urlscan.io logo urlscan.io
SecurityTrails logo

align.newfounding.com Open in urlscan Pro
157.245.141.6  Public Scan

Go To Rescan Add Verdict Report
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Submission Tags: falconsandbox
Submission: On April 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 16 domains to perform 46 HTTP transactions. The main IP is 157.245.141.6, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is align.newfounding.com.
TLS certificate: Issued by R3 on February 14th 2023. Valid for: 3 months.
This is the only time align.newfounding.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    157.245.141.6 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
align.newfounding.com
5    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700::6812:1e68 (United States)

ASN13335 (CLOUDFLARENET, US)
sibautomation.com
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    52.92.195.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
3    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700::6810:ff60 (United States)

ASN13335 (CLOUDFLARENET, US)
in-automate.sendinblue.com
1    2600:9000:223c:ec00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
1    50.17.141.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-141-61.compute-1.amazonaws.com
idx.liadm.com
1    2600:1f18:730:b140:318:4480:a19a:ad9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    34.195.36.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-36-0.compute-1.amazonaws.com
rp4.liadm.com
2    35.167.232.58 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-232-58.us-west-2.compute.amazonaws.com
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com
Apex Domain
Subdomains		 Transfer
15 newfounding.com
align.newfounding.com
231 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
3 KB
4 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 2663
idx.liadm.com — Cisco Umbrella Rank: 2444
rp.liadm.com — Cisco Umbrella Rank: 1532
rp4.liadm.com — Cisco Umbrella Rank: 6924
15 KB
3 gstatic.com
fonts.gstatic.com
58 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2400
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
3 amazonaws.com
s3-us-west-2.amazonaws.com
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com — Cisco Umbrella Rank: 29445
49 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
157 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
238 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
122 KB
1 sendinblue.com
in-automate.sendinblue.com — Cisco Umbrella Rank: 22689
334 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 80
350 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 643
394 B
1 t.co
t.co — Cisco Umbrella Rank: 514
378 B
1 w.org
s.w.org — Cisco Umbrella Rank: 1762
771 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 647
15 KB
1 sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 21754
3 KB
46 16
Domain Requested by
15 align.newfounding.com align.newfounding.com
5 fonts.googleapis.com align.newfounding.com
3 fonts.gstatic.com fonts.googleapis.com
3 connect.facebook.net align.newfounding.com
connect.facebook.net
2 ckjjzdn8vk.execute-api.us-west-2.amazonaws.com s3-us-west-2.amazonaws.com
2 www.facebook.com align.newfounding.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com align.newfounding.com
www.googletagmanager.com
1 rp4.liadm.com
1 rp.liadm.com 1 redirects
1 idx.liadm.com b-code.liadm.com
1 b-code.liadm.com s3-us-west-2.amazonaws.com
1 in-automate.sendinblue.com sibautomation.com
1 stats.g.doubleclick.net www.google-analytics.com
1 analytics.twitter.com align.newfounding.com
1 t.co align.newfounding.com
1 s.w.org align.newfounding.com
1 region1.google-analytics.com www.googletagmanager.com
1 s3-us-west-2.amazonaws.com align.newfounding.com
1 static.ads-twitter.com align.newfounding.com
1 sibautomation.com align.newfounding.com
46 21

This site contains links to these domains. Also see Links.

Domain
newfounding.com
guide.newfounding.com
Subject Issuer Validity Valid
align.newfounding.com
R3		 2023-02-14 -
2023-05-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-21 -
2023-04-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-09 -
2023-06-09		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2022-09-21 -
2023-08-24		 a year crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA		 2022-12-06 -
2024-01-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
sendinblue.com
Cloudflare Inc ECC CA-3		 2022-09-26 -
2023-09-25		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-02-28 -
2024-01-30		 a year crt.sh
*.execute-api.us-west-2.amazonaws.com
Amazon RSA 2048 M02		 2023-03-17 -
2023-07-31		 5 months crt.sh

This page contains 2 frames:

Primary Page: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Frame ID: AC1D190A7BD0ADC9B499F9AD20A27E88
Requests: 44 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 95A6667C17CEF688ECA33D2469C63D7B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found – ALIGN

