 37 KB
37 KB 113ms
112ms Other
image/x-icon 157.230.97.66
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.lrwriters.com/favicons/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.97.66 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: 34a1b5970a7e81791226055f27882e616107b3172f2888711bd13dbf2af02c0c

Request headers

Referer: https://myaccount.lrwriters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:17:33 GMT
Last-Modified: Mon, 08 Jul 2024 14:51:11 GMT
Server: nginx/1.17.10
ETag: "668bfcdf-94be"
Content-Type: image/x-icon
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38078
Expires: Mon, 09 Sep 2024 10:17:33 GMT

GET
DATA 200
OK truncated
/ 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 354 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET /
oauth.dsh-agency.com/ 0
0

GET
H/1.1 401
UNAUTHORIZED orders
account.lrwriters.com/api/v3/ 24 B
479 B 118ms
115ms Fetch
application/json 148.251.23.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.lrwriters.com/api/v3/orders

Requested by

Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/main.c8150b9e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.206.23.251.148.clients.your-server.de

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://myaccount.lrwriters.com/
X-Role: writer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 02 Sep 2024 10:17:34 GMT
WWW-Authenticate: Token
Server: nginx/1.4.6 (Ubuntu)
Vary: Origin, Cookie
Transfer-Encoding: chunked
Content-Type: application/json
Allow: GET, PATCH, HEAD, OPTIONS
Access-Control-Allow-Origin: https://myaccount.lrwriters.com
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Request-Id: 927daeaa-6914-11ef-9271-001e67c47479

OPTIONS
H/1.1 200
OK orders
account.lrwriters.com/api/v3/ 0
0 118ms
118ms Preflight
text/html 148.251.23.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.lrwriters.com/api/v3/orders

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.206.23.251.148.clients.your-server.de

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-role
Access-Control-Request-Method: GET
Origin: https://myaccount.lrwriters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-token, x-device, x-role
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://myaccount.lrwriters.com
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 02 Sep 2024 10:17:34 GMT
Server: nginx/1.4.6 (Ubuntu)
Transfer-Encoding: chunked
Vary: Origin
X-Frame-Options: SAMEORIGIN
X-Request-Id: 926b9792-6914-11ef-b2c3-001e67c47479

GET
H/1.1 200
OK Primary Request / Show response
oauth.dsh-agency.com/ 936 B
945 B 794ms
117ms Document
text/html 164.92.176.90
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Requested by: Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/main.c8150b9e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash: e33c0ee123ba9a72984c6764786c3a02a4e378b7db8eeb42b6830160a1a68b79

Request headers

Referer: https://myaccount.lrwriters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 02 Sep 2024 10:17:35 GMT
ETag: W/"642dd608-3a8"
Expires: Mon, 02 Sep 2024 10:17:35 GMT
Last-Modified: Wed, 05 Apr 2023 20:11:52 GMT
Server: nginx/1.17.2
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET polyfill.min.js
cdn.polyfill.io/v2/ 0
0

GET
H/1.1 200
OK main.eebc6826.css
oauth.dsh-agency.com/static/css/ 7 KB
3 KB 118ms
118ms Stylesheet
text/css 164.92.176.90
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://oauth.dsh-agency.com/static/css/main.eebc6826.css
Requested by: Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash: 503d32f05811989b339ff5bbe81095a8652dc0a1e8dffb3ec0189ffbdedbbf10

Request headers

Referer: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:17:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Apr 2023 20:11:52 GMT
Server: nginx/1.17.2
ETag: W/"642dd608-1d7e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Tue, 02 Sep 2025 10:17:35 GMT

GET
H/1.1 200
OK main.c23550cb.js Show response
oauth.dsh-agency.com/static/js/ 305 KB
90 KB 336ms
221ms Script
application/javascript 164.92.176.90
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://oauth.dsh-agency.com/static/js/main.c23550cb.js
Requested by: Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash: 38a0474672476ee2f960c1203877918e66a61d86497a60793cedf76fb792e702

Request headers

Referer: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:17:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Apr 2023 20:11:52 GMT
Server: nginx/1.17.2
ETag: W/"642dd608-4c23c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Tue, 02 Sep 2025 10:17:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 285 KB
102 KB 1138ms
55ms Script
application/javascript 142.250.80.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PKS6JDW

Requested by

Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f003cd1c1cceb9bfb58fe0fa9ba30cfe36cbd6f98b124ec10cd213d141e00981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://oauth.dsh-agency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:17:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103702
x-xss-protection: 0
last-modified: Mon, 02 Sep 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 Sep 2024 10:17:36 GMT

