845879839594-f5dug2dja7grgedg.z03.azurefd.net Open in urlscan Pro
2620:1ec:bdf::45  Public Scan

Submitted URL: https://9849854894989845.alt-xm-38iszmu.workers.dev/
Effective URL: https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Submission: On July 03 via manual from US — Scanned from DE

Summary

This website contacted 21 IPs in 3 countries across 21 domains to perform 42 HTTP transactions. The main IP is 2620:1ec:bdf::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 845879839594-f5dug2dja7grgedg.z03.azurefd.net.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 04 on May 10th 2024. Valid for: a year.
This is the only time 845879839594-f5dug2dja7grgedg.z03.azurefd.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 142.11.212.118 54290 (HOSTWINDS)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.158.205.16 16509 (AMAZON-02)
2 2600:9000:275... 16509 (AMAZON-02)
3 2a03:2880:f08... 32934 (FACEBOOK)
2 2.17.100.250 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42::396 54113 (FASTLY)
1 146.75.120.157 54113 (FASTLY)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
4 34.160.63.108 396982 (GOOGLE-CL...)
2 142.250.184.226 15169 (GOOGLE)
1 2600:9000:210... 16509 (AMAZON-02)
1 93.184.221.165 15133 (EDGECAST)
1 104.244.42.3 13414 (TWITTER)
6 2a03:2880:f17... 32934 (FACEBOOK)
3 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
42 21
Apex Domain
Subdomains
Transfer
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
6 KB
4 mailgun.com
login.mailgun.com
196 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 360
2 KB
3 6sc.co
j.6sc.co — Cisco Umbrella Rank: 5903
c.6sc.co — Cisco Umbrella Rank: 8340
ipv6.6sc.co — Cisco Umbrella Rank: 6045
19 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
100 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
122 B
2 rudderlabs.com
cdn.rudderlabs.com — Cisco Umbrella Rank: 11337
38 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
218 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 986
725 B
1 t.co
t.co — Cisco Umbrella Rank: 726
379 B
1 clearbitscripts.com
tag.clearbitscripts.com — Cisco Umbrella Rank: 16562
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
21 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 902
14 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 905
15 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1200
13 KB
1 sinchemail.com
get.sinchemail.com
3 KB
1 clearbitjs.com
x.clearbitjs.com — Cisco Umbrella Rank: 19841 Failed
1 1b3rmrwdw.buzz
1b3rmrwdw.buzz
85 KB
1 azurefd.net
845879839594-f5dug2dja7grgedg.z03.azurefd.net
60 KB
1 workers.dev
9849854894989845.alt-xm-38iszmu.workers.dev
473 B
0 google.com Failed
td.google.com Failed
42 21
Domain Requested by
6 www.facebook.com 845879839594-f5dug2dja7grgedg.z03.azurefd.net
4 login.mailgun.com 1b3rmrwdw.buzz
login.mailgun.com
3 px.ads.linkedin.com snap.licdn.com
845879839594-f5dug2dja7grgedg.z03.azurefd.net
3 connect.facebook.net 1b3rmrwdw.buzz
connect.facebook.net
2 googleads.g.doubleclick.net 1b3rmrwdw.buzz
2 cdn.rudderlabs.com 1b3rmrwdw.buzz
2 www.googletagmanager.com 1b3rmrwdw.buzz
1 ipv6.6sc.co j.6sc.co
1 c.6sc.co j.6sc.co
1 analytics.twitter.com 1b3rmrwdw.buzz
1 t.co 1b3rmrwdw.buzz
1 tag.clearbitscripts.com 1b3rmrwdw.buzz
1 www.google-analytics.com 1b3rmrwdw.buzz
1 snap.licdn.com 1b3rmrwdw.buzz
1 static.ads-twitter.com 1b3rmrwdw.buzz
1 www.redditstatic.com 1b3rmrwdw.buzz
1 get.sinchemail.com 1b3rmrwdw.buzz
1 j.6sc.co 1b3rmrwdw.buzz
1 x.clearbitjs.com 1b3rmrwdw.buzz
1 1b3rmrwdw.buzz 845879839594-f5dug2dja7grgedg.z03.azurefd.net
1 845879839594-f5dug2dja7grgedg.z03.azurefd.net
1 9849854894989845.alt-xm-38iszmu.workers.dev 1 redirects
0 td.google.com Failed 1b3rmrwdw.buzz
42 23

This site contains links to these domains. Also see Links.

