user-staging.itbfx.tech Open in urlscan Pro
2606:4700:3035::6815:5cf6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://user-staging.itbfx.tech/
Submission: On March 02 via automatic, source certstream-suspicious (March 2nd 2024, 1:10:25 pm UTC) — Scanned from CH

Summary HTTP 75 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 12 domains to perform 75 HTTP transactions. The main IP is 2606:4700:3035::6815:5cf6, located in United States and belongs to CLOUDFLARENET, US. The main domain is user-staging.itbfx.tech.
TLS certificate: Issued by GTS CA 1P5 on February 14th 2024. Valid for: 3 months.

This is the only time user-staging.itbfx.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2606:4700:303... 2606:4700:3035::6815:5cf6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
15	2606:4700::68... 2606:4700::6812:1d68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	185.166.104.4 185.166.104.4	202319 (CAFEBAZAAR) (CAFEBAZAAR)
9	45.94.255.25 45.94.255.25	48551 (SINDAD) (SINDAD)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
9	45.94.254.24 45.94.254.24	48551 (SINDAD) (SINDAD)
1	45.94.255.10 45.94.255.10	48551 (SINDAD) (SINDAD)
4	151.106.40.131 151.106.40.131	34088 (GDY-FRANCE) (GDY-FRANCE)
4	185.166.104.3 185.166.104.3	202319 (CAFEBAZAAR) (CAFEBAZAAR)
75	15

20 2606:4700:3035::6815:5cf6 (United States)

ASN13335 (CLOUDFLARENET, US)

user-staging.itbfx.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:1d68 (United States)

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.166.104.4 (Iran, Islamic Republic Of)

ASN202319 (CAFEBAZAAR, IR)

cdn.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
audience.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 45.94.255.25 (Iran, Islamic Republic Of)

ASN48551 (SINDAD, IR)
PTR: host.sindad.cloud

s1.mediaad.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
n1.sanjagh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.mediaad.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 45.94.254.24 (Iran, Islamic Republic Of)

ASN48551 (SINDAD, IR)
PTR: host.sindad.org

ma-cdn.pegah.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.mediaad.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.94.255.10 (Iran, Islamic Republic Of)

ASN48551 (SINDAD, IR)
PTR: host.sindad.cloud

mediacdn.mediaad.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.106.40.131 (Roubaix, France)

ASN34088 (GDY-FRANCE, DE)
PTR: ns31305324.ip-151-106-40.eu

api2.itbfx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.166.104.3 (Iran, Islamic Republic Of)

ASN202319 (CAFEBAZAAR, IR)

ua.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	itbfx.tech user-staging.itbfx.tech	3 MB
16	mediaad.org s1.mediaad.org — Cisco Umbrella Rank: 188192 mediacdn.mediaad.org — Cisco Umbrella Rank: 179030 api.mediaad.org — Cisco Umbrella Rank: 177498	54 KB
15	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 17775 image.crisp.chat — Cisco Umbrella Rank: 61433	255 KB
6	yektanet.com cdn.yektanet.com — Cisco Umbrella Rank: 95008 audience.yektanet.com — Cisco Umbrella Rank: 106559 ua.yektanet.com — Cisco Umbrella Rank: 103811	18 KB
4	itbfx.net api2.itbfx.net	2 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2656 www.google.com — Cisco Umbrella Rank: 2	768 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	274 KB
2	pegah.tech ma-cdn.pegah.tech — Cisco Umbrella Rank: 187607	2 KB
2	google.ch www.google.ch — Cisco Umbrella Rank: 30832	562 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	2 KB
1	sanjagh.com n1.sanjagh.com — Cisco Umbrella Rank: 524573	5 KB
1	gstatic.com fonts.gstatic.com	11 KB
75	12

	Domain	Requested by
20	user-staging.itbfx.tech	user-staging.itbfx.tech
14	api.mediaad.org	user-staging.itbfx.tech
11	client.crisp.chat	user-staging.itbfx.tech client.crisp.chat
4	image.crisp.chat
4	ua.yektanet.com	cdn.yektanet.com ua.yektanet.com
4	api2.itbfx.net	user-staging.itbfx.tech
3	www.googletagmanager.com	user-staging.itbfx.tech www.googletagmanager.com
2	ma-cdn.pegah.tech	user-staging.itbfx.tech
2	www.google.ch	user-staging.itbfx.tech
2	region1.analytics.google.com	www.googletagmanager.com
1	audience.yektanet.com	user-staging.itbfx.tech
1	mediacdn.mediaad.org	s1.mediaad.org
1	www.google.com	user-staging.itbfx.tech
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	n1.sanjagh.com	www.googletagmanager.com
1	s1.mediaad.org	www.googletagmanager.com
1	cdn.yektanet.com	user-staging.itbfx.tech
1	fonts.gstatic.com	user-staging.itbfx.tech
75	19

This site contains links to these domains. Also see Links.

Domain
telegram.me
x.com
www.instagram.com
itbfx.crisp.watch

Subject Issuer	Validity	Valid
itbfx.tech GTS CA 1P5	`2024-02-14` - `2024-05-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
crisp.chat Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
cdn.yektanet.com R3	`2024-02-23` - `2024-05-23`	3 months	crt.sh
*.mediaad.org R3	`2024-01-31` - `2024-04-30`	3 months	crt.sh
*.sanjagh.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.pegah.tech R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh
*.itbfx.com Go Daddy Secure Certificate Authority - G2	`2024-01-06` - `2024-06-01`	5 months	crt.sh
yektanet.com R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://user-staging.itbfx.tech/
Frame ID: 83B0CE8522997B2C6EFD762EAF2F45DF
Requests: 80 HTTP requests in this frame

Frame: https://mediacdn.mediaad.org/static/fingerprint.html
Frame ID: 4B9EC91EC3F5A67EDBE6004AB502565E
Requests: 1 HTTP requests in this frame

Frame: https://ua.yektanet.com/cookie/iframe/
Frame ID: FC0C65A9072674F9ECCE570C0E1C942F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

💬1 - CRM Panel

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

75
Requests

100 %
HTTPS

57 %
IPv6

12
Domains

19
Subdomains

15
IPs

5
Countries

3537 kB
Transfer

7092 kB
Size

14
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.me/ITBFXsupport_bot
Title: Continue on Telegram

Search URL Search Domain Scan URL

URL: https://x.com/itbfx_official
Title: Continue on X (Twitter)

Search URL Search Domain Scan URL

URL: https://www.instagram.com/itbfx.official/
Title: Continue on Instagram

Search URL Search Domain Scan URL

URL: https://itbfx.crisp.watch/
Title: See our status page

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
user-staging.itbfx.tech/ 19 KB
6 KB 289ms
205ms Document
text/html 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user-staging.itbfx.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abde8d750bb8087e0533a0d744020e448be839d90f5a37bb47422a4ec939cb5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85e1a049dcf26ec7-CDG
content-encoding: br
content-type: text/html
date: Sat, 02 Mar 2024 13:10:18 GMT
last-modified: Sat, 02 Mar 2024 13:07:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HV1bSAJcFgeb%2Bm7bcW6drQAP10MP34N6itKl5dBJpOzw3x9%2Fgz%2FHYgsZrrf1vHIJJ67AMeIHJ071q303rJt%2FdLIhnvEiaknFm0hotJ8hlPKozLsMBb3VCceiUpeYVAC8KVOU2%2FdPB01nVrbWp6hboQz6gX6u%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 runtime.4d6d424c0cea23ef.js Show response
user-staging.itbfx.tech/ 4 KB
2 KB 519ms
519ms Script
application/javascript 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user-staging.itbfx.tech/runtime.4d6d424c0cea23ef.js