OPTIONS
H/1.1 200
OK self
auth-back.dsh-agency.com/ 0
0 431ms
117ms Preflight
text/plain 164.92.176.90
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-back.dsh-agency.com/self
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-requested-with
Access-Control-Request-Method: GET
Origin: https://oauth.dsh-agency.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,content-type,x-requested-with
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
Access-Control-Allow-Origin: https://oauth.dsh-agency.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/plain
Date: Mon, 02 Sep 2024 10:17:36 GMT
Expires: Wed, 02 Oct 2024 10:17:36 GMT
Server: nginx/1.17.2
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK HelveticaNeue-Bold.dae566fc.woff
oauth.dsh-agency.com/static/media/ 208 KB
208 KB 221ms
218ms Font
font/woff 164.92.176.90
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://oauth.dsh-agency.com/static/media/HelveticaNeue-Bold.dae566fc.woff
Requested by: Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/static/css/main.eebc6826.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash: 369f2d426c38977b3d5fed3a03e9ca4246a83b8ce7f749c5304ad066ce6b1548

Request headers

Referer: https://oauth.dsh-agency.com/static/css/main.eebc6826.css
Origin: https://oauth.dsh-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:17:36 GMT
Last-Modified: Wed, 05 Apr 2023 20:11:52 GMT
Server: nginx/1.17.2
ETag: "642dd608-33fc0"
Content-Type: font/woff
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 212928
Expires: Wed, 02 Oct 2024 10:17:36 GMT

GET
H/1.1 200
OK HelveticaNeue.e878df76.woff
oauth.dsh-agency.com/static/media/ 203 KB
203 KB 243ms
121ms Font
font/woff 164.92.176.90
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://oauth.dsh-agency.com/static/media/HelveticaNeue.e878df76.woff
Requested by: Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/static/css/main.eebc6826.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash: 4b74adce203915ff39c59917039582fdec9fb533cda88fcddfa9d110473fc420

Request headers

Referer: https://oauth.dsh-agency.com/static/css/main.eebc6826.css
Origin: https://oauth.dsh-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:17:36 GMT
Last-Modified: Wed, 05 Apr 2023 20:11:52 GMT
Server: nginx/1.17.2
ETag: "642dd608-32be0"
Content-Type: font/woff
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 207840
Expires: Wed, 02 Oct 2024 10:17:36 GMT

GET
H/1.1 401
Unauthorized self Show response
auth-back.dsh-agency.com/ 26 B
648 B 123ms
122ms XHR
application/json 164.92.176.90
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-back.dsh-agency.com/self

Requested by

Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/static/js/main.c23550cb.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.17.2 /

Resource Hash

23530f79939f7833451e84bd8b170a50c424fd5dd1f2303f891039e339468cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://oauth.dsh-agency.com/
X-Requested-With: XMLHttpRequest
Authorization: null
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

X-Runtime: 0.003774
Date: Mon, 02 Sep 2024 10:17:36 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx/1.17.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://oauth.dsh-agency.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Vary: Origin
Connection: keep-alive
X-Request-Id: 07e5027b-e4a3-49ea-9659-2aa1d5dc1698

GET
H/1.1 200
OK albatros.7c12eb1d.svg
oauth.dsh-agency.com/static/media/ 4 KB
2 KB 122ms
120ms Image
image/svg+xml 164.92.176.90
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oauth.dsh-agency.com/static/media/albatros.7c12eb1d.svg
Requested by: Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash: caac557753b8f2c54a22850b54bf960d6807375fd563298983caaf100070edfe

Request headers

Referer: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:17:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Apr 2023 20:11:52 GMT
Server: nginx/1.17.2
ETag: W/"642dd608-e9b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 02 Oct 2024 10:17:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 109ms
27ms Script
text/javascript 142.251.35.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKS6JDW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.174 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oauth.dsh-agency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 02 Sep 2024 10:06:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 692
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 02 Sep 2024 12:06:04 GMT

GET
H2 200 hotjar-505540.js Show response
static.hotjar.com/c/ 11 KB
5 KB 424ms
112ms Script
application/javascript 108.138.106.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-505540.js?sv=5

Requested by

Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-124.jfk50.r.cloudfront.net

Software

Resource Hash

abc43520221759d027f3d89ed7b0e8c2e757ffc0205485a1481ba0d0bd2bdd3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://oauth.dsh-agency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c790ffcab27717f283a6e87f31c6d65a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/7bd2ce1ad9b25cc8de7a1375ac393d3b
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: yvbEImuyD-b-4roMYFUyjFRyM-YUhB7hSSpxcDGVtBItVfb9hKlztA==