Domain
www.mailgun.com
Subject Issuer Validity Valid
*.azurefd.net
Microsoft Azure RSA TLS Issuing CA 04
2024-05-10 -
2025-05-05
a year crt.sh
1b3rmrwdw.buzz
R10
2024-06-20 -
2024-09-18
3 months crt.sh
*.google-analytics.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
clearbitjs.com
Amazon RSA 2048 M02
2024-02-15 -
2025-03-16
a year crt.sh
*.rudderlabs.com
Amazon RSA 2048 M03
2024-05-14 -
2025-06-12
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-04-11 -
2024-07-10
3 months crt.sh
6sc.co
R3
2024-04-09 -
2024-07-08
3 months crt.sh
get.sinchemail.com
E1
2024-05-07 -
2024-08-05
3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-05-23 -
2024-11-18
6 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-21 -
2024-07-19
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
*.mailgun.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-05-08 -
2025-05-27
a year crt.sh
*.g.doubleclick.net
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
clearbitscripts.com
Amazon RSA 2048 M03
2024-05-11 -
2025-06-08
a year crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-05-08 -
2025-05-07
a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-31 -
2024-10-29
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-07-01 -
2025-01-01
6 months crt.sh

This page contains 2 frames:

Primary Page: https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Frame ID: 307B06E830DCD5BC42CEC3B55C8C5E84
Requests: 41 HTTP requests in this frame

Frame: https://td.google.com/
Frame ID: D45194D014BE05F36C32EB0174F06FEF
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Login | Mailgun

Page URL History Show full URLs

  1. https://9849854894989845.alt-xm-38iszmu.workers.dev/ HTTP 301
    https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

42
Requests

86 %
HTTPS

62 %
IPv6

21
Domains

23
Subdomains

21
IPs

3
Countries

790 kB
Transfer

1964 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://9849854894989845.alt-xm-38iszmu.workers.dev/ HTTP 301
    https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Redirect Chain
  • https://9849854894989845.alt-xm-38iszmu.workers.dev/
  • https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
60 KB
60 KB
Document
General
Full URL
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
024e55b57d7d508ee64aaea0fbeaf15f6fe10ba715352173e268e8f21117db78

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
61065
content-md5
sgMwXVjNphuqVAtGHiq6ZA==
content-type
text/html
date
Wed, 03 Jul 2024 14:58:37 GMT
etag
"0x8DC9AB7F04FDAB9"
last-modified
Tue, 02 Jul 2024 16:56:38 GMT
x-azure-ref
20240703T145837Z-r195c4c79d9t8vb2pywgc4zf0w000000013g00000000x3p1
x-cache
CONFIG_NOCACHE
x-ms-request-id
c6c4211a-f01e-0015-7459-cd55be000000
x-ms-version
2018-03-28

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-ray
89d7bc157d672c2f-FRA
content-length
0
date
Wed, 03 Jul 2024 14:58:37 GMT
location
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wHcBTLdnI%2B3tGvfPQsaG1v7TTte9Oej4cFHvg8Zv%2BernxkLiXlOjROq1G0luMJEld3XpUlxLicTgFvkndDMLzZBgTRQKwrmz1NcYhj7CfsH%2BM1SpdAt1qItwH4y2akMTvsnnARdyGCjadJTEw%2FPQa%2FBxXVpqEiehNTj1r7lnGt21rgnl%2FSkg%2B912"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
index.js
1b3rmrwdw.buzz/gun/
261 KB
85 KB
Script
General
Full URL
https://1b3rmrwdw.buzz/gun/index.js
Requested by
Host: 845879839594-f5dug2dja7grgedg.z03.azurefd.net
URL: https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.11.212.118 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-1223183.hostwindsdns.com
Software
nginx /
Resource Hash
eb9aa7adff5367d798fb52fae4f6e4be347392ee8dd44de799e80715a2513f9d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 14:58:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jul 2024 16:42:53 GMT
Server
nginx
ETag
W/"66842e0d-413a4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/
377 KB
117 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WN2J6
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d8473189af1f9f31bdab9163f36e4e0f546c54ec5e7dbc6ba7342afa23e81902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119842
x-xss-protection
0
last-modified
Wed, 03 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Jul 2024 14:58:38 GMT
tracking.min.js
x.clearbitjs.com/v2/pk_54258638e2140e223e87c6c868ec9a93/
0
0