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a3b9575070a6e0bffe8b07b8d2f8dee5923c1f5e353819c76f5e51d18543bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e324a4-e36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6hejdXE1EF%2FpDTBU0rakwmOaMmR%2BD90AweNohGhfhOC3YymTGdvjQ0OGAPIgtt02UgvTAb2q8OJxWXJLQP5rb46KICSkQIoEcjZruI70lbVoKtB%2BdmUOcj9y101tkITIDF9eGXH%2FFAWDNH89DNPIJvekUXO4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85e1a04b4f586ec7-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 polyfills.53c91feb39aa7373.js Show response
user-staging.itbfx.tech/ 33 KB
13 KB 554ms
553ms Script
application/javascript 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user-staging.itbfx.tech/polyfills.53c91feb39aa7373.js

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa1c0c10c73c22a89cb5c4c381293843c559894cf4b97e5ec1fa1d5573ba0a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e324a4-8466"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0UCCQ%2FIbIc5LPhtcUGka6cWR3tnLJpCeSUGqY7M4841RffbRiiQhjFesG0HcQlrVRMC5XfzFIruWCVp10Zvy8M7%2BmG6TMYVsvWRvsy3z%2F%2FahHukmMWWrhluAa4kbop13%2BZOB9QGYA%2B0Q0vKs2B4PnCmWXlfbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85e1a04b4f5b6ec7-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.f522c59d274e10b1.js Show response
user-staging.itbfx.tech/ 441 KB
138 KB 999ms
999ms Script
application/javascript 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user-staging.itbfx.tech/main.f522c59d274e10b1.js

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

538e9204db8af36ca0a44d8cafcad7dd5fcfc8c998149cb3b3c4c2489e116fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e324a4-6e5ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwGTWR4ULN4UqcN6ZsHojzSvVYwyPziy3pjrT%2FAU4wmDu0VlFFSZvuDfW2Oe1uW4D17b0k070ERALgLycE6fEhJRiGL%2BpzaZLWrVlfSeylebfvXT6hVjFBiV4V51L0nCqzFJcMNQLOiGIagg%2F60X7A0CIh2jTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85e1a04b4f5f6ec7-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 287 KB
96 KB 109ms
50ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MB4S6PK

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7694276feaec758826c0d03b642d9a5002cef53297c26d36f02e3815b547d47d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97947
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Mar 2024 13:10:18 GMT

GET
H2 200 l.js Show response
client.crisp.chat/ 8 KB
3 KB 95ms
41ms Script
application/javascript 2606:4700::6812:1d68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa43b28dadc9e58442fa6bfd41bd54b37fac970984804e6ebf965af341291fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 78999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-205e"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 85e1a04bbe199b3a-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sun, 03 Mar 2024 13:10:18 GMT

GET
H2 200 styles.792792382a72246b.css
user-staging.itbfx.tech/ 645 KB
99 KB 919ms
919ms Stylesheet
text/css 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user-staging.itbfx.tech/styles.792792382a72246b.css

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16d255a26bb61b2a895941cae3e1c54c3253920a9305906271a72a6b479b76e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e324a4-a1435"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZuJSrzhKRuzJl8VCzPn9JXck7OwMEK2D4XkwjfnHBjfMN2ImKxb5RR3u%2BzEfjqVv6n6xyDk%2FnUH4OZdu37JcK1QJfTOD7iTMbE%2BSIacoewKLu7UC%2FL85gInncjaua8tljb7YevUvRoNZwYJb5dUGqF4c3tJ8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85e1a04b6fc66ec7-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 85ms
26ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://user-staging.itbfx.tech/
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:54:57 GMT
x-content-type-options: nosniff
age: 360921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:54:57 GMT

GET
H2 200 client.js Show response
client.crisp.chat/static/javascripts/ 411 KB
102 KB 42ms
42ms Script
application/javascript 2606:4700::6812:1d68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?1e67cfa

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9012b355e5c4d068490ed32b26ea0e1b94aaf2ec19de9d9b80aa4be1030445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 78994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-66b42"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 85e1a04bfe339b3a-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 28 Feb 2034 13:10:18 GMT

GET
H2 200 client_default.css
client.crisp.chat/static/stylesheets/ 356 KB
48 KB 37ms
37ms Stylesheet
text/css 2606:4700::6812:1d68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?1e67cfa

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57d5dde22f6ffc20ca0e4199c61f50041b1f35c7d6d36b5505516188b2ac6d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 78992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Feb 2024 15:12:28 GMT
server: cloudflare
etag: W/"65cf7b5c-58e21"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 85e1a04bfe329b3a-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 28 Feb 2034 13:10:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
95 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MB52TTMM8H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB4S6PK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f34a57a7de80f41af5e4f170600f0eabf772e6bec1ffd196eb70cb9534f06e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96843
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 02 Mar 2024 13:10:18 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 238 KB
83 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11182739120&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB4S6PK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9db5e3af59e77abe0c10c8b7dbfabf52cc601c7c96589515f2f8d6ad3c6e20fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84622
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Mar 2024 13:10:18 GMT

GET
H2 200 rg.complete.js Show response
cdn.yektanet.com/rg_woebegone/scripts_v3/uPU4RaQH/ 42 KB
14 KB 2176ms
1172ms Script
application/javascript 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yektanet.com/rg_woebegone/scripts_v3/uPU4RaQH/rg.complete.js?v=20240202014

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

864ec7e4d182f042e6a2b19e23e339030ac79630b0158c9a55b966a653ee13a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:20 GMT
strict-transport-security: max-age=31536000
x-zrk-cs: HIT
last-modified: Wed, 21 Feb 2024 08:09:24 GMT
server: Delivery
x-amz-request-id: tx00000bfd2d359551ab652-0065e323da-8439d32-default
etag: W/"b74fab131f30c6a994bbc0d886e9fd20"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
content-encoding: br
x-rgw-object-type: Normal
cache-control: public, max-age=3600
x-zrk-us: 200
x-zrk-sn: 2001

GET
H2 200 retargeting.js Show response
s1.mediaad.org/serve/73058/ 139 KB
48 KB 359ms
120ms Script
application/javascript 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.mediaad.org/serve/73058/retargeting.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB4S6PK

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

fd9e5d30d94e0addee2fd8e58244705a6a360c65267c56192143ed9587a8f868

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:18 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 29 Jan 2024 12:12:03 GMT
etag: W/"65b79613-22ac1"
x-cache-status: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
expires: Sun, 03 Mar 2024 13:10:18 GMT

GET
H2 200 retargeting.js Show response
n1.sanjagh.com/serve/62211/ 11 KB
5 KB 344ms
106ms Script
application/javascript 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://n1.sanjagh.com/serve/62211/retargeting.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB4S6PK

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

9f6b53482900bb469250df47fd1743d7f5f680bcdb0ead9e330e4a0c77b5ad09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-requested-with
cache-control: max-age=300, max-age=300
access-control-allow-credentials: false
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token

GET
H3 200 / Show response
client.crisp.chat/settings/website/af65204a-6916-4d3a-a9c2-50cc1ca5e7fe/prelude/ 214 B
541 B 95ms
95ms Script
application/javascript 2606:4700::6812:1d68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/af65204a-6916-4d3a-a9c2-50cc1ca5e7fe/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2024-2-2-14-10

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?1e67cfa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

567219e6cbc9240772bfe6bbc6ed22b637e1538d733b75fcbb94a8b083c55bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 02 Mar 2024 13:10:18 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 85e1a04c9cce9b70-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sat, 02 Mar 2024 17:10:18 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
259 B 103ms
42ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MB52TTMM8H&gtm=45je42t1v9100819374z89100424412za220&_p=1709385018124&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1942920072.1709385018&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709385018&sct=1&seg=0&dl=https%3A%2F%2Fuser-staging.itbfx.tech%2F&dt=CRM%20Panel&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=626
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MB52TTMM8H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 13:10:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user-staging.itbfx.tech
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 110ms
36ms Ping
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MB52TTMM8H&cid=1942920072.1709385018&gtm=45je42t1v9100819374z89100424412za220&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MB52TTMM8H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 13:10:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user-staging.itbfx.tech
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
408 B 158ms
62ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MB52TTMM8H&cid=1942920072.1709385018&gtm=45je42t1v9100819374z89100424412za220&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=1905950514

