urlscan.io logo urlscan.io
SecurityTrails logo

oauth.dsh-agency.com Open in urlscan Pro
164.92.176.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://account.lrwriters.com/
Effective URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Submission: On July 04 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 5 countries across 16 domains to perform 53 HTTP transactions. The main IP is 164.92.176.90, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is oauth.dsh-agency.com.
TLS certificate: Issued by R10 on July 1st 2024. Valid for: 3 months.
This is the only time oauth.dsh-agency.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 148.251.23.206 24940 (HETZNER-AS)
5 157.230.97.66 14061 (DIGITALOC...)
1 18.66.102.53 16509 (AMAZON-02)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
1 13.32.27.54 16509 (AMAZON-02)
1 3.161.82.74 16509 (AMAZON-02)
1 104.26.13.205 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 206.81.27.11 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
9 164.92.176.90 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.102.11 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.32.27.107 16509 (AMAZON-02)
1 3 2a03:2880:f17... 32934 (FACEBOOK)
1 142.250.185.196 15169 (GOOGLE)
1 172.217.16.195 15169 (GOOGLE)
53 21
7    148.251.23.206 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.206.23.251.148.clients.your-server.de
account.lrwriters.com
5    157.230.97.66 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
myaccount.lrwriters.com
1    18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net
static.hotjar.com
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
cdn.signalayer.com
1    13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net
script.hotjar.com
1    3.161.82.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-74.fra56.r.cloudfront.net
vc.hotjar.io
1    104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    206.81.27.11 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
tickettool.dsh-agency.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    164.92.176.90 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
oauth.dsh-agency.com
auth-back.dsh-agency.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net
static.hotjar.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c1d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net
script.hotjar.com
3    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net
www.google.com
1    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net
www.google.de
Apex Domain
Subdomains		 Transfer
12 lrwriters.com
account.lrwriters.com
myaccount.lrwriters.com
1 MB
11 dsh-agency.com
tickettool.dsh-agency.com
oauth.dsh-agency.com
auth-back.dsh-agency.com
540 KB
5 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 894
script.hotjar.com — Cisco Umbrella Rank: 1260
122 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
71 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
21 KB
2 gstatic.com
fonts.gstatic.com
46 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 8088
63 B
1 google.com
www.google.com — Cisco Umbrella Rank: 5
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
352 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
101 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
853 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2418
165 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3549
231 B
1 signalayer.com
cdn.signalayer.com — Cisco Umbrella Rank: 459116
pp.signalayer.com Failed
data.signalayer.com Failed
78 KB
0 polyfill.io Failed
cdn.polyfill.io Failed
53 16
Domain Requested by
7 oauth.dsh-agency.com myaccount.lrwriters.com
oauth.dsh-agency.com
7 account.lrwriters.com 1 redirects myaccount.lrwriters.com
5 myaccount.lrwriters.com myaccount.lrwriters.com
3 www.facebook.com 1 redirects oauth.dsh-agency.com
3 script.hotjar.com static.hotjar.com
script.hotjar.com
2 connect.facebook.net myaccount.lrwriters.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 auth-back.dsh-agency.com oauth.dsh-agency.com
2 fonts.gstatic.com fonts.googleapis.com
2 tickettool.dsh-agency.com myaccount.lrwriters.com
2 static.hotjar.com myaccount.lrwriters.com
1 www.google.de oauth.dsh-agency.com
1 www.google.com oauth.dsh-agency.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com oauth.dsh-agency.com
1 fonts.googleapis.com myaccount.lrwriters.com
1 api.ipify.org cdn.signalayer.com
1 vc.hotjar.io script.hotjar.com
1 cdn.signalayer.com myaccount.lrwriters.com
0 cdn.polyfill.io Failed oauth.dsh-agency.com
0 data.signalayer.com Failed cdn.signalayer.com
0 pp.signalayer.com Failed cdn.signalayer.com
53 22

This site contains links to these domains. Also see Links.