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 75ms
35ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://oauth.dsh-agency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 02 Sep 2024 10:17:36 GMT
document-policy: force-load-at-top
x-fb-server-load: 25
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58936
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=23, mss=1232, tbw=4319, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: gfh3lq8Y5ETRsc3XLEQ/DC3ESyvH88MxTB3cjcVawLIcD2syCmVModF6TRPOULrpN3ygQizo7CdI7edlIkUphg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 2204162282960552 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 217ms
217ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2204162282960552?v=2.9.166&r=stable&domain=oauth.dsh-agency.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

84cee8888fa202d6edc9e0b455c52797b07897d8d2bbe978d28f55da88477d34

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://oauth.dsh-agency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 02 Sep 2024 10:17:37 GMT
document-policy: force-load-at-top
x-fb-server-load: 39
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=33, rtx=0, c=74, mss=1232, tbw=67021, tp=63, tpl=0, uplat=183, ullat=0
pragma: public
x-fb-debug: ECY0zf1mQEX/XHh2C+/uSK2/PP/TFl57UqiKygCHv44ckd0YPwmEMYa3oP8B8kqO+qC+DPKn2YmeQQ/2IDCDnw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 45ms
44ms XHR
text/plain 142.251.35.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=399039927&t=pageview&_s=1&dl=https%3A%2F%2Foauth.dsh-agency.com%2F%3Fredirect_url%3DaHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8%3D%3F&dr=https%3A%2F%2Fmyaccount.lrwriters.com%2F&dp=oauth.dsh-agency.com%2F&ul=en-ca&de=UTF-8&dt=Livingston%20Research%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACgAI~&jid=1628840104&gjid=1714261537&cid=1686007877.1725272257&tid=UA-129148043-1&_gid=674960583.1725272257&_r=1&_slc=1&gtm=45He48s0n81PKS6JDWv76281651za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=1593139554

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.174 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oauth.dsh-agency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 10:17:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://oauth.dsh-agency.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 565ms
33ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2204162282960552&ev=PageView&dl=https%3A%2F%2Foauth.dsh-agency.com%2F%3Fredirect_url%3DaHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8%3D&rl=https%3A%2F%2Fmyaccount.lrwriters.com%2F&if=false&ts=1725272257217&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4126&fbp=fb.1.1725272257216.863217963239871106&ler=other&cdl=API_unavailable&it=1725272256970&coo=false&rqm=GET

Requested by

Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://oauth.dsh-agency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=10, mss=1380, tbw=2822, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 02 Sep 2024 10:17:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 654ms
123ms Image
image/png 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2204162282960552&ev=PageView&dl=https%3A%2F%2Foauth.dsh-agency.com%2F%3Fredirect_url%3DaHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8%3D&rl=https%3A%2F%2Fmyaccount.lrwriters.com%2F&if=false&ts=1725272257217&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4126&fbp=fb.1.1725272257216.863217963239871106&ler=other&cdl=API_unavailable&it=1725272256970&coo=false&rqm=FGET

Requested by

Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://oauth.dsh-agency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 02 Sep 2024 10:17:37 GMT
document-policy: force-load-at-top
x-fb-server-load: 41
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7409987921863957882", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=14, mss=1380, tbw=3140, tp=-1, tpl=-1, uplat=88, ullat=0
pragma: no-cache
x-fb-debug: DspKv34ls9AiX5737ZGdIX1gSTPQul1VfIPn/64N2nTEsqQyTnmLDeBswE68U6xJ9k1PuYYNA3RsqINvr2nCQw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7409987921863957882"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.8da33a8f469c3b5ffcec.js Show response
script.hotjar.com/ 223 KB
56 KB 1127ms
38ms Script
application/javascript 18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-505540.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-90.jfk50.r.cloudfront.net

Software

Resource Hash

76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://oauth.dsh-agency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 48fa2d8b9525abe889eff7ccc8591f7e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 2922872
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56385
last-modified: Tue, 30 Jul 2024 14:22:40 GMT
etag: "0728625a147ca79276a1790b9cf3175d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 9z2FtzHVXtc0KRlDJXTmtqMpQaPtmfOUYR6nNab7UhtJ27J0X2-sXg==