forms.js
x.clearbitjs.com/v1/pk_54258638e2140e223e87c6c868ec9a93/
0
0
Script
General
Full URL
https://x.clearbitjs.com/v1/pk_54258638e2140e223e87c6c868ec9a93/forms.js?page_path=%2FC%3A%2FUsers%2FAdministrator%2FDesktop%2FNEW%2520ERA%2FMAILGUNPAGE%25202023%2Fpage%2Findex.html
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.205.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-205-16.eu-central-1.compute.amazonaws.com
Software
Clearbit /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-response-flags
-
server
Clearbit
content-length
0
content-type
application/javascript;charset=utf-8
destinations.min.js
x.clearbitjs.com/v2/pk_54258638e2140e223e87c6c868ec9a93/
0
0

GoogleTagManager.min.js
cdn.rudderlabs.com/v1.1/js-integrations/
6 KB
2 KB
Script
General
Full URL
https://cdn.rudderlabs.com/v1.1/js-integrations/GoogleTagManager.min.js
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:9200:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efed9c588a2cccd58f60a79bc11f9d8918b65a87bca0f871902a32f53998816c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:54:51 GMT
content-encoding
br
via
1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront)
last-modified
Mon, 01 Jul 2024 15:21:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
228
etag
W/"efd92929841bee7b87c668c11512cfda"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
os9Os1tzZkwJYp0v7zOkg8vTixZZX393sWkmw7gYxZAJ1La8hLZYIg==
js
www.googletagmanager.com/gtag/
295 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PZB2JSMCGC&l=dataLayer&cx=c
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3ad20dc2019b5a48126adceff52b1840eef02e098112fd7cd93650ab1787668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102748
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 03 Jul 2024 14:58:38 GMT
541164370529087
connect.facebook.net/signals/config/
103 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/541164370529087?v=2.9.104&r=stable
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
123b0f29bf933d18cd24b39576b01ec55619cd1aaf3dcb93d096fdc07c2a7f1b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 03 Jul 2024 14:58:38 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
28434
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1368, tbw=63807, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
KHV34wpDQfAZmDF1yuO5EUQ93hjq/ztHb1rcwhUF44Y7FPSlIkgEqez5EDCT90/TclP+unWzd5/XKcNp2oDjeA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
222 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 03 Jul 2024 14:58:38 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1368, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
NhQ9o8jSZKpvK1Y9ZVkhJ2Hsxf9Fg1jdZgXeF8Hil4K4mNPBZ2X0IQVbXuBUvluX8S+qJgWjfQPPHR0gPYK1Mg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
6si.min.js
j.6sc.co/
66 KB
18 KB
Script
General
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.250 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-250.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4d3dab569c7b9e24ba3484873769a6b4a34bd3ab4ef6ff53b1c5a5c60f7d5663
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Jul 2024 14:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 14 Jun 2024 00:42:44 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"666b9204-10980"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, proxy-revalidate
accept-ranges
bytes
content-length
18315
expires
Wed, 03 Jul 2024 14:58:38 GMT
js
get.sinchemail.com/pr/
8 KB
3 KB
Script
General
Full URL
https://get.sinchemail.com/pr/js
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca8cef71e92e35d74ca86930eb32061244889c46631e69e84c74b85f3efa376

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:39 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 02 Jul 2024 20:48:31 GMT
server
cloudflare
etag
W/"6684679f-1e83"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400, stale-if-error=604800
cf-ray
89d7bc213e889759-FRA
pixel.js
www.redditstatic.com/ads/
42 KB
13 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:38 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:39 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-etou8220103-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/
38 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 16:46:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=54910
accept-ranges
bytes
content-length
14004
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 Jul 2024 14:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1772
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 03 Jul 2024 16:29:07 GMT
rudder-analytics.min.js
cdn.rudderlabs.com/v1.1/
122 KB
35 KB
Script
General
Full URL
https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:9200:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02fc2779fd1dd7253a69ff0d8f41a4fd9917ee2b7f29f27683a7fc91dc6d7872