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

46
Requests

98 %
HTTPS

57 %
IPv6

16
Domains

21
Subdomains

20
IPs

3
Countries

675 kB
Transfer

1723 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://rp.liadm.com/j?dtstmp=1681482834108&se=e30&duid=b52ba86e0614--01gy02zr22chhd59ge3p47r3rv&tna=v2.7.1&pu=https%3A%2F%2Falign.newfounding.com%2Fwp-content%2Fuploads%2F2023%2F04%2F460fa520-3715-4bdc-803e-943c0075a579.jpeg%255D&wpn=lc-bundle HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1681482834108&se=e30&duid=b52ba86e0614--01gy02zr22chhd59ge3p47r3rv&tna=v2.7.1&pu=https%3A%2F%2Falign.newfounding.com%2Fwp-content%2Fuploads%2F2023%2F04%2F460fa520-3715-4bdc-803e-943c0075a579.jpeg%255D&wpn=lc-bundle&i6=MmEwMTo0YTA6MmI6OjEw&n3pc=true

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
align.newfounding.com/wp-content/uploads/2023/04/ 		44 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
157.245.141.6 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
94cdca6a8da13687d98c14981683e169c9f32b995c96c022aa250b7fa6d872b9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 14 Apr 2023 14:33:52 GMT
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Keep-Alive
timeout=5, max=100
Link
<https://align.newfounding.com/wp-json/>; rel="https://api.w.org/"
Server
Apache/2.4.41 (Ubuntu)
Transfer-Encoding
chunked
css
fonts.googleapis.com/ 		2 KB
941 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Alumni%20Sans
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e204ff75d7c2d3b9a9a3803d38758fa2c37f595135097bebd0808600ae42270d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Apr 2023 14:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 14:33:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Apr 2023 14:33:52 GMT
css
fonts.googleapis.com/ 		381 B
354 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fanwood%20Text
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8fc88b650d08490dc483d0befc0dac494d82881b69bfb0aeb8b0cf03824683e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Apr 2023 14:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 14:33:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Apr 2023 14:33:52 GMT
css
fonts.googleapis.com/ 		10 KB
778 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM%20Plex%20Sans%20Condensed:thin,extralight,light,regular,medium,semibold,bold
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f84baca30354075704d92d0b880fba2a4193c19755129c04a5828992f120de33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Apr 2023 14:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 14:33:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Apr 2023 14:33:52 GMT
css
fonts.googleapis.com/ 		1 KB
500 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Spectral
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7545c7b5db014693b9979013a0191c986bc99b6733b15d948863bc7829285295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Apr 2023 14:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 14:33:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Apr 2023 14:33:52 GMT
css
fonts.googleapis.com/ 		2 KB
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9ec5e07693843df2f2de8b4ceb1a64b049b14b9c65c0c6e4bd6b781f36eb638
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Apr 2023 14:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 13:58:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Apr 2023 14:33:52 GMT
wp-emoji-release.min.js
align.newfounding.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://align.newfounding.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
157.245.141.6 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 14:33:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Mar 2023 21:38:30 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4904-5f810cc13c02a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5039
style.min.css
align.newfounding.com/wp-includes/css/dist/block-library/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://align.newfounding.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
157.245.141.6 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 14:33:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Mar 2023 21:38:30 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"17ced-5f810cc15854a-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
12736
classic-themes.min.css
align.newfounding.com/wp-includes/css/ 		291 B
546 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://align.newfounding.com/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
157.245.141.6 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 14:33:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Mar 2023 21:38:30 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"123-5f810cc15b42a-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
210
wpp.css
align.newfounding.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 		2 KB
906 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://align.newfounding.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.1.1
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
157.245.141.6 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 14:33:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Dec 2022 00:03:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"688-5f073854c4a7b-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
570
style.css
align.newfounding.com/wp-content/themes/align/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://align.newfounding.com/wp-content/themes/align/style.css?ver=1.0.0
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
157.245.141.6 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9d1a802505742592fddc93867fe673153586fe9bc999e0712d7e4ecbd2aa3d24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 14:33:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Jan 2023 23:37:58 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"a448-5f31f1f541343-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8763
mailin-front.css
align.newfounding.com/wp-content/plugins/mailin/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://align.newfounding.com/wp-content/plugins/mailin/css/mailin-front.css?ver=6.2
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
157.245.141.6 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3c288f0c3cb0999bbd6a9f6486f6b13064ead24052234ac35f8b053b9db9ae96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 14:33:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Sep 2022 20:06:29 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"a79-5e8948c48bbe0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
749
wpp.min.js
align.newfounding.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://align.newfounding.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.1
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
157.245.141.6 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 14:33:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Dec 2022 00:03:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"bd7-5f073854c4a7b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1377
jquery.min.js
align.newfounding.com/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://align.newfounding.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
157.245.141.6 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 14:33:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Mar 2023 21:38:30 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"15ed7-5f810cc12f509-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
31049
jquery-migrate.min.js
align.newfounding.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://align.newfounding.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
157.245.141.6 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 14:33:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Mar 2023 21:38:30 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3470-5f810cc12f509-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4795
mailin-front.js
align.newfounding.com/wp-content/plugins/mailin/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://align.newfounding.com/wp-content/plugins/mailin/js/mailin-front.js?ver=1663099589
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
157.245.141.6 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d8469ad6e03ba1a6c2c9fee151001c818233baff45efada0b93f6d864c21dbb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 14:33:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Sep 2022 20:06:29 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2fe7-5e8948c486dc0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2850
js
www.googletagmanager.com/gtag/ 		224 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K1L5YL989L
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
26b4dd53a21bd3ce00813b241389524d8d47410045dce7e4c3984d54b178d422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:33:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79938
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 14 Apr 2023 14:33:53 GMT
Deal-Room-Banner-Align.png
align.newfounding.com/wp-content/uploads/2023/02/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://align.newfounding.com/wp-content/uploads/2023/02/Deal-Room-Banner-Align.png
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
157.245.141.6 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5d12aa08734aae28c159378c999771c03027ac75ba0720b42e367df16a282f9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 14:33:53 GMT
Last-Modified
Thu, 23 Feb 2023 23:14:22 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"6453-5f5662c4cc7a1"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
25683
align-text-logo.png
align.newfounding.com/wp-content/uploads/2022/12/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://align.newfounding.com/wp-content/uploads/2022/12/align-text-logo.png
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
157.245.141.6 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4cdb4ecb9ad7b62d2897fe8197431c963460c77371305a46f9f6d241b304e02a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 14:33:53 GMT
Last-Modified
Mon, 12 Dec 2022 22:56:16 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"5eba-5efa969296709"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
24250
align_logo_black_alpha.png
align.newfounding.com/wp-content/uploads/2022/12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://align.newfounding.com/wp-content/uploads/2022/12/align_logo_black_alpha.png
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
157.245.141.6 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2254669c25113aa522122cdfd227071568336eb85456b5214b85b81d5281de64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 14:33:53 GMT
Last-Modified
Fri, 16 Dec 2022 18:35:18 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2790-5eff63b3baf5c"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
10128
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 14 Apr 2023 14:33:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27909
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
uKNFkG6onK9OhOzX7Pu25TT8uq01PFfMlgunMLTG4fE57yeXZBtQyTrGWBf2Cdd+D3RrJfbYPdZ12MFxy28lIw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
sa.js
sibautomation.com/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/sa.js?plugin=wordpress&key=0s05bi2ll6wqzum2zrbhf4vq
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
a0b7a3efb6b0ac1accdc1c2335f40fb6884c0144e7d4a10588e7710b2f442660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:33:53 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
x-powered-by
Sails <sailsjs.com>
etag
W/"29d2-/SIe2Z6sUtPb2toL3aOL0kW37u4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60
cf-ray
7b7caa9b8bc29b8f-FRA
expires
Fri, 14 Apr 2023 14:34:53 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:33:53 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230092-FRA
ge.js
s3-us-west-2.amazonaws.com/jsstore/a/8M0H4VG/ 		48 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/jsstore/a/8M0H4VG/ge.js
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.195.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
d59bbfd140cc46e78a4d84ed6320e8a49267c71ae3b51b5f94e149bc478c5020