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 13:10:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11182739120/ 3 KB
2 KB 159ms
76ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11182739120/?random=1709385018434&cv=11&fst=1709385018434&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9138069264z89100424412za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuser-staging.itbfx.tech%2F&hn=www.googleadservices.com&frm=0&tiba=CRM%20Panel&npa=0&pscdl=noapi&auid=488164064.1709385018&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11182739120&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3359ee81776d2bda8697580d6157e238d3cc71e67561f107e1089a39a12af7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 13:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1268
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11182739120/ 42 B
455 B 98ms
38ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11182739120/?random=1709385018434&cv=11&fst=1709384400000&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9138069264z89100424412za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuser-staging.itbfx.tech%2F&frm=0&tiba=CRM%20Panel&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqPTqoBVD_EanymEZi_IpjLXw2uk8krw&random=3230293322&rmt_tld=0&ipr=y

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 13:10:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ch/pagead/1p-user-list/11182739120/ 42 B
154 B 51ms
50ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/11182739120/?random=1709385018434&cv=11&fst=1709384400000&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9138069264z89100424412za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuser-staging.itbfx.tech%2F&frm=0&tiba=CRM%20Panel&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqPTqoBVD_EanymEZi_IpjLXw2uk8krw&random=3230293322&rmt_tld=1&ipr=y

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 13:10:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
client.crisp.chat/settings/website/af65204a-6916-4d3a-a9c2-50cc1ca5e7fe/ 5 KB
2 KB 40ms
40ms Script
application/javascript 2606:4700::6812:1d68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/af65204a-6916-4d3a-a9c2-50cc1ca5e7fe/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1707760940209

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?1e67cfa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9088d89e1f4fe4dfe0628cb7650e4bb2349bb6c0dc8b155301957ab2d4ef2a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 6691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 02 Mar 2024 11:18:47 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 85e1a04f3f6c9b70-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sat, 02 Mar 2024 17:10:18 GMT

GET
H3 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 7 KB
3 KB 30ms
30ms Script
application/javascript 2606:4700::6812:1d68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?1e67cfa

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?1e67cfa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fe4600768297169030035ba2ed2079c7bc321d962722062fefbae459bdc9ab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 78959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 12:01:16 GMT
server: cloudflare
etag: W/"64d22e8c-1c36"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 85e1a04f7f969b70-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 28 Feb 2034 13:10:18 GMT

GET
DATA 200
OK truncated
/ 881 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 advertiser.json Show response
ma-cdn.pegah.tech/v1/retargeting/73058/ 3 KB
1 KB 327ms
108ms XHR
application/json 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://ma-cdn.pegah.tech/v1/retargeting/73058/advertiser.json

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/polyfills.53c91feb39aa7373.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

2205e25f74b05b5fead883b7374f96690d87e2d330dc6288c4dadbe7bf7afe1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: x-requested-with
cache-control: max-age=300
access-control-allow-credentials: false
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token

GET
H2 200 advertiser.json Show response
ma-cdn.pegah.tech/v1/retargeting/62211/ 3 KB
1 KB 326ms
107ms XHR
application/json 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://ma-cdn.pegah.tech/v1/retargeting/62211/advertiser.json

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/polyfills.53c91feb39aa7373.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

1b4f406c4d5e0701a041b9347608e086161452f25ed77cee2a6e3a1befe7c8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: x-requested-with
cache-control: max-age=300
access-control-allow-credentials: false
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token

GET
H3 200 en.json Show response
user-staging.itbfx.tech/assets/i18n/ 39 KB
11 KB 526ms
526ms XHR
application/json 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user-staging.itbfx.tech/assets/i18n/en.json

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/polyfills.53c91feb39aa7373.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9dd4d6f89086089e68e232631e52806a202defa097fc1e3b2e8557008a82ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://user-staging.itbfx.tech/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

date: Sat, 02 Mar 2024 13:10:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e324a4-9db1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CROL1%2F4LHDs77teyYTWSRFb4pb%2F4bubAFwSxXLF%2Fprv%2FSRpaKU4kQqw1j8IQszL0pokoMbMnAqNgPZ71o%2BapXqkdBfkgboiroip4lvhxoPmSS06iwZ%2BUht0UPwwbdrbBOHdjBXlOmhzc9cEja%2F88VW7HDaXwBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 85e1a051ea696fd2-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 956.fdeb21effb905d35.js Show response
user-staging.itbfx.tech/ 639 KB
142 KB 1002ms
1001ms Script
application/javascript 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user-staging.itbfx.tech/956.fdeb21effb905d35.js

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/runtime.4d6d424c0cea23ef.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67c017ba9e51013fd77368d54073a4fbbeb82ccc7d95539a6ce51c80d5504ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e324a4-9fd51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1qij6yglCKxum%2F1vyByhmoZJMQ%2B5RsD1xcOCj5kOmoEwmV6c%2FoDr6FZDk6O2IZEwbNkV5M05o4VTCp3Bh1fpagOuRsLuk%2FlGHeyhbgSJ8PtrFPUozrhCXkM4reuSbCt0FWPjd90uVLzojIr7qf%2BmXM6RrgZcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85e1a051fa7e6fd2-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 common.d0b98f15b3991dae.js Show response
user-staging.itbfx.tech/ 2 KB
1 KB 560ms
560ms Script
application/javascript 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user-staging.itbfx.tech/common.d0b98f15b3991dae.js

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/runtime.4d6d424c0cea23ef.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c480bb47bd471bad3de136447a76a6aa7398be45feb1e1d4159925e2cb68ec75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e324a4-68b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pjb5EVOYXqy%2FROyvUXDX47rnbruOdhkPt2Pf%2B61kGYduh3E323l%2F8tRwjZAVrc0rjxwuegKItuyqU4R6RYzeEh0tM0HKYojOD1SW4cgKVom6Pavf1qiigS4o2rfpswKbbhHD8QbRN1t831I9bwTS%2FN3hWSKVqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85e1a051fa816fd2-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 395.9716cc9d019458f0.js Show response
user-staging.itbfx.tech/ 99 KB
18 KB 661ms
661ms Script
application/javascript 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user-staging.itbfx.tech/395.9716cc9d019458f0.js

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/runtime.4d6d424c0cea23ef.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cfe7112de7343864435a0b599922aaba5456fb75f6d1942bd67df2eb67fb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e324a4-18c70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuNazD7egpvCaawn8AyP7A52oWAGj92RrVFDmuw4nQnF4xjsjB0HLEiiVQXQrupLBocW8OixEIRiBnSE6Er03TiyccelSVRP59utj9Wt0p0N30N04lIjgfVhMCyjmRlXXnVV41G8Jh3TSz7ujT3lPMbD2iiNMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85e1a051fa826fd2-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 fingerprint.html Show response
mediacdn.mediaad.org/static/ Frame 4B9E 4 KB
2 KB 340ms
110ms Document
text/html 45.94.255.10
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://mediacdn.mediaad.org/static/fingerprint.html

Requested by

Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/73058/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.10 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

0461ea13631a27215fb77c57508c5256acbf71cc30c6927130cfe7a9f982b9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: *
access-control-expose-headers: x-requested-with
cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 02 Mar 2024 13:10:19 GMT
expires: Sun, 03 Mar 2024 13:10:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache-status: HIT

OPTIONS
H2 200 tag
api.mediaad.org/v1/events/ Frame 0
0 345ms
110ms Preflight 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v1/events/tag?fid=c178b38f-3276-43f8-ad23-5974d7f6c2f0&c=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://user-staging.itbfx.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://user-staging.itbfx.tech
access-control-expose-headers: x-requested-with
content-length: 0
date: Sat, 02 Mar 2024 13:10:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains

OPTIONS
H2 200 loaded
api.mediaad.org/v2/events/page/ Frame 0
0 344ms
110ms Preflight 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://user-staging.itbfx.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://user-staging.itbfx.tech
access-control-expose-headers: x-requested-with
content-length: 0
date: Sat, 02 Mar 2024 13:10:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains