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:40 GMT
content-encoding
br
via
1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront)
last-modified
Mon, 01 Jul 2024 15:21:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
etag
W/"f48f24a493ed7855b4fd7ea68f53306f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=3600
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
HAISaH97s-fk7aBDHr1EGswUIXQHkzL_ZywCT3fjOE_jptGWiGGs-g==
style.css
login.mailgun.com/login/static/
12 KB
12 KB
Stylesheet
General
Full URL
https://login.mailgun.com/login/static/style.css?v=1.0.0
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.160.63.108 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
108.63.160.34.bc.googleusercontent.com
Software
TwistedWeb/22.10.0 /
Resource Hash
94c2930b734d6fbe51744402e21501fabf6aa6fb65b79b0f0160094358bd32f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 11 Jun 2024 18:22:52 GMT
server
TwistedWeb/22.10.0
etag
"1718130172.0-12089-376774563"
content-type
text/css; charset=utf-8
cache-control
no-cache
content-disposition
inline; filename=style.css
content-length
12089
x-xss-protection
1; mode=block
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005952947/
43 B
61 B
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005952947/?random=1685204592833&cv=11&fst=1685204592833&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1536&u_h=864&url=https%3A%2F%2Flogin.mailgun.com%2Flogin%2F&label=D44PCKXQjAQQs7_W3wM&hn=www.googleadservices.com&frm=0&tiba=Login%20%7C%20Mailgun&auid=46058530.1685204589&fledge=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B113.0.5672.93%7CChromium%3B113.0.5672.93%7CNot-A.Brand%3B24.0.0.0&uamb=0&uap=Windows&uapv=10.0.0&uaw=0&rfmt=3&fmt=4
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Jul 2024 14:58:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005952947/
43 B
61 B
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005952947/?random=1685205259095&cv=11&fst=1685205259095&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1536&u_h=864&url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdministrator%2FDesktop%2FNEW%2520ERA%2FMAILGUNPAGE%25202023%2Fpage%2Findex.html&label=D44PCKXQjAQQs7_W3wM&hn=www.googleadservices.com&frm=0&tiba=Login%20%7C%20Mailgun&fledge=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B113.0.5672.93%7CChromium%3B113.0.5672.93%7CNot-A.Brand%3B24.0.0.0&uamb=0&uap=Windows&uapv=10.0.0&uaw=0&rfmt=3&fmt=4
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Jul 2024 14:58:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
td.google.com/ Frame D451
0
0

tags.js
tag.clearbitscripts.com/v1/pk_54258638e2140e223e87c6c868ec9a93/
0
0
Script
General
Full URL
https://tag.clearbitscripts.com/v1/pk_54258638e2140e223e87c6c868ec9a93/tags.js
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1200:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Clearbit /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-response-flags
-
via
1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
server
Clearbit
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
AMS1-C1
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
application/javascript;charset=utf-8
cache-control
private, max-age=600
x-amz-cf-id
itnYPyDD1Kphy9VddbjId92Nh63s31ki815M_jonq_AoVbcHSoEN7g==
logo-mailgun-sinch.svg
login.mailgun.com/login/static/
5 KB
5 KB
Image
General
Full URL
https://login.mailgun.com/login/static/logo-mailgun-sinch.svg
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.160.63.108 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
108.63.160.34.bc.googleusercontent.com
Software
TwistedWeb/22.10.0 /
Resource Hash
cb1da2f299572bf2acce785fef2ee323c1c39ae079ff8db5c85b6486dd71e0d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 11 Jun 2024 18:22:52 GMT
server
TwistedWeb/22.10.0
etag
"1718130172.0-5260-3523617926"
content-type
image/svg+xml; charset=utf-8
cache-control
no-cache
content-disposition
inline; filename=logo-mailgun-sinch.svg
content-length
5260
x-xss-protection
1; mode=block
mailgun-login-leftrail.png
login.mailgun.com/login/static/
178 KB
178 KB
Image
General
Full URL
https://login.mailgun.com/login/static/mailgun-login-leftrail.png
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.160.63.108 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
108.63.160.34.bc.googleusercontent.com
Software
TwistedWeb/22.10.0 /
Resource Hash
789b45eda067d65646ff665c1c2446d75db4c6a2eab5c8dbaaa9162e90691ebd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 11 Jun 2024 18:22:52 GMT
server
TwistedWeb/22.10.0
etag
"1718130172.0-182211-1768433185"
content-type
image/png
cache-control
no-cache
content-disposition
inline; filename=mailgun-login-leftrail.png
content-length
182211
x-xss-protection
1; mode=block
adsct
t.co/1/i/
43 B
379 B
Image
General
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=939cc2b0-a976-4b0b-a894-1b98e3298bf7&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=eeb64410-e513-4069-a922-41bb6f75921e&tw_document_href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdministrator%2FDesktop%2FNEW%2520ERA%2FMAILGUNPAGE%25202023%2Fpage%2Findex.html&tw_iframe_status=0&txn_id=o57gg&type=javascript&version=2.3.29
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
179
date
Wed, 03 Jul 2024 14:58:38 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
b087563940c3d0a5
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
3491690cc9786796aec81f2fc9289132b15f84baf42405d2ba9360d389823706
content-length
43
adsct
analytics.twitter.com/1/i/
43 B
725 B
Image
General
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=939cc2b0-a976-4b0b-a894-1b98e3298bf7&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=eeb64410-e513-4069-a922-41bb6f75921e&tw_document_href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdministrator%2FDesktop%2FNEW%2520ERA%2FMAILGUNPAGE%25202023%2Fpage%2Findex.html&tw_iframe_status=0&txn_id=o57gg&type=javascript&version=2.3.29
Requested by
Host: 1b3rmrwdw.buzz
URL: https://1b3rmrwdw.buzz/gun/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
190
date
Wed, 03 Jul 2024 14:58:39 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
3d7e79fb32d58512
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
c1f2727ba56fdc5aeeb8e2d329159a2943328746aa9e584b908a4b244d126321
content-length
43
red-hat-display-v11-latin-700.woff
login.mailgun.com/login/static/
0
0