GET
H/1.1 200
OK favicon.ico
oauth.dsh-agency.com/ 31 KB
32 KB 219ms
218ms Other
image/x-icon 164.92.176.90
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://oauth.dsh-agency.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash: f8ea0c50080f735cd285171c3f08bd2dc6157dd2397d0ae29b342a79ac950a93

Request headers

Referer: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:17:38 GMT
Last-Modified: Wed, 05 Apr 2023 20:11:52 GMT
Server: nginx/1.17.2
ETag: "642dd608-7d26"
Content-Type: image/x-icon
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32038
Expires: Mon, 09 Sep 2024 10:17:38 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=

Domain: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=

Domain: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=

Domain: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=

Domain: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=

Domain: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=

Domain: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=

Domain: cdn.polyfill.io
URL: https://cdn.polyfill.io/v2/polyfill.min.js

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lrwriters.com/	1970-01-21 08:00:08	Name: _hjSessionUser_2055233 Value: eyJpZCI6ImFkNmNhNzM5LThmNmQtNTllMi1hOGJkLTU2ZjQ1ZDBlZmY5YiIsImNyZWF0ZWQiOjE3MjUyNzIyNTE5MjIsImV4aXN0aW5nIjpmYWxzZX0=
.lrwriters.com/	1970-01-20 23:14:34	Name: _hjSession_2055233 Value: eyJpZCI6ImNiZWNjZDJiLWJiMTUtNGY4Ny1iOWJkLTdlYThiNzI4ZGVlMCIsImMiOjE3MjUyNzIyNTE5MjUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
myaccount.lrwriters.com/	1970-01-20 23:14:32	Name: _sl_ping_marker Value: initial
myaccount.lrwriters.com/	1969-12-31 23:59:59	Name: _lrtrack_tcid Value: 90613bd2-6285-4a63-a12b-c530434afa3c
.oauth.dsh-agency.com/	1970-01-20 23:14:34	Name: referrer_a Value: https://myaccount.lrwriters.com/
.dsh-agency.com/	1970-01-21 08:50:32	Name: _ga Value: GA1.2.1686007877.1725272257
.dsh-agency.com/	1970-01-20 23:15:58	Name: _gid Value: GA1.2.674960583.1725272257
.dsh-agency.com/	1970-01-20 23:14:32	Name: _gat_UA-129148043-1 Value: 1
.dsh-agency.com/	1970-01-21 01:24:08	Name: _fbp Value: fb.1.1725272257216.863217963239871106
.dsh-agency.com/	1970-01-21 08:00:08	Name: _hjSessionUser_505540 Value: eyJpZCI6IjkwZGU5MTliLTUyMGMtNWVlNi1iOGEyLWZiNWI5MDc4ZTAyYiIsImNyZWF0ZWQiOjE3MjUyNzIyNTg0NjgsImV4aXN0aW5nIjp0cnVlfQ==
.dsh-agency.com/	1970-01-20 23:14:34	Name: _hjSession_505540 Value: eyJpZCI6IjgzMjA1YjBkLTA4YTItNDg2NC1iY2RiLWIwZWRkM2JmZGQ0MCIsImMiOjE3MjUyNzIyNTg0NjksInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tickettool.dsh-agency.com/api/v1/state_data Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://account.lrwriters.com/api/v3/profile/notices_notification?limit=20&sort=-created_at&event_tag[]=notify_mark_bad&event_tag[]=notify_issue_cancelled&event_tag[]=notify_issue_closed&event_tag[]=notify_notice_bad&event_tag[]=notify_writer_order_feedback_cancelled&event_tag[]=notify_veriff_declined&event_tag[]=notify_veriff_resubmission&event_tag[]=notify_group_down&event_tag[]=notify_mark_good&event_tag[]=notify_mark_update&event_tag[]=notify_mark_hide&event_tag[]=notify_writer_order_feedback_resolved&event_tag[]=notify_veriff_approved&event_tag[]=notify_group_up&event_tag[]=notify_issue_resolved&event_tag[]=notify_revision_accept&event_tag[]=notify_rdd_changed Message: Failed to load resource: the server responded with a status of 401 (UNAUTHORIZED)
network	error	URL: https://account.lrwriters.com/api/v3/live_schedules?all=true&deleted=true Message: Failed to load resource: the server responded with a status of 401 (UNAUTHORIZED)
network	error	URL: https://account.lrwriters.com/api/v3/profile/notices Message: Failed to load resource: the server responded with a status of 401 (UNAUTHORIZED)
network	error	URL: https://account.lrwriters.com/api/v3/settings?country_list=1 Message: Failed to load resource: the server responded with a status of 401 (UNAUTHORIZED)