Domain
recruiting.livingston-research.com
apply.livingston-research.com
Subject Issuer Validity Valid
myaccount.lrwriters.com
R11		 2024-07-01 -
2024-09-29		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
cdn.signalayer.com
R10		 2024-06-28 -
2024-09-26		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh
ipify.org
GTS CA 1P5		 2024-05-19 -
2024-08-17		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
account.lrwriters.com
R10		 2024-06-29 -
2024-09-27		 3 months crt.sh
tickettool.dsh-agency.com
R11		 2024-07-01 -
2024-09-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
oauth.dsh-agency.com
R10		 2024-07-01 -
2024-09-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
auth-back.dsh-agency.com
R3		 2024-05-06 -
2024-08-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-12 -
2024-07-11		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.de
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Frame ID: 1174C3494DB7ECAA81FBC8AEA7E3655F
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Livingston Research Authorization

Page URL History Show full URLs

  1. https://account.lrwriters.com/ HTTP 302
    http://myaccount.lrwriters.com/ HTTP 307
    https://myaccount.lrwriters.com/ Page URL
  2. https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

53
Requests

79 %
HTTPS

40 %
IPv6

16
Domains

22
Subdomains

21
IPs

5
Countries

2237 kB
Transfer

7097 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://account.lrwriters.com/ HTTP 302
    http://myaccount.lrwriters.com/ HTTP 307
    https://myaccount.lrwriters.com/ Page URL
  2. https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://account.lrwriters.com/ HTTP 302
  • http://myaccount.lrwriters.com/ HTTP 307
  • https://myaccount.lrwriters.com/
Request Chain 51
  • https://www.facebook.com/tr/?id=2204162282960552&ev=PageView&dl=https%3A%2F%2Foauth.dsh-agency.com%2F%3Fredirect_url%3DaHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8%3D&rl=https%3A%2F%2Fmyaccount.lrwriters.com%2F&if=false&ts=1720055663735&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720055663734.556921181145177706&ler=other&cdl=API_unavailable&it=1720055663603&coo=false&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?redirect=0&rqm=GET&coo=false&it=1720055663603&cdl=API_unavailable&ler=other&fbp=fb.1.1720055663734.556921181145177706&o=4126&ec=0&r=stable&v=2.9.160&sh=1200&sw=1600&ts=1720055663735&if=false&rl=https%3A%2F%2Fmyaccount.lrwriters.com%2F&dl=https%3A%2F%2Foauth.dsh-agency.com%2F%3Fredirect_url%3DaHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8%3D&ev=PageView&id=2204162282960552

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
myaccount.lrwriters.com/
Redirect Chain
  • https://account.lrwriters.com/
  • http://myaccount.lrwriters.com/
  • https://myaccount.lrwriters.com/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myaccount.lrwriters.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.230.97.66 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
2765e875a9c81620f07dda220ec455b70e963a4e68e917b92af654f4da790c57

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 04 Jul 2024 01:14:22 GMT
ETag
W/"666ace38-d72"
Expires
Thu, 04 Jul 2024 01:14:22 GMT
Last-Modified
Thu, 13 Jun 2024 10:47:20 GMT
Server
nginx/1.17.10
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Location
https://myaccount.lrwriters.com/
Non-Authoritative-Reason
HttpsUpgrades
main.6ec1a20a.js
myaccount.lrwriters.com/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.lrwriters.com/main.6ec1a20a.js
Requested by
Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.230.97.66 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
570a5bcf9e42992afef158871b8509cedd373ebdaa8e1d6a1e3fdafd1da6a7e2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myaccount.lrwriters.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:14:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Jun 2024 10:47:20 GMT
Server
nginx/1.17.10
ETag
W/"666ace38-3fd9bf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Fri, 04 Jul 2025 01:14:22 GMT
main.6ec1a20a.css
myaccount.lrwriters.com/ 		570 KB
132 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myaccount.lrwriters.com/main.6ec1a20a.css
Requested by
Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.230.97.66 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
10190b23633194839752328681f3bab217a571070c0b846ac56f90b1629f1256