roboto-v27-latin-700.woff
login.mailgun.com/login/static/
0
0

roboto-v27-latin-regular.woff
login.mailgun.com/login/static/
0
0

541164370529087
connect.facebook.net/signals/config/
60 KB
12 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/541164370529087?v=2.9.160&r=stable&domain=845879839594-f5dug2dja7grgedg.z03.azurefd.net&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
48546338cefb01967aa79c5b7da6901ec5baadf98919b78f330617248a129875
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 03 Jul 2024 14:58:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=84, mss=1368, tbw=92620, tp=-1, tpl=-1, uplat=194, ullat=0
pragma
public
x-fb-debug
IGOU/SaOVJ1yKCvhUvUIg5VqYzT5nVjL2xHd+if4JlKLOiC2KuQ8wxDPQObcSSTmyvajZot1fx1Z+UTM3EE0hQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=541164370529087&ev=PageView&dl=https%3A%2F%2F845879839594-f5dug2dja7grgedg.z03.azurefd.net%2F&rl=&if=false&ts=1720018719487&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.2.1720018719486.692308430762748426&ler=empty&cdl=API_unavailable&it=1720018719268&coo=false&rqm=GET
Requested by
Host: 845879839594-f5dug2dja7grgedg.z03.azurefd.net
URL: https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1368, tbw=2831, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 03 Jul 2024 14:58:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=541164370529087&ev=PageView&dl=https%3A%2F%2F845879839594-f5dug2dja7grgedg.z03.azurefd.net%2F&rl=&if=false&ts=1720018719487&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.2.1720018719486.692308430762748426&ler=empty&cdl=API_unavailable&it=1720018719268&coo=false&rqm=FGET
Requested by
Host: 845879839594-f5dug2dja7grgedg.z03.azurefd.net
URL: https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x54ce431924c6c1c5","source_keys":["1","2"]},{"key_piece":"0x9c6993f18c92e057","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 03 Jul 2024 14:58:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387424147248180698", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=14, mss=1368, tbw=3273, tp=-1, tpl=-1, uplat=177, ullat=0
pragma
no-cache
x-fb-debug
tSCXzapZefIDaC9SkFE4MbAkpLH7uHd2COF/nGewm/MQbglGoX+3JbmWOoeUyHgZPvzRLVJMee8MjBqFFl0KPw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387424147248180698"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
102 B
Image
General
Full URL
https://www.facebook.com/tr/?id=541164370529087&ev=Scroll_50&dl=https%3A%2F%2F845879839594-f5dug2dja7grgedg.z03.azurefd.net%2F&rl=&if=false&ts=1720018719488&sw=1600&sh=1200&v=2.9.160&r=stable&ec=1&o=4126&fbp=fb.2.1720018719486.692308430762748426&ler=empty&cdl=API_unavailable&it=1720018719268&coo=false&rqm=GET
Requested by
Host: 845879839594-f5dug2dja7grgedg.z03.azurefd.net
URL: https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1368, tbw=3118, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 03 Jul 2024 14:58:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
1 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=541164370529087&ev=Scroll_50&dl=https%3A%2F%2F845879839594-f5dug2dja7grgedg.z03.azurefd.net%2F&rl=&if=false&ts=1720018719488&sw=1600&sh=1200&v=2.9.160&r=stable&ec=1&o=4126&fbp=fb.2.1720018719486.692308430762748426&ler=empty&cdl=API_unavailable&it=1720018719268&coo=false&rqm=FGET
Requested by
Host: 845879839594-f5dug2dja7grgedg.z03.azurefd.net
URL: https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x6f9deeddc5edcf4d","source_keys":["1","2"]},{"key_piece":"0x3846355ca2c0d4aa","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 03 Jul 2024 14:58:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387424146818739930", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=14, mss=1368, tbw=6473, tp=-1, tpl=-1, uplat=181, ullat=0
pragma
no-cache
x-fb-debug
M5TB2ZCNNpPMT2GVpULwpcIhGrvcYqWt3WAUjRcjafAUsHI15Lm96nWM7DTK/V/3ljCrp9YR+6AbT7L3tIc4pw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387424146818739930"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
attribution_trigger
px.ads.linkedin.com/
2 B
1 KB
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=&time=1720018720034&url=https%3A%2F%2F845879839594-f5dug2dja7grgedg.z03.azurefd.net%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:39 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-cache
CONFIG_NOCACHE
x-li-uuid
AAYcWRDR/lGUAjVHC8vm2A==
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 81297FE9C96F491D9AE6EF33A15AA6AE Ref B: FRAEDGE1420 Ref C: 2024-07-03T14:58:40Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-ltx1
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-fs-uuid
00061c5910d1fe51940235470bcbe6d8
collect
px.ads.linkedin.com/
0
667 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1720018720034&url=https%3A%2F%2F845879839594-f5dug2dja7grgedg.z03.azurefd.net%2F
Requested by
Host: 845879839594-f5dug2dja7grgedg.z03.azurefd.net
URL: https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:39 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F97B413DE37344AD90408103BCBC2433 Ref B: FRAEDGE1922 Ref C: 2024-07-03T14:58:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYcWRDSQnwyiAntKOqD0g==
/
px.ads.linkedin.com/wa/
0
217 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:40 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 7F3CCD0645C84DA98E89733A0535662B Ref B: FRAEDGE1922 Ref C: 2024-07-03T14:58:40Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYcWRDVNhFg9zOGBLo5WA==
/
c.6sc.co/
7 B
215 B
XHR
General
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.250 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-250.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:40 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/
20 B
332 B
XHR
General
Full URL
https://ipv6.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dd98357d2bb2982eb4e0d6ad52bdd1467161e32990a70c4f0d6a28b2a8095141