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 14:33:54 GMT
Last-Modified
Mon, 10 Apr 2023 22:27:44 GMT
Server
AmazonS3
x-amz-request-id
BQ3PGT0MEVVF0XM7
ETag
"95b2ca8c2888a24edf20b83ed228319b"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
49101
x-amz-id-2
rAQXkAJeXGCu3hgIlnjxIu71J83esBieRkAMUyooIz2CMNH6rtO2AYTJRDNOuF4X6rvEqj/ifp8=
Expires
Wed, 10 May 2023 22:27:43 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-228366763-4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K1L5YL989L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a7f5b0ce5965e58e1b13f44065b9146c70c83dceb1b43f3ecc37d5e36e79e17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:33:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44625
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Apr 2023 14:33:53 GMT
collect
region1.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-K1L5YL989L&gtm=45je34c0&_p=306416972&cid=1269322318.1681482833&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681482833&sct=1&seg=0&dl=https%3A%2F%2Falign.newfounding.com%2Fwp-content%2Fuploads%2F2023%2F04%2F460fa520-3715-4bdc-803e-943c0075a579.jpeg%255D&dt=Page%20not%20found%20%E2%80%93%20ALIGN&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K1L5YL989L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Apr 2023 14:33:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://align.newfounding.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1f642.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		525 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f642.svg
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 14 Apr 2023 14:33:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:53:43 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=315360000
accept-ranges
bytes
content-length
525
expires
Thu, 31 Dec 2037 23:55:55 GMT
rnCr-xNNww_2s0amA9M5kng.woff2
fonts.gstatic.com/s/spectral/v13/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spectral/v13/rnCr-xNNww_2s0amA9M5kng.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Spectral
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51f3ebfe41d11eab7706afe65201434799048af4c2db78276f6194435c12d672
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://align.newfounding.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 02:07:59 GMT
x-content-type-options
nosniff
age
131154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21816
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 22:36:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Apr 2024 02:07:59 GMT
Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM%20Plex%20Sans%20Condensed:thin,extralight,light,regular,medium,semibold,bold
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31f1c8437b4a34d4b4d66c59927d16774fb6197faf13dbd7b04758a2afdbad0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://align.newfounding.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 11:00:30 GMT
x-content-type-options
nosniff
age
272003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18564
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:29:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 11:00:30 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM%20Plex%20Sans%20Condensed:thin,extralight,light,regular,medium,semibold,bold
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dca337d11cb99c194e99da0a8780ec4219ff742646b52a49675fffe44f5a7658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://align.newfounding.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 14:21:59 GMT
x-content-type-options
nosniff
age
259914
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18196
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 14:21:59 GMT
adsct
t.co/i/ 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=a38b5acc-bc36-4acf-a275-2c23725fc8e3&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0e1e0896-f961-4178-a4a1-bebb5dc7bfd2&tw_document_href=https%3A%2F%2Falign.newfounding.com%2Fwp-content%2Fuploads%2F2023%2F04%2F460fa520-3715-4bdc-803e-943c0075a579.jpeg%255D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=OD7LS&type=javascript&version=2.3.29
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-response-time
107
date
Fri, 14 Apr 2023 14:33:53 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
b7c21c7885c2f8d8
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
50841f7d9f527a283fcf2e9a6f8fde8d614f8b54e3d888ee1c88013ef08d2b7d
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=a38b5acc-bc36-4acf-a275-2c23725fc8e3&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0e1e0896-f961-4178-a4a1-bebb5dc7bfd2&tw_document_href=https%3A%2F%2Falign.newfounding.com%2Fwp-content%2Fuploads%2F2023%2F04%2F460fa520-3715-4bdc-803e-943c0075a579.jpeg%255D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=OD7LS&type=javascript&version=2.3.29
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-response-time
103
date
Fri, 14 Apr 2023 14:33:53 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
bb1c0d07ef49697c
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
30807122294febfc2bcbcf0b8b5c7602e0ee49286b9c25d83b4fffa3671a696d
content-length
43
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.101
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 14 Apr 2023 14:33:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
4bmB9yx4ucLKAt6zJ+GgmAjhM4CLyceoEYM4ZdkS+ndWQt16ycRIYmQJRB8qk4/8nN7caw1XDYffzRIoR3OQXg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