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myaccount.lrwriters.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:14:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Jun 2024 10:47:20 GMT
Server
nginx/1.17.10
ETag
W/"666ace38-8e9f1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Fri, 04 Jul 2025 01:14:22 GMT
hotjar-2055233.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2055233.js?sv=6
Requested by
Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-53.fra56.r.cloudfront.net
Software
/
Resource Hash
bfa8184f76406aee9c85213e336e99ea7d1bab686945e9165c0ab4b395a3df6d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myaccount.lrwriters.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 04 Jul 2024 01:14:22 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
32
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/b10691f006340c80509f03ce95e3b22a
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
TiuzOHxENKxBO3MYNVpdwR5MNTLy0UPXIPwebMWh3i49W_Civg29DA==
player.js
cdn.signalayer.com/static/ 		465 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.signalayer.com/static/player.js
Requested by
Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
c7e52d1b3ea7535d114503d9e51c845219a1511941dce3bf1d8d69506ade2441

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myaccount.lrwriters.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 01:14:22 GMT
content-encoding
gzip
x-amz-request-id
51Q6891J8NE064Y8
x-edge-location
defr
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
78861
x-amz-id-2
qaYZEG8xVXYUAxE2hMSo5xES2/rGdpOMbVi+2f1KneNAyNhvGU9rNo1WJbLx4AMwtNVoYukWd9Y=
last-modified
Tue, 31 Jan 2023 15:02:04 GMT
server
keycdn
etag
"191bc835eeccce5834de621a07cca7ba"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://s3.amazonaws.com/signalayer-static-player/static/player.js>; rel="canonical"
expires
Thu, 11 Jul 2024 01:14:22 GMT
modules.e4b2dc39f985f11fb1e4.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2055233.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
/
Resource Hash
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myaccount.lrwriters.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 08:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
234195
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56291
last-modified
Mon, 01 Jul 2024 08:10:34 GMT
etag
"ca025d2d8ae4b3dc51e058b782590501"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
7d-FPxaU-yYeCXV1jhHs76PMDzeIXersphTSdmeERUgf_bPMpied8w==
2055233
vc.hotjar.io/sessions/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/2055233?s=0.25&r=0.16288980711990964
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-74.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myaccount.lrwriters.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 04 Jul 2024 01:14:22 GMT
cache-control
no-store
via
1.1 6fa384f51cde51d7c86ee18d17ac3eaa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-amz-cf-id
4PAD4G6QCbf_0meFpBN7FHv42ZqtW-XtqJS8HRaQ9HaXJNagpill5A==
x-cache
Miss from cloudfront
/
api.ipify.org/ 		30 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=jsonp&callback=getIP
Requested by
Host: cdn.signalayer.com
URL: https://cdn.signalayer.com/static/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myaccount.lrwriters.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 01:14:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
89db42146b753633-FRA
content-length
30
vary
Origin
content-type
application/javascript
css
fonts.googleapis.com/ 		3 KB
853 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Requested by
Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/main.6ec1a20a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myaccount.lrwriters.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jul 2024 01:14:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 00:55:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jul 2024 01:14:22 GMT
notices_notification
account.lrwriters.com/api/v3/profile/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://account.lrwriters.com/api/v3/profile/notices_notification?limit=20&sort=-created_at&event_tag[]=notify_mark_bad&event_tag[]=notify_issue_cancelled&event_tag[]=notify_issue_closed&event_tag[]=notify_notice_bad&event_tag[]=notify_writer_order_feedback_cancelled&event_tag[]=notify_veriff_declined&event_tag[]=notify_veriff_resubmission&event_tag[]=notify_group_down&event_tag[]=notify_mark_good&event_tag[]=notify_mark_update&event_tag[]=notify_mark_hide&event_tag[]=notify_writer_order_feedback_resolved&event_tag[]=notify_veriff_approved&event_tag[]=notify_group_up&event_tag[]=notify_issue_resolved&event_tag[]=notify_revision_accept&event_tag[]=notify_rdd_changed