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Jul 2024 14:58:40 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2a03:1b20:6:f011::1e
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1720018720271_34901565_381008037_29_1099_9_136_219";dur=1
content-length
20
expires
Wed, 03 Jul 2024 14:58:40 GMT
/
www.facebook.com/tr/
0
125 B
Image
General
Full URL
https://www.facebook.com/tr/?id=541164370529087&ev=Scroll_50&dl=https%3A%2F%2F845879839594-f5dug2dja7grgedg.z03.azurefd.net%2F&rl=&if=false&ts=1720018720259&sw=1600&sh=1200&v=2.9.160&r=stable&ec=2&o=4126&fbp=fb.2.1720018719486.692308430762748426&ler=empty&cdl=API_unavailable&it=1720018719268&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1368, tbw=7763, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 03 Jul 2024 14:58:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
1017 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=541164370529087&ev=Scroll_50&dl=https%3A%2F%2F845879839594-f5dug2dja7grgedg.z03.azurefd.net%2F&rl=&if=false&ts=1720018720259&sw=1600&sh=1200&v=2.9.160&r=stable&ec=2&o=4126&fbp=fb.2.1720018719486.692308430762748426&ler=empty&cdl=API_unavailable&it=1720018719268&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x6f9deeddc5edcf4d","source_keys":["1","2"]},{"key_piece":"0x3846355ca2c0d4aa","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 03 Jul 2024 14:58:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387424152708477612", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1368, tbw=7932, tp=-1, tpl=-1, uplat=355, ullat=0
pragma
no-cache
x-fb-debug
2rwsB46l7vanu0rgiaqjKI5k+U6fEKxsIVrY/5dki1dtijlBbTSMvRqrAnjC7mwfM6idHgGQ8hmV4O9FkutCxw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387424152708477612"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
favicon.png
login.mailgun.com/login/static/
798 B
898 B
Other
General
Full URL
https://login.mailgun.com/login/static/favicon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.160.63.108 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
108.63.160.34.bc.googleusercontent.com
Software
TwistedWeb/22.10.0 /
Resource Hash
b34ec5d4d9a445f64bbc44b30cfaff64ed32a6d24e76230dec4576f40fdafa4d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 14:58:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 11 Jun 2024 18:22:52 GMT
server
TwistedWeb/22.10.0
etag
"1718130172.0-798-1443897428"
content-type
image/png
cache-control
no-cache
content-disposition
inline; filename=favicon.png
content-length
798
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
x.clearbitjs.com
URL
https://x.clearbitjs.com/v2/pk_54258638e2140e223e87c6c868ec9a93/tracking.min.js
Domain
x.clearbitjs.com
URL
https://x.clearbitjs.com/v2/pk_54258638e2140e223e87c6c868ec9a93/destinations.min.js
Domain
td.google.com
URL
https://td.google.com/
Domain
login.mailgun.com
URL
https://login.mailgun.com/login/static/red-hat-display-v11-latin-700.woff
Domain
login.mailgun.com
URL
https://login.mailgun.com/login/static/roboto-v27-latin-700.woff
Domain
login.mailgun.com
URL
https://login.mailgun.com/login/static/roboto-v27-latin-regular.woff