546140277241587
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/546140277241587?v=2.9.101&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d466f8832da59d2a6db3f4be30d71a76dd7e9e75d418306497f3d4c50b374cc6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 14 Apr 2023 14:33:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
s/7/S8PNcnbKZ6jCa5zr5tTV3LAUNcRwvF8jnJiXR4MHNf7Vz0nA8KuWsrg7zyRLtZ9uXAY4CVApQhBS5LfTlw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-228366763-4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 14 Apr 2023 14:05:09 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1724
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 14 Apr 2023 16:05:09 GMT
collect
www.google-analytics.com/j/ 		2 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=306416972&t=pageview&_s=1&dl=https%3A%2F%2Falign.newfounding.com%2Fwp-content%2Fuploads%2F2023%2F04%2F460fa520-3715-4bdc-803e-943c0075a579.jpeg%255D&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20ALIGN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1870728415&gjid=1881808446&cid=1269322318.1681482833&tid=UA-228366763-4&_gid=144265099.1681482833&_r=1&gtm=457e34c0&jsscut=1&z=1677514557
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://align.newfounding.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Apr 2023 14:33:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://align.newfounding.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-228366763-4&cid=1269322318.1681482833&jid=1870728415&gjid=1881808446&_gid=144265099.1681482833&_u=YADAAUAAAAAAACAAI~&z=283588894
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://align.newfounding.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 14 Apr 2023 14:33:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://align.newfounding.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=546140277241587&ev=PageView&dl=https%3A%2F%2Falign.newfounding.com%2Fwp-content%2Fuploads%2F2023%2F04%2F460fa520-3715-4bdc-803e-943c0075a579.jpeg%255D&rl=&if=false&ts=1681482833353&sw=1600&sh=1200&v=2.9.101&r=stable&a=wordpress-6.2-3.0.7&ec=0&o=30&cs_est=true&fbp=fb.1.1681482833352.1962019068&it=1681482833246&coo=false&rqm=GET
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 14 Apr 2023 14:33:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
p
in-automate.sendinblue.com/ 		0
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-automate.sendinblue.com/p?key=0s05bi2ll6wqzum2zrbhf4vq&cuid=6c30eac3-615f-41f4-a05e-c7723b37a240&ma_url=https%3A%2F%2Falign.newfounding.com%2Fwp-content%2Fuploads%2F2023%2F04%2F460fa520-3715-4bdc-803e-943c0075a579.jpeg%255D&sib_type=page&ma_title=Page%20not%20found%20%E2%80%93%20ALIGN&sib_name=Page%20not%20found%20%E2%80%93%20ALIGN&ma_referrer=&ma_path=%2Fwp-content%2Fuploads%2F2023%2F04%2F460fa520-3715-4bdc-803e-943c0075a579.jpeg%255D
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/sa.js?plugin=wordpress&key=0s05bi2ll6wqzum2zrbhf4vq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ff60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:33:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
no-cache
cf-apo-via
origin,host
cf-ray
7b7caa9d793a9259-FRA
/
www.facebook.com/tr/ Frame 95A6 		0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://align.newfounding.com
Referer
https://align.newfounding.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://align.newfounding.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 14 Apr 2023 14:33:53 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
lc2.js
b-code.liadm.com/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/lc2.js
Requested by
Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/jsstore/a/8M0H4VG/ge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ec00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e777dc35614fb617e7c6b15dd36bb357041cdd58a8842d961c6c89418b01dbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 07:59:09 GMT
content-encoding
gzip
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
23684
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
5PVJXWXeWmpiIc76akKTSySLvCwiNmbtRvA5s4rvdJ046sLVFPX0UA==
72731
idx.liadm.com/idex/unknown/ 		42 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/unknown/72731?duid=b52ba86e0614--01gy02zr22chhd59ge3p47r3rv&resolve=md5
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/lc2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.141.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-141-61.compute-1.amazonaws.com
Software
/
Resource Hash
a075520abf252ae11e23a63b4f932dd0782aa64abdb8e19e6a3027f50e5516fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:33:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
61
content-type
application/json
access-control-allow-origin
https://align.newfounding.com
access-control-allow-credentials
true
trace-id
6c0363b459396e54
content-length
42
expires
Sat, 15 Apr 2023 14:33:54 GMT
openbridge_plugin.js
align.newfounding.com/wp-content/plugins/official-facebook-pixel/js/ 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://align.newfounding.com/wp-content/plugins/official-facebook-pixel/js/openbridge_plugin.js
Requested by
Host: align.newfounding.com
URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
157.245.141.6 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
761aeff2e8803ba4c48511b4424f2bef7ec26194f4decf3ed8d2741d52952871