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.23.251.148.clients.your-server.de
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-role
Access-Control-Request-Method
GET
Origin
https://myaccount.lrwriters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-token, x-device, x-role
Access-Control-Allow-Methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin
https://myaccount.lrwriters.com
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 04 Jul 2024 01:14:23 GMT
Server
nginx/1.4.6 (Ubuntu)
Transfer-Encoding
chunked
Vary
Origin
X-Frame-Options
SAMEORIGIN
X-Request-Id
bf832c5a-39a2-11ef-974b-001e67c47479
profile
account.lrwriters.com/api/v3/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://account.lrwriters.com/api/v3/profile
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.23.251.148.clients.your-server.de
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-role
Access-Control-Request-Method
GET
Origin
https://myaccount.lrwriters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-token, x-device, x-role
Access-Control-Allow-Methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin
https://myaccount.lrwriters.com
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 04 Jul 2024 01:14:23 GMT
Server
nginx/1.4.6 (Ubuntu)
Transfer-Encoding
chunked
Vary
Origin
X-Frame-Options
SAMEORIGIN
X-Request-Id
bf861654-39a2-11ef-a9a1-001e67c47479
notification
account.lrwriters.com/api/v3/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://account.lrwriters.com/api/v3/notification
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.23.251.148.clients.your-server.de
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-role
Access-Control-Request-Method
GET
Origin
https://myaccount.lrwriters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-token, x-device, x-role
Access-Control-Allow-Methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin
https://myaccount.lrwriters.com
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 04 Jul 2024 01:14:23 GMT
Server
nginx/1.4.6 (Ubuntu)
Transfer-Encoding
chunked
Vary
Origin
X-Frame-Options
SAMEORIGIN
X-Request-Id
bf892808-39a2-11ef-974b-001e67c47479
settings
account.lrwriters.com/api/v3/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://account.lrwriters.com/api/v3/settings?country_list=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.23.251.148.clients.your-server.de
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-role
Access-Control-Request-Method
GET
Origin
https://myaccount.lrwriters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-token, x-device, x-role
Access-Control-Allow-Methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin
https://myaccount.lrwriters.com
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 04 Jul 2024 01:14:23 GMT
Server
nginx/1.4.6 (Ubuntu)
Transfer-Encoding
chunked
Vary
Origin
X-Frame-Options
SAMEORIGIN
X-Request-Id
bf8c4588-39a2-11ef-974b-001e67c47479
state_data
tickettool.dsh-agency.com/api/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tickettool.dsh-agency.com/api/v1/state_data
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.81.27.11 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-role
Access-Control-Request-Method
GET
Origin
https://myaccount.lrwriters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type,x-role
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
Access-Control-Allow-Origin
https://myaccount.lrwriters.com
Access-Control-Expose-Headers
Access-Control-Max-Age
1728000
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/plain
Date
Thu, 04 Jul 2024 01:14:23 GMT
Expires
Sat, 03 Aug 2024 01:14:23 GMT
Server
nginx/1.17.2
Transfer-Encoding
chunked
Vary
Accept-Encoding
notices
account.lrwriters.com/api/v3/profile/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://account.lrwriters.com/api/v3/profile/notices
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.23.251.148.clients.your-server.de
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-role
Access-Control-Request-Method
GET
Origin
https://myaccount.lrwriters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-token, x-device, x-role
Access-Control-Allow-Methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin
https://myaccount.lrwriters.com
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 04 Jul 2024 01:14:23 GMT