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| _0x2e1e function| _0x4d3637 function| _0x4aae59 function| _0x414d function| _0x11a537 function| _0x537b62 function| _0x3e4963 function| _0x1985b9 function| _0x12f38f function| _0x5a6766 function| _0x11fdf5 function| _0x2aec15 function| _0x31a24f function| _0x30e8 function| _0x2005ae function| _0x1716 function| _0x56834f function| _0x14cd70 function| _0x3fb431 function| _0x5d72ea function| _0x238e1a function| _0x145bd3 function| _0x2c58d8 function| _0x25e9d9 function| _0x357f63 function| _0xf9a5ed object| _6si object| GoogleTagManager_RS function| redditNormalizeEmail object| google_tag_data function| ga object| gaplugins boolean| google_noFurtherRedirects object| growsumo object| google_tag_manager object| dataLayer function| postscribe object| google_tag_manager_external function| fbq function| _fbq string| hash function| onYouTubeIframeAPIReady object| regeneratorRuntime object| twttr object| rudderanalytics function| lintrk boolean| _already_called_lintrk object| ORIBILI

10 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.t.co/ Name: muc_ads
Value: 0d14a734-a05f-4994-b218-43c064cef199
.twitter.com/ Name: guest_id_marketing
Value: v1%3A172001871914956415
.twitter.com/ Name: guest_id_ads
Value: v1%3A172001871914956415
.twitter.com/ Name: personalization_id
Value: "v1_N/lPgP1VrWFDedl0lHF7Ww=="
.twitter.com/ Name: guest_id
Value: v1%3A172001871914956415
.z03.azurefd.net/ Name: _fbp
Value: fb.2.1720018719486.692308430762748426
.linkedin.com/ Name: bcookie
Value: "v=2&8a8b6510-3404-43e5-8438-3f87fb598e8f"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjAwMTg3MjA7MjswMjE1OZnYw6q7W6wwc6hPYN7JbEqGjbsnDxnVseSFmKOM8A==
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3329:u=1:x=1:i=1720018720:t=1720105120:v=2:sig=AQEBy2NWku19q3T5fQi8tAAgWjqQ2gWh"