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 14:33:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Aug 2022 14:50:28 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2d799-5e6d59190a237-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
58016
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1681482834108&se=e30&duid=b52ba86e0614--01gy02zr22chhd59ge3p47r3rv&tna=v2.7.1&pu=https%3A%2F%2Falign.newfounding.com%2Fwp-content%2Fuploads%2F2023%2F04%2F460fa520-3715...
  • https://rp4.liadm.com/j?dtstmp=1681482834108&se=e30&duid=b52ba86e0614--01gy02zr22chhd59ge3p47r3rv&tna=v2.7.1&pu=https%3A%2F%2Falign.newfounding.com%2Fwp-content%2Fuploads%2F2023%2F04%2F460fa520-371...
13 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1681482834108&se=e30&duid=b52ba86e0614--01gy02zr22chhd59ge3p47r3rv&tna=v2.7.1&pu=https%3A%2F%2Falign.newfounding.com%2Fwp-content%2Fuploads%2F2023%2F04%2F460fa520-3715-4bdc-803e-943c0075a579.jpeg%255D&wpn=lc-bundle&i6=MmEwMTo0YTA6MmI6OjEw&n3pc=true
Protocol
H2
Server
34.195.36.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-36-0.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://align.newfounding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:33:54 GMT
x-pixel-event-id
2ef0bdac-580f-4496-a606-b1475bdbaa80
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
12
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
9a5eb80c08b4321f
content-length
13
x-xss-protection
1; mode=block