Server
nginx/1.4.6 (Ubuntu)
Transfer-Encoding
chunked
Vary
Origin
X-Frame-Options
SAMEORIGIN
X-Request-Id
bf8f5fac-39a2-11ef-8637-001e67c47479
live_schedules
account.lrwriters.com/api/v3/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://account.lrwriters.com/api/v3/live_schedules?all=true&deleted=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.23.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.23.251.148.clients.your-server.de
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-role
Access-Control-Request-Method
GET
Origin
https://myaccount.lrwriters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-token, x-device, x-role
Access-Control-Allow-Methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin
https://myaccount.lrwriters.com
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 04 Jul 2024 01:14:23 GMT
Server
nginx/1.4.6 (Ubuntu)
Transfer-Encoding
chunked
Vary
Origin
X-Frame-Options
SAMEORIGIN
X-Request-Id
bf923c68-39a2-11ef-b717-001e67c47479
notices_notification
account.lrwriters.com/api/v3/profile/ 		0
0
profile
account.lrwriters.com/api/v3/ 		0
0
notification
account.lrwriters.com/api/v3/ 		0
0
settings
account.lrwriters.com/api/v3/ 		0
0
state_data
tickettool.dsh-agency.com/api/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tickettool.dsh-agency.com/api/v1/state_data
Requested by
Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/main.6ec1a20a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.81.27.11 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
X-Role
writer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://myaccount.lrwriters.com/
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:14:23 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
7a0e6b6a-2b1c-4967-ac9d-5e4902c535d6
X-Runtime
0.003108
Server
nginx/1.17.2
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
https://myaccount.lrwriters.com
Access-Control-Expose-Headers
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
X-Frame-Options
SAMEORIGIN
Vary
Origin
notices
account.lrwriters.com/api/v3/profile/ 		0
0
live_schedules
account.lrwriters.com/api/v3/ 		0
0
3d214891-7e32-41b1-bfeb-615508762ca3
pp.signalayer.com/ 		0
0
3d214891-7e32-41b1-bfeb-615508762ca3.json
data.signalayer.com/player/fetch/ 		0
0
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://myaccount.lrwriters.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:56:46 GMT
x-content-type-options
nosniff
age
123457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 14:56:46 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://myaccount.lrwriters.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:29:04 GMT
x-content-type-options
nosniff
age
542719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 18:29:04 GMT
nt_new_message.ogg
myaccount.lrwriters.com/media/ 		41 KB
42 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://myaccount.lrwriters.com/media/nt_new_message.ogg
Requested by
Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.230.97.66 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://myaccount.lrwriters.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:14:23 GMT
Last-Modified
Thu, 13 Jun 2024 10:47:20 GMT
Server
nginx/1.17.10
ETag
"666ace38-a564"
Content-Type
audio/ogg
Content-Range
bytes 0-42339/42340
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
42340
Expires
Sat, 03 Aug 2024 01:14:23 GMT
truncated
/ 		382 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		180 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		354 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.ico
myaccount.lrwriters.com/favicons/ 		37 KB
37 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://myaccount.lrwriters.com/favicons/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.230.97.66 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myaccount.lrwriters.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:14:23 GMT
Last-Modified
Thu, 13 Jun 2024 10:47:20 GMT
Server
nginx/1.17.10
ETag
"666ace38-94be"
Content-Type
image/x-icon
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38078
Expires
Thu, 11 Jul 2024 01:14:23 GMT
Primary Request /
oauth.dsh-agency.com/ 		936 B
945 B 		Document
General
Check archive.org
Download Go to
Full URL
https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Requested by
Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/main.6ec1a20a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.2 /
Resource Hash
e33c0ee123ba9a72984c6764786c3a02a4e378b7db8eeb42b6830160a1a68b79