OPTIONS
H2 200 tag
api.mediaad.org/v1/events/ Frame 0
0 345ms
111ms Preflight 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v1/events/tag?fid=c178b38f-3276-43f8-ad23-5974d7f6c2f0&c=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://user-staging.itbfx.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://user-staging.itbfx.tech
access-control-expose-headers: x-requested-with
content-length: 0
date: Sat, 02 Mar 2024 13:10:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 tag Show response
api.mediaad.org/v1/events/ 0
483 B 115ms
114ms XHR
text/plain 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v1/events/tag?fid=c178b38f-3276-43f8-ad23-5974d7f6c2f0&c=false

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/polyfills.53c91feb39aa7373.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 02 Mar 2024 13:10:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://user-staging.itbfx.tech
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 0

POST
H2 200 loaded Show response
api.mediaad.org/v2/events/page/ 88 B
610 B 117ms
116ms XHR
text/plain 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/polyfills.53c91feb39aa7373.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

c9f535af30005b79eda71d54ece783a2a2b5df6ca0fee0927345b3886364bd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 02 Mar 2024 13:10:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://user-staging.itbfx.tech
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 88

POST
H2 200 tag Show response
api.mediaad.org/v1/events/ 0
483 B 115ms
115ms XHR
text/plain 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v1/events/tag?fid=c178b38f-3276-43f8-ad23-5974d7f6c2f0&c=false

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/polyfills.53c91feb39aa7373.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 02 Mar 2024 13:10:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://user-staging.itbfx.tech
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 0

POST
H2 200 loaded Show response
api.mediaad.org/v2/events/page/ 0
503 B 116ms
116ms XHR
text/plain 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/polyfills.53c91feb39aa7373.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 02 Mar 2024 13:10:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://user-staging.itbfx.tech
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 0

OPTIONS
H2 200 loaded
api.mediaad.org/v2/events/page/ Frame 0
0 345ms
111ms Preflight 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://user-staging.itbfx.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://user-staging.itbfx.tech
access-control-expose-headers: x-requested-with
content-length: 0
date: Sat, 02 Mar 2024 13:10:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 content Show response
api.mediaad.org/v2/events/page/ 0
483 B 108ms
108ms XHR
text/plain 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/content?t=AX8UubMZY-3Gvm7XxsWL6G18_wuX_tJJscVFmtMJhT0RZfsYRzKgdJyv4eRR996V9Gy8dOdGqDxfwZ-LHGJuwok=&l=https%3A%2F%2Fuser-staging.itbfx.tech%2F&fid=c178b38f-3276-43f8-ad23-5974d7f6c2f0

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/polyfills.53c91feb39aa7373.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Content-Encoding: gzip
Referer: https://user-staging.itbfx.tech/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/octet-stream

Response headers

date: Sat, 02 Mar 2024 13:10:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://user-staging.itbfx.tech
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 0

OPTIONS
H2 200 content
api.mediaad.org/v2/events/page/ Frame 0
0 103ms
103ms Preflight 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type
Access-Control-Request-Method: POST
Origin: https://user-staging.itbfx.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://user-staging.itbfx.tech
access-control-expose-headers: x-requested-with
content-length: 0
date: Sat, 02 Mar 2024 13:10:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains

OPTIONS
H2 204 GetAll
api2.itbfx.net/Languages/ Frame 0
0 136ms
53ms Preflight 151.106.40.131
GDY-FRANCE

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.itbfx.net/Languages/GetAll
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.106.40.131 Roubaix, France, ASN34088 (GDY-FRANCE, DE),
Reverse DNS: ns31305324.ip-151-106-40.eu
Software: Microsoft-IIS/10.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,expires,pragma
Access-Control-Request-Method: GET
Origin: https://user-staging.itbfx.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: cache-control,expires,pragma
access-control-allow-methods: GET
access-control-allow-origin: *
date: Sat, 02 Mar 2024 13:10:20 GMT
server: Microsoft-IIS/10.0

OPTIONS
H2 204 en-Us
api2.itbfx.net/Languages/GetByShortName/ Frame 0
0 131ms
53ms Preflight 151.106.40.131
GDY-FRANCE

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.itbfx.net/Languages/GetByShortName/en-Us
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.106.40.131 Roubaix, France, ASN34088 (GDY-FRANCE, DE),
Reverse DNS: ns31305324.ip-151-106-40.eu
Software: Microsoft-IIS/10.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,expires,pragma
Access-Control-Request-Method: GET
Origin: https://user-staging.itbfx.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: cache-control,expires,pragma
access-control-allow-methods: GET
access-control-allow-origin: *
date: Sat, 02 Mar 2024 13:10:20 GMT
server: Microsoft-IIS/10.0

GET
H3 200 67.d27766ef5582f25a.js Show response
user-staging.itbfx.tech/ 490 KB
96 KB 971ms
971ms Script
application/javascript 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user-staging.itbfx.tech/67.d27766ef5582f25a.js

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/runtime.4d6d424c0cea23ef.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dccdfd7974742e9b8eff1735791a8fb81f75e330eb0b777cef8a33b57310a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/auth/login
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e324a4-7a77b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H21LZHqsLhcRYyXDd4CI%2Fd9pkUlJtw9bj4wN%2B4P7M3wwvedVeyW39lhtICXGuY3KJfPlii8aROxe%2BZ7Xl7Oi3IEHojvlVDXFy0QgslVPoiI6W8R%2B3fQye1XoGd1nlB3kH0dVf4QQDRwd7ZeHNxMAwZiXhvembg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85e1a058cc216fd2-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 GetAll Show response
api2.itbfx.net/Languages/ 2 KB
2 KB 297ms
297ms XHR
application/json 151.106.40.131
GDY-FRANCE

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.itbfx.net/Languages/GetAll
Requested by: Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/polyfills.53c91feb39aa7373.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.106.40.131 Roubaix, France, ASN34088 (GDY-FRANCE, DE),
Reverse DNS: ns31305324.ip-151-106-40.eu
Software: Microsoft-IIS/10.0 /
Resource Hash: bcd3a13b1a82996c1792173e71784ccb7f40e2106362ec752bf27ec3f99e201d

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://user-staging.itbfx.tech/
Accept-Language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

access-control-allow-origin: *
date: Sat, 02 Mar 2024 13:10:20 GMT
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8

GET
H2 200 en-Us Show response
api2.itbfx.net/Languages/GetByShortName/ 497 B
553 B 299ms
298ms XHR
application/json 151.106.40.131
GDY-FRANCE

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.itbfx.net/Languages/GetByShortName/en-Us
Requested by: Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/polyfills.53c91feb39aa7373.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.106.40.131 Roubaix, France, ASN34088 (GDY-FRANCE, DE),
Reverse DNS: ns31305324.ip-151-106-40.eu
Software: Microsoft-IIS/10.0 /
Resource Hash: 8c3bcd6f082c2faa85d80636dcf4671f0eb75518b2d0ad3455d93f7aa1fc99d8

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://user-staging.itbfx.tech/
Accept-Language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

access-control-allow-origin: *
date: Sat, 02 Mar 2024 13:10:20 GMT
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8

GET
H3 200 Itb-Icon.png
user-staging.itbfx.tech/assets/images/ 5 KB
5 KB 520ms
519ms Image
image/png 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user-staging.itbfx.tech/assets/images/Itb-Icon.png

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/auth/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caad75d4b3e62a62917080a0bc21a64dba4ef792f9ad5536e658aab171a22164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65e324a4-1303"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ET10B6pJMgpRJS11HUOvtkBbi0IGtcjveZgif9E56K%2BU%2FiBcAxc%2F7z%2BifJJ1nM12xLjcVt%2BBygbRMtMPt2S4CybvdsarwajSkY8b%2FPRu782l7v680mHhKiyD0oZe%2FW7FFWxPUtmEh3%2BWqQbY9fMGOMMF3obPjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85e1a058dc356fd2-CDG
alt-svc: h3=":443"; ma=86400
content-length: 4867

GET
H3 200 login-bg.png
user-staging.itbfx.tech/assets/images/ 317 KB
318 KB 862ms
862ms Image
image/png 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user-staging.itbfx.tech/assets/images/login-bg.png

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/auth/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