Redirect headers

date
Fri, 14 Apr 2023 14:33:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1681482834108&se=e30&duid=b52ba86e0614--01gy02zr22chhd59ge3p47r3rv&tna=v2.7.1&pu=https%3A%2F%2Falign.newfounding.com%2Fwp-content%2Fuploads%2F2023%2F04%2F460fa520-3715-4bdc-803e-943c0075a579.jpeg%255D&wpn=lc-bundle&i6=MmEwMTo0YTA6MmI6OjEw&n3pc=true
access-control-allow-origin
https://align.newfounding.com
request-time
0
access-control-allow-credentials
true
trace-id
5088028dbda9cedb
content-length
0
x-xss-protection
1; mode=block
li
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/li
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.232.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-232-58.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://align.newfounding.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 14 Apr 2023 14:33:54 GMT
x-amz-apigw-id
DXydAFNJvHcF2BQ=
x-amzn-requestid
e47255df-f781-4eac-a91a-b1f167826b42
li
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/ 		312 B
517 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/li
Requested by
Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/jsstore/a/8M0H4VG/ge.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.232.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-232-58.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b76f7d06ec3b5899f809e1e3bbb40581509e96ae58cf8481849e6e382ff7fea8

Request headers

Referer
https://align.newfounding.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 14 Apr 2023 14:33:55 GMT
x-amzn-trace-id
Root=1-64396453-34e309995ab2dd246a84cf10
x-amzn-requestid
904a3cdd-024c-47e0-92f6-edf2604c37de
content-length
312
x-amz-apigw-id
DXydCE3lvHcFzIA=
content-type
application/json

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| _wpemojiSettings object| twemoji object| wp object| wpp_params object| WordPressPopularPosts undefined| $ function| jQuery object| sibErrMsg object| ajax_sib_front_object string| captchaRes function| sibVerifyCallback function| fbq function| _fbq object| sib object| sendinblue function| twq object| geq function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| updateConfig function| onYouTubeIframeAPIReady object| gaGlobal object| regeneratorRuntime object| twttr string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData function| GeAnalytics function| geLoadLi function| _0x13a0a3 function| _0x4dde function| _0xfce5 boolean| geqpreprun function| run_ge object| liQ object| _geq object| __li__evt_bus object| liQ_instances object| JSON3