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://myaccount.lrwriters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 04 Jul 2024 01:14:23 GMT
ETag
W/"642dd608-3a8"
Expires
Thu, 04 Jul 2024 01:14:23 GMT
Last-Modified
Wed, 05 Apr 2023 20:11:52 GMT
Server
nginx/1.17.2
Transfer-Encoding
chunked
Vary
Accept-Encoding
orders
account.lrwriters.com/api/v3/ 		0
0
polyfill.min.js
cdn.polyfill.io/v2/ 		0
0
main.eebc6826.css
oauth.dsh-agency.com/static/css/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oauth.dsh-agency.com/static/css/main.eebc6826.css
Requested by
Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.2 /
Resource Hash
503d32f05811989b339ff5bbe81095a8652dc0a1e8dffb3ec0189ffbdedbbf10

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:14:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Apr 2023 20:11:52 GMT
Server
nginx/1.17.2
ETag
W/"642dd608-1d7e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Fri, 04 Jul 2025 01:14:23 GMT
main.c23550cb.js
oauth.dsh-agency.com/static/js/ 		305 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oauth.dsh-agency.com/static/js/main.c23550cb.js
Requested by
Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.2 /
Resource Hash
38a0474672476ee2f960c1203877918e66a61d86497a60793cedf76fb792e702

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:14:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Apr 2023 20:11:52 GMT
Server
nginx/1.17.2
ETag
W/"642dd608-4c23c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Fri, 04 Jul 2025 01:14:23 GMT
gtm.js
www.googletagmanager.com/ 		282 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PKS6JDW
Requested by
Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85f7f586fe7032bfc85efaf83d37a4678e3b8552555cfadf18151aaadb70b4cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.dsh-agency.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 01:14:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102964
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Jul 2024 01:14:23 GMT
self
auth-back.dsh-agency.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth-back.dsh-agency.com/self
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://oauth.dsh-agency.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,content-type,x-requested-with
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
Access-Control-Allow-Origin
https://oauth.dsh-agency.com
Access-Control-Expose-Headers
Authorization
Access-Control-Max-Age
1728000
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/plain
Date
Thu, 04 Jul 2024 01:14:23 GMT
Expires
Sat, 03 Aug 2024 01:14:23 GMT
Server
nginx/1.17.2
Transfer-Encoding
chunked
Vary
Accept-Encoding
HelveticaNeue-Bold.dae566fc.woff
oauth.dsh-agency.com/static/media/ 		208 KB
208 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oauth.dsh-agency.com/static/media/HelveticaNeue-Bold.dae566fc.woff
Requested by
Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/static/css/main.eebc6826.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.2 /
Resource Hash
369f2d426c38977b3d5fed3a03e9ca4246a83b8ce7f749c5304ad066ce6b1548

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.dsh-agency.com/static/css/main.eebc6826.css
Origin
https://oauth.dsh-agency.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:14:23 GMT
Last-Modified
Wed, 05 Apr 2023 20:11:52 GMT
Server
nginx/1.17.2
ETag
"642dd608-33fc0"
Content-Type
font/woff
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
212928
Expires
Sat, 03 Aug 2024 01:14:23 GMT
HelveticaNeue.e878df76.woff
oauth.dsh-agency.com/static/media/ 		203 KB
203 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oauth.dsh-agency.com/static/media/HelveticaNeue.e878df76.woff
Requested by
Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/static/css/main.eebc6826.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.2 /
Resource Hash
4b74adce203915ff39c59917039582fdec9fb533cda88fcddfa9d110473fc420

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.dsh-agency.com/static/css/main.eebc6826.css
Origin
https://oauth.dsh-agency.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:14:23 GMT
Last-Modified
Wed, 05 Apr 2023 20:11:52 GMT
Server
nginx/1.17.2
ETag
"642dd608-32be0"
Content-Type
font/woff
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
207840
Expires
Sat, 03 Aug 2024 01:14:23 GMT
self
auth-back.dsh-agency.com/ 		26 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth-back.dsh-agency.com/self
Requested by
Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/static/js/main.c23550cb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.2 /
Resource Hash
23530f79939f7833451e84bd8b170a50c424fd5dd1f2303f891039e339468cfe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Referer
https://oauth.dsh-agency.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