711456ca997d77edaaa63604557ab7bfd99bd683f03cb749339afb1012f7a614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65e324a4-4f479"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3AMknakL53J%2BNmdGzYrKF%2BlWL5adE8tbhnp6Qf%2BhD9byVt08aaDIuPg60DmsIeTkTv724bMNm6rRQn%2FA0lgN%2FPx8PaqTM0DI7fmQFb%2FzRi0sBdR4riJKKQ3%2B5L%2BpPb03MKPCCtKAcJVxpgqJYnr6zZDGjlZfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85e1a058dc376fd2-CDG
alt-svc: h3=":443"; ma=86400
content-length: 324729

GET
H3 200 login-bg-mobile.png
user-staging.itbfx.tech/assets/images/ 110 KB
111 KB 932ms
932ms Image
image/png 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user-staging.itbfx.tech/assets/images/login-bg-mobile.png

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/auth/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f83f97c18d7ff23f57960396f3fed1fe993b7c413d058af8a6538fa877f8250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65e324a4-1b9a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQYueyoOF2ikZjxmXJvzRweZjLI7hSIwZFwl5hCzuJDZIik2KqqnKDPiPNt%2BQKaRVrMR6sU3ZVM8r%2FQ%2BPWxncGJnkxKpbi86WGpEwtuDVSM%2F6isEuU%2FBa9E%2FNybgqF3edLIUMMHiyrEeuX7CX5xXpdyUQWSLXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85e1a058dc396fd2-CDG
alt-svc: h3=":443"; ma=86400
content-length: 113057

GET
H3 200 login-mobile.png
user-staging.itbfx.tech/assets/images/ 1 KB
2 KB 524ms
523ms Image
image/png 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user-staging.itbfx.tech/assets/images/login-mobile.png

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/auth/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c9bbe9fd62a35b79d8111a29572b5c9f0d3d16eb2d872e04d68113218e65d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65e324a4-542"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKteK2%2FKYfAJrUjB3RE7CsfqA%2FI35L22R1Mmh0maC0kAaPppZW9qzr4Nn56ifkTyUKqRRZt7Vn3vDMbW6LjV9x871lMgxu7JjVkdmth6wiqbAxqdl%2BuN19OHksE5S%2FaEj2vQxBynVtzF3iS12cE9gdwKF%2FFiZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85e1a058dc3a6fd2-CDG
alt-svc: h3=":443"; ma=86400
content-length: 1346

GET
H3 200 Montserrat-Bold.ttf
user-staging.itbfx.tech/assets/fonts/Montserrat/ 193 KB
194 KB 906ms
905ms Font
application/octet-stream 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user-staging.itbfx.tech/assets/fonts/Montserrat/Montserrat-Bold.ttf

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/styles.792792382a72246b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

189aeb285be99f0b58e454dd2dc3cbf34a6db844a9ef26ebc5909178ff77c5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/styles.792792382a72246b.css
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65e324a4-305b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jC3enyJUzWse1F%2BW0XXz6wh4M08QTWouNkqbe0S0MwW3Y81rrkMhtdJprlX4GJ9AubZxg7DKu9vsuREiL4%2F%2FrL6Q8XMpPyztnH0zsOm5VpjNQSYlP2PS%2FwKM%2B%2FDjg8JUEpgTP7n2ETQh4AyoQxq%2FBHbA0yWxLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85e1a058dc3c6fd2-CDG
alt-svc: h3=":443"; ma=86400
content-length: 198072

GET
H3 200 Montserrat-SemiBold.ttf
user-staging.itbfx.tech/assets/fonts/Montserrat/ 194 KB
194 KB 900ms
900ms Font
application/octet-stream 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user-staging.itbfx.tech/assets/fonts/Montserrat/Montserrat-SemiBold.ttf

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/styles.792792382a72246b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1418bd4d74c35bfa473d404b8b94b3e83784efa32ed9875a28a2e83449d02942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/styles.792792382a72246b.css
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65e324a4-3063c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJgFDTiKW15azI0kVLhcjhPsAFMNvonsinKroKSdvMeiaAMe4yiv8Y%2FVrs11jb%2BXZ0WBIyje8gbJyu76tRyckrpFlT37E01nT%2BSkxhA54h%2FeOf91gFPicoJG3iTThqcm7YPDovQy0WeapK3ymPt94nrkrH81hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85e1a058dc3f6fd2-CDG
alt-svc: h3=":443"; ma=86400
content-length: 198204

GET
H3 200 Montserrat-Regular.ttf
user-staging.itbfx.tech/assets/fonts/Montserrat/ 193 KB
194 KB 427ms
426ms Font
application/octet-stream 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user-staging.itbfx.tech/assets/fonts/Montserrat/Montserrat-Regular.ttf

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/styles.792792382a72246b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcfe8df29e553fbd655212f94300cb1e704c6cd147fa7a98cb4bcd9eb92c6707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/styles.792792382a72246b.css
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65e324a4-30558"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aevzHMwidLTb%2BeBlGUD3B9W1EhIwB6PeRWIoEePXjjjcMwaN6EONIG6bSYWt80KeyjC9l8H2oybOISlokvDvZ4RqU9b%2FBX0MNpPA7AE%2ButltLqGvOPaWej5auGfcIuHabhrz7wJ9sFdKjXH8SyzM4YsvgDQ2Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85e1a058dc416fd2-CDG
alt-svc: h3=":443"; ma=86400
content-length: 197976

GET
H3 200 Montserrat-Black.ttf
user-staging.itbfx.tech/assets/fonts/Montserrat/ 193 KB
194 KB 907ms
906ms Font
application/octet-stream 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user-staging.itbfx.tech/assets/fonts/Montserrat/Montserrat-Black.ttf

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/styles.792792382a72246b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d0664ef22c8dbedb44861879d1f6d53d53b1d0e37f4e8e4bcfc62fc0285005d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/styles.792792382a72246b.css
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65e324a4-30500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzbMqr5NqqNCXu1zQxSuLXx%2F2Jflzs%2F%2B5QFoM2JX%2Fa4rW3RhptU87mShPYnkEIuElrbFMP0kGHeYPd%2BZGsy2a7eyQ3cmKRQwEatw5xtyKw46cPreOKL7vAlTxtii1hnJ2ozwk2LcEbYXoUn6JJGul7kVXKG4AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85e1a058dc446fd2-CDG
alt-svc: h3=":443"; ma=86400
content-length: 197888

GET
H3 200 Montserrat-ExtraBold.ttf
user-staging.itbfx.tech/assets/fonts/Montserrat/ 194 KB
194 KB 863ms
863ms Font
application/octet-stream 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user-staging.itbfx.tech/assets/fonts/Montserrat/Montserrat-ExtraBold.ttf

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/styles.792792382a72246b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6366ef8e2e95e086c8e4b06ed52cfe599271b59373f7f3712d0de8da5d92ff64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/styles.792792382a72246b.css
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65e324a4-30604"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQyha9VrAT1VVlMfNyfJ1kGbCODr4ljLrwpuTHWqCvnifYoqGa4h0HlRgt6TJxUhGVQyi2iwLvndCWOXEc4u9LiGTXpiTjFBNonFRCFg21fzsF%2Bfi7pmrTaHxnGeCz9tWII2w6u24SzOMEGGj2PHmWQmCeM%2Fyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85e1a058dc466fd2-CDG
alt-svc: h3=":443"; ma=86400
content-length: 198148

GET
H2 200 / Show response
audience.yektanet.com/api/v1/scripts/preview/validate/ 5 B
416 B 1473ms
714ms XHR
application/json 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=kg9Ff3FP

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/polyfills.53c91feb39aa7373.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:21 GMT
strict-transport-security: max-age=0
x-zrk-cs: BYPASS
x-zrk-us: 200
x-zrk-sn: 2001
content-length: 5
pragma: no-cache
server: Delivery
allow: GET, OPTIONS
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://user-staging.itbfx.tech
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes, bytes
access-control-allow-headers: Authorization
expires: 0

GET
H2 200 / Show response
ua.yektanet.com/cookie/iframe/ Frame FC0C 3 KB
1 KB 267ms
122ms Document
text/html 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/cookie/iframe/