14 Console Messages

Source Level URL
Text
javascript warning URL: https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://1b3rmrwdw.buzz/gun/index.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://1b3rmrwdw.buzz/gun/index.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://1b3rmrwdw.buzz/gun/index.js
Message:
Origin trial controlled feature not enabled: 'join-ad-interest-group'.
javascript warning URL: https://1b3rmrwdw.buzz/gun/index.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tag.clearbitscripts.com/v1/pk_54258638e2140e223e87c6c868ec9a93/tags.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://1b3rmrwdw.buzz/gun/index.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tag.clearbitscripts.com/v1/pk_54258638e2140e223e87c6c868ec9a93/tags.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://x.clearbitjs.com/v1/pk_54258638e2140e223e87c6c868ec9a93/forms.js?page_path=%2FC%3A%2FUsers%2FAdministrator%2FDesktop%2FNEW%2520ERA%2FMAILGUNPAGE%25202023%2Fpage%2Findex.html
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tag.clearbitscripts.com/v1/pk_54258638e2140e223e87c6c868ec9a93/tags.js
Message:
Failed to load resource: the server responded with a status of 403 ()
recommendation warning URL: https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Message:
[DOM] Found 2 elements with non-unique id #testx: (More info: https://goo.gl/9p2vKq) %o %o
javascript error URL: https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Message:
Access to font at 'https://login.mailgun.com/login/static/red-hat-display-v11-latin-700.woff' from origin 'https://845879839594-f5dug2dja7grgedg.z03.azurefd.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://login.mailgun.com/login/static/red-hat-display-v11-latin-700.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Message:
Access to font at 'https://login.mailgun.com/login/static/roboto-v27-latin-regular.woff' from origin 'https://845879839594-f5dug2dja7grgedg.z03.azurefd.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://login.mailgun.com/login/static/roboto-v27-latin-regular.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://845879839594-f5dug2dja7grgedg.z03.azurefd.net/
Message:
Access to font at 'https://login.mailgun.com/login/static/roboto-v27-latin-700.woff' from origin 'https://845879839594-f5dug2dja7grgedg.z03.azurefd.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://login.mailgun.com/login/static/roboto-v27-latin-700.woff
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1b3rmrwdw.buzz
845879839594-f5dug2dja7grgedg.z03.azurefd.net
9849854894989845.alt-xm-38iszmu.workers.dev
analytics.twitter.com
c.6sc.co
cdn.rudderlabs.com
connect.facebook.net
get.sinchemail.com
googleads.g.doubleclick.net
ipv6.6sc.co
j.6sc.co
login.mailgun.com
px.ads.linkedin.com
snap.licdn.com
static.ads-twitter.com
t.co
tag.clearbitscripts.com
td.google.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.redditstatic.com
x.clearbitjs.com
login.mailgun.com
td.google.com
x.clearbitjs.com
104.244.42.3
142.11.212.118
142.250.184.226
146.75.120.157
18.158.205.16
2.17.100.250
2600:9000:2104:1200:7:d7d6:3c40:93a1
2600:9000:275d:9200:16:a497:9700:93a1
2606:4700:3031::6815:39ac
2606:4700::6812:bd4
2620:1ec:21::14
2620:1ec:bdf::45
2a00:1450:4001:828::200e
2a00:1450:4001:830::2008
2a02:26f0:3500:10::210:a9a
2a02:26f0:ab00::214:8e41
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::396
34.160.63.108
93.184.221.165
024e55b57d7d508ee64aaea0fbeaf15f6fe10ba715352173e268e8f21117db78
02fc2779fd1dd7253a69ff0d8f41a4fd9917ee2b7f29f27683a7fc91dc6d7872
123b0f29bf933d18cd24b39576b01ec55619cd1aaf3dcb93d096fdc07c2a7f1b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48546338cefb01967aa79c5b7da6901ec5baadf98919b78f330617248a129875
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d3dab569c7b9e24ba3484873769a6b4a34bd3ab4ef6ff53b1c5a5c60f7d5663
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
789b45eda067d65646ff665c1c2446d75db4c6a2eab5c8dbaaa9162e90691ebd
7ca8cef71e92e35d74ca86930eb32061244889c46631e69e84c74b85f3efa376
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
94c2930b734d6fbe51744402e21501fabf6aa6fb65b79b0f0160094358bd32f0
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b34ec5d4d9a445f64bbc44b30cfaff64ed32a6d24e76230dec4576f40fdafa4d
cb1da2f299572bf2acce785fef2ee323c1c39ae079ff8db5c85b6486dd71e0d4
d8473189af1f9f31bdab9163f36e4e0f546c54ec5e7dbc6ba7342afa23e81902
dd98357d2bb2982eb4e0d6ad52bdd1467161e32990a70c4f0d6a28b2a8095141
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3ad20dc2019b5a48126adceff52b1840eef02e098112fd7cd93650ab1787668
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb9aa7adff5367d798fb52fae4f6e4be347392ee8dd44de799e80715a2513f9d
efed9c588a2cccd58f60a79bc11f9d8918b65a87bca0f871902a32f53998816c
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a