X-Runtime
0.004026
Date
Thu, 04 Jul 2024 01:14:23 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Server
nginx/1.17.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://oauth.dsh-agency.com
Access-Control-Expose-Headers
Authorization
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
Cache-Control
no-cache
Vary
Origin
Connection
keep-alive
X-Request-Id
20c01819-cf01-46b0-88bf-94cc843464cc
albatros.7c12eb1d.svg
oauth.dsh-agency.com/static/media/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oauth.dsh-agency.com/static/media/albatros.7c12eb1d.svg
Requested by
Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.2 /
Resource Hash
caac557753b8f2c54a22850b54bf960d6807375fd563298983caaf100070edfe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:14:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Apr 2023 20:11:52 GMT
Server
nginx/1.17.2
ETag
W/"642dd608-e9b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sat, 03 Aug 2024 01:14:23 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKS6JDW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.dsh-agency.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jul 2024 00:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2716
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 04 Jul 2024 02:29:07 GMT
hotjar-505540.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-505540.js?sv=5
Requested by
Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-11.fra56.r.cloudfront.net
Software
/
Resource Hash
97dfb9d5f99440dd00e312e3a4acbec75975a53939b16e8781754d33b650b275
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.dsh-agency.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 04 Jul 2024 01:14:23 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/1884bfde6549ccb0bfac448d0d4e1b8e
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
FGKXKt5ppV3_IsxNzM0D6Azr45i1M-UHd2wedc9P54tJfqz3Mhb64A==
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: myaccount.lrwriters.com
URL: https://myaccount.lrwriters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.dsh-agency.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 04 Jul 2024 01:14:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1297, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
AFSx0/U9A+LMjbLooHQIz9Pey8LOnsfSHwnBgCOnXrSbRG1PA0Y2FroFM5TwO/8gdazpqmzlUAKiam1wH1nMag==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=374449308&t=pageview&_s=1&dl=https%3A%2F%2Foauth.dsh-agency.com%2F%3Fredirect_url%3DaHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8%3D%3F&dr=https%3A%2F%2Fmyaccount.lrwriters.com%2F&dp=oauth.dsh-agency.com%2F&ul=de-de&de=UTF-8&dt=Livingston%20Research%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACgAI~&jid=786016881&gjid=6437234&cid=1401349451.1720055664&tid=UA-129148043-1&_gid=138340413.1720055664&_r=1&_slc=1&gtm=45He4730n81PKS6JDWv76281651za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=1317449370
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://oauth.dsh-agency.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 01:14:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oauth.dsh-agency.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
2204162282960552
connect.facebook.net/signals/config/ 		58 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2204162282960552?v=2.9.160&r=stable&domain=oauth.dsh-agency.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cd3507143e7005ea284ee86d891feea12d7f48bd290f0196d3ae31a8195cdbb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.dsh-agency.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 04 Jul 2024 01:14:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=66, mss=1297, tbw=63819, tp=-1, tpl=-1, uplat=102, ullat=0
pragma
public
x-fb-debug
LjICmPmpOlWS8fYe9vmRwnNqamLQSLh4mG1EQ85d4uUwQqeW0C12skPhCW0VCoSzZHhe2sU6foTqWdKgqnqcpw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-129148043-1&cid=1401349451.1720055664&jid=786016881&gjid=6437234&_gid=138340413.1720055664&npa=1&_u=YGBACEAABAAAACgAI~&z=611847189
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://oauth.dsh-agency.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 04 Jul 2024 01:14:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oauth.dsh-agency.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.e4b2dc39f985f11fb1e4.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-505540.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-107.fra56.r.cloudfront.net
Software
/
Resource Hash
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.dsh-agency.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 08:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
234196
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56291