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/uPU4RaQH/rg.complete.js?v=20240202014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ec23baab8cd3483c4877e0e191853c7566fef52363c7abf347286f63a93b9c99

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://user-staging.itbfx.tech/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: br
content-type: text/html
date: Sat, 02 Mar 2024 13:10:20 GMT
expires: 0
last-modified: Saturday, 02-Mar-2024 13:10:20 GMT
pragma: no-cache
server: Delivery
strict-transport-security: max-age=0
vary: Accept-Encoding
x-zrk-cs: BYPASS
x-zrk-sn: 6001
x-zrk-us: 200

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
658 B 530ms
385ms Ping
image/gif 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=d1973427-2fca-4389-b636-02e02be27c1b&abj=0&aed=adv&abh=78078&sv=3&st=rg.complete.js&ac=https%3A%2F%2Fuser-staging.itbfx.tech%2Fauth%2Flogin&ae=%7B%7D&ad=user-staging.itbfx.tech&as=CRM%20Panel&aef=kg9Ff3FP&aec=205089&ai=84f7c873-efc6-696b-dca9-b86ec8374948&abw=1600&abb=1200&aby=1600&abz=1200&al=1600&am=1200&abk=

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/uPU4RaQH/rg.complete.js?v=20240202014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 13:10:21 GMT
strict-transport-security: max-age=0
last-modified: Saturday, 02-Mar-2024 13:10:20 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 6001
content-length: 42
expires: 0

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
658 B 267ms
123ms Ping
image/gif 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=269e8891-a039-4746-9454-262fd6a87da1&abj=1&aed=pub&abh=78078&sv=3&st=rg.complete.js&psc=2184&psi=529&ac=https%3A%2F%2Fuser-staging.itbfx.tech%2Fauth%2Flogin&ae=%7B%7D&ad=user-staging.itbfx.tech&as=CRM%20Panel&aef=kg9Ff3FP&aec=205089&ai=84f7c873-efc6-696b-dca9-b86ec8374948&abw=1600&abb=1200&aby=1600&abz=1200&al=1600&am=1200&abk=

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/uPU4RaQH/rg.complete.js?v=20240202014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 13:10:20 GMT
strict-transport-security: max-age=0
last-modified: Saturday, 02-Mar-2024 13:10:20 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 6001
content-length: 42
expires: 0

GET
H2 200 set Show response
ua.yektanet.com/cookie/ Frame FC0C 78 B
754 B 128ms
128ms XHR
application/json 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/cookie/set

Requested by

Host: ua.yektanet.com
URL: https://ua.yektanet.com/cookie/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

344be797dbd39ed52f00251a5098e7456d4cdcfe1c557575544576e07b640303

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ua.yektanet.com/cookie/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 13:10:20 GMT
strict-transport-security: max-age=0
x-zrk-cs: BYPASS
last-modified: Saturday, 02-Mar-2024 13:10:20 GMT
server: Delivery
content-encoding: br
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
x-zrk-us: 200
x-zrk-sn: 6001
expires: 0

GET
H3 200 606.e7084ec79db173d9.js Show response
user-staging.itbfx.tech/ 1 MB
980 KB 907ms
907ms Script
application/javascript 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user-staging.itbfx.tech/606.e7084ec79db173d9.js

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/runtime.4d6d424c0cea23ef.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4e542bb3ec2518ff6c5585f168e85cbd33d06d9ac6e44e9b8bf64694c3141fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/auth/login
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 02 Mar 2024 13:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e324a4-153ee3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FusSAlaM8k7nnkeDoaO%2B6xHC6lx9So0fB0r%2Fm%2FcFnF4BNlIgzgNWdTncjZo1hwQbt3ej2Sx8PXxYF%2FTFTjJHA31jFyC6uOn3FBcGbp0%2FRnE7IghR7fa6%2BXgrSIiNu9kXmOeQerP7nWFP3tjNOpYSfLI5z3ZeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85e1a05f0cb46fd2-CDG
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 43ms
42ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MB52TTMM8H&gtm=45je42t1v9100819374za220&_p=1709385018124&gcd=13l3l3l3l1&npa=0&dma=0&cid=1942920072.1709385018&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&sid=1709385018&sct=1&seg=0&dl=https%3A%2F%2Fuser-staging.itbfx.tech%2F&dt=CRM%20Panel&_s=2&tfd=4933
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MB52TTMM8H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user-staging.itbfx.tech/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 13:10:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user-staging.itbfx.tech
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 loaded
api.mediaad.org/v2/events/page/ Frame 0
0 104ms
104ms Preflight 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://user-staging.itbfx.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://user-staging.itbfx.tech
access-control-expose-headers: x-requested-with
content-length: 0
date: Sat, 02 Mar 2024 13:10:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains

OPTIONS
H2 200 loaded
api.mediaad.org/v2/events/page/ Frame 0
0 105ms
105ms Preflight 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://user-staging.itbfx.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://user-staging.itbfx.tech
access-control-expose-headers: x-requested-with
content-length: 0
date: Sat, 02 Mar 2024 13:10:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 loaded Show response
api.mediaad.org/v2/events/page/ 0
503 B 115ms
114ms XHR
text/plain 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/polyfills.53c91feb39aa7373.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 02 Mar 2024 13:10:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://user-staging.itbfx.tech
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 0

POST
H2 200 loaded Show response
api.mediaad.org/v2/events/page/ 0
503 B 115ms
115ms XHR
text/plain 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/polyfills.53c91feb39aa7373.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://user-staging.itbfx.tech/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 02 Mar 2024 13:10:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://user-staging.itbfx.tech
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 0

GET
DATA 200
OK truncated
/ 613 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dabd2a598ecc313b7b3b6f43b443acf5e2296b3636f9610ae44741bcc8654d15

Request headers

Referer
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 484 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91b0f32cbaf8d4e4d80471e8942b459747916a90d8c6b8b96eea94b82b692b83

Request headers

Referer
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 527 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2ef452bfb03b4892e6c4e2c601089a3088576846699f08762848ca864adc462

Request headers

Referer
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 192 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e60d56cfa3395f0630e29f10caf14826fe48952e522b6ce35845a9ac6d08e079

Request headers

Referer
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 315 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc37c6f95745ebc483b109cb2e7d5eaa5d932d6c507df7152bfe93d5ae960922

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 337 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7969b9bb56b8d0cf05637f812b5db52c610d9fa294fb5bec109dd65fcffb7827

Request headers

Referer
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ae9e64dac8e5f8aa1cba71fefe1eb2e2e54b84f0d4c0138467fb88692067575

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 354 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8aeaadac98575ca72a2cede272c55386a1671599e826edc32011364c483f1882

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 508 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcd9225b9818c4ab0636f4a8808f056873283f6b4e3fed7b4b0b9a3589cdec83

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 764 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5b32767b893aa35bec23319a725e6db8729383514c336925351ee4430b73eb0

Request headers

Referer
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 noto_sans_bold.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 10 KB
10 KB 116ms
91ms Font
application/font-woff2 2606:4700::6812:1d68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_bold.woff2?1e67cfa

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/stylesheets/client_default.css?1e67cfa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.crisp.chat/static/stylesheets/client_default.css?1e67cfa
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10252
last-modified: Tue, 08 Aug 2023 12:01:16 GMT
server: cloudflare
etag: "64d22e8c-280c"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 85e1a06f2b693637-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 28 Feb 2034 13:10:23 GMT

GET
H3 200 noto_sans_regular.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 10 KB
10 KB 115ms
90ms Font
application/font-woff2 2606:4700::6812:1d68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_regular.woff2?1e67cfa

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/stylesheets/client_default.css?1e67cfa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.crisp.chat/static/stylesheets/client_default.css?1e67cfa
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10340
last-modified: Tue, 08 Aug 2023 12:01:16 GMT
server: cloudflare
etag: "64d22e8c-2864"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 85e1a06f2b663637-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 28 Feb 2034 13:10:23 GMT