14 Cookies

Domain/Path Name / Value
.newfounding.com/ Name: _ga_K1L5YL989L
Value: GS1.1.1681482833.1.0.1681482833.0.0.0
.align.newfounding.com/ Name: sib_cuid
Value: 6c30eac3-615f-41f4-a05e-c7723b37a240
.newfounding.com/ Name: _ga
Value: GA1.2.1269322318.1681482833
.newfounding.com/ Name: _gid
Value: GA1.2.144265099.1681482833
.newfounding.com/ Name: _gat_gtag_UA_228366763_4
Value: 1
.newfounding.com/ Name: _fbp
Value: fb.1.1681482833352.1962019068
.twitter.com/ Name: personalization_id
Value: "v1_1msWjR5eR5MtS/czww8CPg=="
.t.co/ Name: muc_ads
Value: 61804a8f-17e3-4ff9-ab59-e7aba9a710b0
.newfounding.com/ Name: _li_dcdm_c
Value: .newfounding.com
.newfounding.com/ Name: _lc2_fpi
Value: b52ba86e0614--01gy02zr22chhd59ge3p47r3rv
align.newfounding.com/ Name: _geppv
Value: 1
align.newfounding.com/ Name: _geps
Value: true
.newfounding.com/ Name: __li_idex_cache_eyJxZiI6MC42LCJyZXNvbHZlIjoibWQ1In0
Value: {%22md5%22:%22dac66ece328211753e993d4fdd6d7c9c%22}
.liadm.com/ Name: lidid
Value: 90c26022-61e1-44d6-85cc-3ada2d894e4d

1 Console Messages

Source Level URL
Text
network error URL: https://align.newfounding.com/wp-content/uploads/2023/04/460fa520-3715-4bdc-803e-943c0075a579.jpeg%5D
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

align.newfounding.com
analytics.twitter.com
b-code.liadm.com
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
idx.liadm.com
in-automate.sendinblue.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
s.w.org
s3-us-west-2.amazonaws.com
sibautomation.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.244.42.195
104.244.42.5
146.75.116.157
157.245.141.6
192.0.77.48
2001:4860:4802:32::36
2600:1f18:730:b140:318:4480:a19a:ad9
2600:9000:223c:ec00:8:8845:1500:93a1
2606:4700::6810:ff60
2606:4700::6812:1e68
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2008
2a00:1450:400c:c07::9c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.195.36.0
35.167.232.58
50.17.141.61
52.92.195.160
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
2254669c25113aa522122cdfd227071568336eb85456b5214b85b81d5281de64
26b4dd53a21bd3ce00813b241389524d8d47410045dce7e4c3984d54b178d422
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
31f1c8437b4a34d4b4d66c59927d16774fb6197faf13dbd7b04758a2afdbad0b
3a7f5b0ce5965e58e1b13f44065b9146c70c83dceb1b43f3ecc37d5e36e79e17
3c288f0c3cb0999bbd6a9f6486f6b13064ead24052234ac35f8b053b9db9ae96
4cdb4ecb9ad7b62d2897fe8197431c963460c77371305a46f9f6d241b304e02a
4e777dc35614fb617e7c6b15dd36bb357041cdd58a8842d961c6c89418b01dbd
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51f3ebfe41d11eab7706afe65201434799048af4c2db78276f6194435c12d672
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d12aa08734aae28c159378c999771c03027ac75ba0720b42e367df16a282f9c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7545c7b5db014693b9979013a0191c986bc99b6733b15d948863bc7829285295
761aeff2e8803ba4c48511b4424f2bef7ec26194f4decf3ed8d2741d52952871
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
8fc88b650d08490dc483d0befc0dac494d82881b69bfb0aeb8b0cf03824683e6
943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2
94cdca6a8da13687d98c14981683e169c9f32b995c96c022aa250b7fa6d872b9
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9d1a802505742592fddc93867fe673153586fe9bc999e0712d7e4ecbd2aa3d24
a075520abf252ae11e23a63b4f932dd0782aa64abdb8e19e6a3027f50e5516fc
a0b7a3efb6b0ac1accdc1c2335f40fb6884c0144e7d4a10588e7710b2f442660
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b76f7d06ec3b5899f809e1e3bbb40581509e96ae58cf8481849e6e382ff7fea8
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d466f8832da59d2a6db3f4be30d71a76dd7e9e75d418306497f3d4c50b374cc6
d59bbfd140cc46e78a4d84ed6320e8a49267c71ae3b51b5f94e149bc478c5020
d8469ad6e03ba1a6c2c9fee151001c818233baff45efada0b93f6d864c21dbb3
d9ec5e07693843df2f2de8b4ceb1a64b049b14b9c65c0c6e4bd6b781f36eb638
dca337d11cb99c194e99da0a8780ec4219ff742646b52a49675fffe44f5a7658
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e204ff75d7c2d3b9a9a3803d38758fa2c37f595135097bebd0808600ae42270d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f84baca30354075704d92d0b880fba2a4193c19755129c04a5828992f120de33