network	error	URL: https://account.lrwriters.com/api/v3/notification Message: Failed to load resource: the server responded with a status of 401 (UNAUTHORIZED)
network	error	URL: https://account.lrwriters.com/api/v3/profile Message: Failed to load resource: the server responded with a status of 401 (UNAUTHORIZED)
network	error	URL: https://account.lrwriters.com/api/v3/orders Message: Failed to load resource: the server responded with a status of 401 (UNAUTHORIZED)
network	error	URL: https://cdn.polyfill.io/v2/polyfill.min.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
recommendation	verbose	URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8= Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://auth-back.dsh-agency.com/self Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.lrwriters.com
api.ipify.org
auth-back.dsh-agency.com
cdn.polyfill.io
cdn.signalayer.com
connect.facebook.net
data.signalayer.com
fonts.googleapis.com
fonts.gstatic.com
myaccount.lrwriters.com
oauth.dsh-agency.com
pp.signalayer.com
script.hotjar.com
static.hotjar.com
tickettool.dsh-agency.com
veraviews.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
cdn.polyfill.io
oauth.dsh-agency.com
104.26.13.205
104.26.3.63
108.138.106.101
108.138.106.124
13.225.63.46
142.250.65.202
142.250.80.104
142.250.80.67
142.251.35.174
148.251.23.206
157.230.97.66
164.92.176.90
18.164.96.77
18.164.96.90
206.81.27.11
31.13.71.36
31.13.71.7
54.165.165.134
68.70.205.2
05e5618d28b91d57efcc7724a29f4ef1e7bd0b66ddb32fef88e5eb905e47ffcc
1207c6115e8c70ec062f7065cc18ea18f886133ffd5afe863a7b8b10f9d23a60
142619e21f301b38d643d030accdb300f989ab65f27aa20f2b0102243404822e
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
23530f79939f7833451e84bd8b170a50c424fd5dd1f2303f891039e339468cfe
34a1b5970a7e81791226055f27882e616107b3172f2888711bd13dbf2af02c0c
369f2d426c38977b3d5fed3a03e9ca4246a83b8ce7f749c5304ad066ce6b1548
374d09af8bd45522f8320b89c5a3063f6fb76e9941b951e1a4ecedb1ad6b1893
38a0474672476ee2f960c1203877918e66a61d86497a60793cedf76fb792e702
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b74adce203915ff39c59917039582fdec9fb533cda88fcddfa9d110473fc420
503d32f05811989b339ff5bbe81095a8652dc0a1e8dffb3ec0189ffbdedbbf10
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b99c9400ab7996ccd1db777e200ed0f459e3283f78f78aa2e5ee9d3c158e2ed
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
84cee8888fa202d6edc9e0b455c52797b07897d8d2bbe978d28f55da88477d34
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a106745ab737317f6a9d0ed31f477ad9326c17cf055d9d5d0fec9c07c8bde516
a4861eef33264cde0ef2e2e07eead9165336b43afd2d67c344daacc039b45092
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abc43520221759d027f3d89ed7b0e8c2e757ffc0205485a1481ba0d0bd2bdd3c
b1aae252786e642e1c24a8a0a465a17396ca96f5d8e498163028bb78754a7b78
b2ba6554c514a083e13a0fa0d1e7010728edaf1c9247db92f7f7359e7e4dcb25
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c7e52d1b3ea7535d114503d9e51c845219a1511941dce3bf1d8d69506ade2441
caac557753b8f2c54a22850b54bf960d6807375fd563298983caaf100070edfe
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e33c0ee123ba9a72984c6764786c3a02a4e378b7db8eeb42b6830160a1a68b79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f003cd1c1cceb9bfb58fe0fa9ba30cfe36cbd6f98b124ec10cd213d141e00981
f8ea0c50080f735cd285171c3f08bd2dc6157dd2397d0ae29b342a79ac950a93
fb186695b214382b71b146c968d2be5902d100df97463aae70addf6110cfff3c

oauth.dsh-agency.com Open in urlscan Pro 164.92.176.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

86 %HTTPS

0 %IPv6

13 Domains

19 Subdomains

20 IPs

3 Countries

2245 kBTransfer

7119 kBSize

11 Cookies

2 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

oauth.dsh-agency.com Open in urlscan Pro
164.92.176.90 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

86 %
HTTPS

0 %
IPv6

13
Domains

19
Subdomains

20
IPs

3
Countries

2245 kB
Transfer

7119 kB
Size

11
Cookies

57 HTTP transactions
4 data transactions