GET
H3 200 noto_sans_regular.woff2
client.crisp.chat/static/fonts/noto_sans/2000-206F/ 7 KB
7 KB 109ms
89ms Font
application/font-woff2 2606:4700::6812:1d68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/2000-206F/noto_sans_regular.woff2?1e67cfa

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/stylesheets/client_default.css?1e67cfa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc5b29b8d5bac56012c2a0707dfef2d4fc945ffe72e7e1a2c58e5de080e11848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.crisp.chat/static/stylesheets/client_default.css?1e67cfa
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7012
last-modified: Tue, 08 Aug 2023 12:01:16 GMT
server: cloudflare
etag: "64d22e8c-1b64"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 85e1a06f2b653637-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 28 Feb 2034 13:10:23 GMT

GET
H3 200 chat-message-receive.oga Show response
client.crisp.chat/static/sounds/events/ 11 KB
11 KB 72ms
67ms XHR
audio/ogg 2606:4700::6812:1d68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/sounds/events/chat-message-receive.oga?1e67cfa

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/polyfills.53c91feb39aa7373.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

158e6f55c804592292dff060cfeb8d04d4c3c4982e42ce22d970ade99ace47c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11014
last-modified: Tue, 08 Aug 2023 12:01:16 GMT
server: cloudflare
etag: "64d22e8c-2b06"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: audio/ogg
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 85e1a06f2b683637-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 28 Feb 2034 13:10:23 GMT

GET
H3 200 chat-message-action.oga Show response
client.crisp.chat/static/sounds/events/ 4 KB
5 KB 92ms
88ms XHR
audio/ogg 2606:4700::6812:1d68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/sounds/events/chat-message-action.oga?1e67cfa

Requested by

Host: user-staging.itbfx.tech
URL: https://user-staging.itbfx.tech/polyfills.53c91feb39aa7373.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8022aa161cb6a8060e3d1582e184a1315a51f5de5f39b4641e4bf1a691ba745b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4290
last-modified: Tue, 08 Aug 2023 12:01:16 GMT
server: cloudflare
etag: "64d22e8c-10c2"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: audio/ogg
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 85e1a06f2b633637-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 28 Feb 2034 13:10:23 GMT

GET
H2 200 /
image.crisp.chat/process/thumbnail/ 13 KB
13 KB 74ms
65ms Image
image/jpeg 2606:4700::6812:1d68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2Fc4436e9eb2bd8800%2Femployee2_6umdnx.jpg&width=240&height=240&1707760940209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f157f19dfa1a2851f729ff08bffec8d6e87b437a98a8fe1a0a11a29aaa4d9a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13581
last-modified: Sat, 02 Mar 2024 10:13:20 GMT
server: cloudflare
etag: W/"350d-18dfea766a4"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 85e1a06f4e889b3a-FRA
expires: Tue, 28 Feb 2034 13:10:23 GMT

GET
H2 200 /
image.crisp.chat/process/thumbnail/ 16 KB
16 KB 682ms
673ms Image
image/jpeg 2606:4700::6812:1d68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2F268b98f152ebc60%2Ff-2_1wc24wm.jpg&width=240&height=240&1707760940209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

811da71c895e59aab4f2e4c2427059ef9f97dd5675e1205abc3b4c6e43f37241

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16254
last-modified: Sat, 02 Mar 2024 12:29:53 GMT
server: cloudflare
etag: W/"3f7e-18dff246a18"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 85e1a06f4e8c9b3a-FRA
expires: Tue, 28 Feb 2034 13:10:24 GMT

GET
H2 200 /
image.crisp.chat/process/thumbnail/ 16 KB
17 KB 458ms
449ms Image
image/jpeg 2606:4700::6812:1d68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2Fba2a99c9a9631000%2F189403742-khosh-tip-tagr-goan-_xg377e.jpg&width=240&height=240&1707760940209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b9da1facb3075e0e647895c286c8d065aea3c232076f24dd367cce797192f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16884
last-modified: Sat, 02 Mar 2024 13:10:24 GMT
server: cloudflare
etag: W/"41f4-18dff498327"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 85e1a06f4e8e9b3a-FRA
expires: Tue, 28 Feb 2034 13:10:24 GMT

GET
H2 200 /
image.crisp.chat/avatar/website/af65204a-6916-4d3a-a9c2-50cc1ca5e7fe/240/ 6 KB
7 KB 475ms
466ms Image
image/jpeg 2606:4700::6812:1d68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/avatar/website/af65204a-6916-4d3a-a9c2-50cc1ca5e7fe/240/?1707760940209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42540ebb09996b83badbd1d1f411ccf523b0f9ab6df69092cffe133dba643baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-staging.itbfx.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:10:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6624
last-modified: Sat, 02 Mar 2024 03:31:15 GMT
server: cloudflare
etag: W/"19e0-18dfd374af2"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 85e1a06f4e8b9b3a-FRA
expires: Tue, 28 Feb 2034 13:10:24 GMT

GET
DATA 200
OK truncated
/ 383 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eac5040e4125a427316bfda3515a596b2e7d8baea9918b2e180477bea91a5eac

Request headers

Referer
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 589 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fe55866cd0de081f276c1b847c2cbb2a142bc8ff0a546756e2a7b7636045705

Request headers

Referer
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 472 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c8458beb62bebb5a473323fea91587a5189fcf8dc7a42a58bd6d1a25b6d2604

Request headers

Referer
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 527 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2ef452bfb03b4892e6c4e2c601089a3088576846699f08762848ca864adc462

Request headers

Referer
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 764 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5b32767b893aa35bec23319a725e6db8729383514c336925351ee4430b73eb0

Request headers

Referer
Origin: https://user-staging.itbfx.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.itbfx.tech/	1970-01-20 20:59:21	Name: _gcl_au Value: 1.1.488164064.1709385018
.itbfx.tech/	1970-01-21 04:25:45	Name: _ga Value: GA1.1.1942920072.1709385018
.doubleclick.net/	1970-01-20 18:49:45	Name: test_cookie Value: CheckForPermission
.itbfx.tech/	1970-01-20 23:12:33	Name: crisp-client%2Fsession%2Faf65204a-6916-4d3a-a9c2-50cc1ca5e7fe Value: session_8766dadb-a87a-4078-9500-7cde4a0b3973
.mediaad.org/	1970-01-21 04:25:45	Name: USER_ID Value: c178b38f-3276-43f8-ad23-5974d7f6c2f0
user-staging.itbfx.tech/	1970-01-21 03:35:21	Name: analytics_token Value: 0d178890-7a9e-c0d2-6542-4243e952c5c1
user-staging.itbfx.tech/	1970-01-20 18:49:46	Name: analytics_session_token Value: 84f7c873-efc6-696b-dca9-b86ec8374948
user-staging.itbfx.tech/	1970-01-20 18:51:11	Name: yektanet_session_last_activity Value: 3/2/2024
user-staging.itbfx.tech/	1969-12-31 23:59:59	Name: _yngt_iframe Value: 1
.yektanet.com/	1970-01-21 04:25:45	Name: gearbox_ad_token Value: 180c25c8-87607-77ee0-001d3-376bd338f8489
.yektanet.com/	1970-01-21 04:25:45	Name: analytics_global_token Value: 180c25c8-87607-77ee0-001d3-376bd338f8489
user-staging.itbfx.tech/	1970-01-20 19:32:57	Name: _yngt Value: 180c25c8-87607-77ee0-001d3-376bd338f8489
user-staging.itbfx.tech/	1970-01-20 18:52:37	Name: crisp-client%2Fsocket%2Faf65204a-6916-4d3a-a9c2-50cc1ca5e7fe Value: 1
.itbfx.tech/	1970-01-21 04:25:45	Name: _ga_MB52TTMM8H Value: GS1.1.1709385018.1.1.1709385024.54.0.0

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://user-staging.itbfx.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/auth/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/auth/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/auth/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/auth/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/auth/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/auth/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/auth/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/auth/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/auth/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/auth/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/auth/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/auth/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/auth/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-staging.itbfx.tech/auth/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://client.crisp.chat/static/javascripts/client.js?1e67cfa(Line 6) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mediaad.org
api2.itbfx.net
audience.yektanet.com
cdn.yektanet.com
client.crisp.chat
fonts.gstatic.com
googleads.g.doubleclick.net
image.crisp.chat
ma-cdn.pegah.tech
mediacdn.mediaad.org
n1.sanjagh.com
region1.analytics.google.com
s1.mediaad.org
stats.g.doubleclick.net
ua.yektanet.com
user-staging.itbfx.tech
www.google.ch
www.google.com
www.googletagmanager.com
151.106.40.131
185.166.104.3
185.166.104.4
2001:4860:4802:32::36
2606:4700:3035::6815:5cf6
2606:4700::6812:1d68
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c0a::9b
45.94.254.24
45.94.255.10
45.94.255.25
0461ea13631a27215fb77c57508c5256acbf71cc30c6927130cfe7a9f982b9bd
1418bd4d74c35bfa473d404b8b94b3e83784efa32ed9875a28a2e83449d02942
158e6f55c804592292dff060cfeb8d04d4c3c4982e42ce22d970ade99ace47c4
16d255a26bb61b2a895941cae3e1c54c3253920a9305906271a72a6b479b76e3
189aeb285be99f0b58e454dd2dc3cbf34a6db844a9ef26ebc5909178ff77c5be
1b4f406c4d5e0701a041b9347608e086161452f25ed77cee2a6e3a1befe7c8aa
2205e25f74b05b5fead883b7374f96690d87e2d330dc6288c4dadbe7bf7afe1c
2b9da1facb3075e0e647895c286c8d065aea3c232076f24dd367cce797192f98
2fe4600768297169030035ba2ed2079c7bc321d962722062fefbae459bdc9ab3
344be797dbd39ed52f00251a5098e7456d4cdcfe1c557575544576e07b640303
3ae9e64dac8e5f8aa1cba71fefe1eb2e2e54b84f0d4c0138467fb88692067575
3dccdfd7974742e9b8eff1735791a8fb81f75e330eb0b777cef8a33b57310a6a
3f83f97c18d7ff23f57960396f3fed1fe993b7c413d058af8a6538fa877f8250
42540ebb09996b83badbd1d1f411ccf523b0f9ab6df69092cffe133dba643baa
4fe55866cd0de081f276c1b847c2cbb2a142bc8ff0a546756e2a7b7636045705
538e9204db8af36ca0a44d8cafcad7dd5fcfc8c998149cb3b3c4c2489e116fab
567219e6cbc9240772bfe6bbc6ed22b637e1538d733b75fcbb94a8b083c55bb0
57cfe7112de7343864435a0b599922aaba5456fb75f6d1942bd67df2eb67fb86
57d5dde22f6ffc20ca0e4199c61f50041b1f35c7d6d36b5505516188b2ac6d92
626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d
6366ef8e2e95e086c8e4b06ed52cfe599271b59373f7f3712d0de8da5d92ff64
67c017ba9e51013fd77368d54073a4fbbeb82ccc7d95539a6ce51c80d5504ab1
6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5
711456ca997d77edaaa63604557ab7bfd99bd683f03cb749339afb1012f7a614
73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973
7694276feaec758826c0d03b642d9a5002cef53297c26d36f02e3815b547d47d
7969b9bb56b8d0cf05637f812b5db52c610d9fa294fb5bec109dd65fcffb7827
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7c8458beb62bebb5a473323fea91587a5189fcf8dc7a42a58bd6d1a25b6d2604
8022aa161cb6a8060e3d1582e184a1315a51f5de5f39b4641e4bf1a691ba745b
811da71c895e59aab4f2e4c2427059ef9f97dd5675e1205abc3b4c6e43f37241
864ec7e4d182f042e6a2b19e23e339030ac79630b0158c9a55b966a653ee13a1
8aeaadac98575ca72a2cede272c55386a1671599e826edc32011364c483f1882
8c3bcd6f082c2faa85d80636dcf4671f0eb75518b2d0ad3455d93f7aa1fc99d8
9088d89e1f4fe4dfe0628cb7650e4bb2349bb6c0dc8b155301957ab2d4ef2a6e
91b0f32cbaf8d4e4d80471e8942b459747916a90d8c6b8b96eea94b82b692b83
9a3b9575070a6e0bffe8b07b8d2f8dee5923c1f5e353819c76f5e51d18543bfa
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
9d0664ef22c8dbedb44861879d1f6d53d53b1d0e37f4e8e4bcfc62fc0285005d
9d9012b355e5c4d068490ed32b26ea0e1b94aaf2ec19de9d9b80aa4be1030445
9db5e3af59e77abe0c10c8b7dbfabf52cc601c7c96589515f2f8d6ad3c6e20fe
9f6b53482900bb469250df47fd1743d7f5f680bcdb0ead9e330e4a0c77b5ad09
aa1c0c10c73c22a89cb5c4c381293843c559894cf4b97e5ec1fa1d5573ba0a60
abde8d750bb8087e0533a0d744020e448be839d90f5a37bb47422a4ec939cb5d
bcd3a13b1a82996c1792173e71784ccb7f40e2106362ec752bf27ec3f99e201d
c3359ee81776d2bda8697580d6157e238d3cc71e67561f107e1089a39a12af7e
c480bb47bd471bad3de136447a76a6aa7398be45feb1e1d4159925e2cb68ec75
c6c9bbe9fd62a35b79d8111a29572b5c9f0d3d16eb2d872e04d68113218e65d7
c9f535af30005b79eda71d54ece783a2a2b5df6ca0fee0927345b3886364bd5d
caad75d4b3e62a62917080a0bc21a64dba4ef792f9ad5536e658aab171a22164
d4e542bb3ec2518ff6c5585f168e85cbd33d06d9ac6e44e9b8bf64694c3141fe
dabd2a598ecc313b7b3b6f43b443acf5e2296b3636f9610ae44741bcc8654d15
dcfe8df29e553fbd655212f94300cb1e704c6cd147fa7a98cb4bcd9eb92c6707
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b32767b893aa35bec23319a725e6db8729383514c336925351ee4430b73eb0
e60d56cfa3395f0630e29f10caf14826fe48952e522b6ce35845a9ac6d08e079
e9dd4d6f89086089e68e232631e52806a202defa097fc1e3b2e8557008a82ce7
eac5040e4125a427316bfda3515a596b2e7d8baea9918b2e180477bea91a5eac
ec23baab8cd3483c4877e0e191853c7566fef52363c7abf347286f63a93b9c99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f157f19dfa1a2851f729ff08bffec8d6e87b437a98a8fe1a0a11a29aaa4d9a0c
f2ef452bfb03b4892e6c4e2c601089a3088576846699f08762848ca864adc462
f34a57a7de80f41af5e4f170600f0eabf772e6bec1ffd196eb70cb9534f06e2b
fa43b28dadc9e58442fa6bfd41bd54b37fac970984804e6ebf965af341291fd3
fc37c6f95745ebc483b109cb2e7d5eaa5d932d6c507df7152bfe93d5ae960922
fc5b29b8d5bac56012c2a0707dfef2d4fc945ffe72e7e1a2c58e5de080e11848
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fcd9225b9818c4ab0636f4a8808f056873283f6b4e3fed7b4b0b9a3589cdec83
fd9e5d30d94e0addee2fd8e58244705a6a360c65267c56192143ed9587a8f868

user-staging.itbfx.tech Open in urlscan Pro 2606:4700:3035::6815:5cf6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

75 Requests

100 %HTTPS

57 %IPv6

12 Domains

19 Subdomains

15 IPs

5 Countries

3537 kBTransfer

7092 kBSize

14 Cookies

4 Outgoing links

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

user-staging.itbfx.tech Open in urlscan Pro
2606:4700:3035::6815:5cf6 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

100 %
HTTPS

57 %
IPv6

12
Domains

19
Subdomains

15
IPs

5
Countries

3537 kB
Transfer

7092 kB
Size

14
Cookies

75 HTTP transactions
17 data transactions