last-modified
Mon, 01 Jul 2024 08:10:34 GMT
etag
"ca025d2d8ae4b3dc51e058b782590501"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
EnBhOkFEROS1nM6_LcqzTM407KWDgmLM_NON_M3yw0d45f4smxpVhg==
browser-perf.8417c6bba72228fa2e29.js
script.hotjar.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-107.fra56.r.cloudfront.net
Software
/
Resource Hash
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.dsh-agency.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Jan 2024 14:32:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
13948936
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1782
last-modified
Wed, 24 Jan 2024 14:31:37 GMT
etag
"b83b61bc5871e9a23a0434e2c539f4f3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
enfeNgvR-yHKFtF-Qd3h60K2RdZbdR3gJAcN8sojZhPxVx2i2x38pg==
/
www.facebook.com/tr/
Redirect Chain
  • https://www.facebook.com/tr/?id=2204162282960552&ev=PageView&dl=https%3A%2F%2Foauth.dsh-agency.com%2F%3Fredirect_url%3DaHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8%3D&rl=https%3A%2F%2Fmyaccount.lrwr...
  • https://www.facebook.com/tr/?redirect=0&rqm=GET&coo=false&it=1720055663603&cdl=API_unavailable&ler=other&fbp=fb.1.1720055663734.556921181145177706&o=4126&ec=0&r=stable&v=2.9.160&sh=1200&sw=1600&ts=...
0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?redirect=0&rqm=GET&coo=false&it=1720055663603&cdl=API_unavailable&ler=other&fbp=fb.1.1720055663734.556921181145177706&o=4126&ec=0&r=stable&v=2.9.160&sh=1200&sw=1600&ts=1720055663735&if=false&rl=https%3A%2F%2Fmyaccount.lrwriters.com%2F&dl=https%3A%2F%2Foauth.dsh-agency.com%2F%3Fredirect_url%3DaHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8%3D&ev=PageView&id=2204162282960552
Requested by
Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Protocol
H2
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://oauth.dsh-agency.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1297, tbw=3449, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 04 Jul 2024 01:14:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Redirect headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1297, tbw=2797, tp=-1, tpl=-1, uplat=0, ullat=0
pragma
no-cache
date
Thu, 04 Jul 2024 01:14:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
content-type
text/plain
location
/tr/?redirect=0&rqm=GET&coo=false&it=1720055663603&cdl=API_unavailable&ler=other&fbp=fb.1.1720055663734.556921181145177706&o=4126&ec=0&r=stable&v=2.9.160&sh=1200&sw=1600&ts=1720055663735&if=false&rl=https%3A%2F%2Fmyaccount.lrwriters.com%2F&dl=https%3A%2F%2Foauth.dsh-agency.com%2F%3Fredirect_url%3DaHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8%3D&ev=PageView&id=2204162282960552
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2204162282960552&ev=PageView&dl=https%3A%2F%2Foauth.dsh-agency.com%2F%3Fredirect_url%3DaHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8%3D&rl=https%3A%2F%2Fmyaccount.lrwriters.com%2F&if=false&ts=1720055663735&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720055663734.556921181145177706&ler=other&cdl=API_unavailable&it=1720055663603&coo=false&rqm=FGET
Requested by
Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.dsh-agency.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x18cff08943cc275c","source_keys":["1","2"]},{"key_piece":"0x60893f4b365d7700","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 04 Jul 2024 01:14:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387582821138823001", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=12, mss=1297, tbw=3622, tp=-1, tpl=-1, uplat=123, ullat=0
pragma
no-cache
x-fb-debug
JYQrqVfobeffm/nzZD3y/gaSz+CSBJgM99ZJxLRQJWfbdvzQpoNT2pxd+jC6xlZ0jiiu5iQAksxlMnaJo594tA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387582821138823001"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-129148043-1&cid=1401349451.1720055664&jid=786016881&npa=1&_u=YGBACEAABAAAACgAI~&z=279674217
Requested by
Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.dsh-agency.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 01:14:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-129148043-1&cid=1401349451.1720055664&jid=786016881&npa=1&_u=YGBACEAABAAAACgAI~&z=279674217
Requested by
Host: oauth.dsh-agency.com
URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.dsh-agency.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 01:14:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
oauth.dsh-agency.com/ 		31 KB
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://oauth.dsh-agency.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
164.92.176.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.2 /
Resource Hash
f8ea0c50080f735cd285171c3f08bd2dc6157dd2397d0ae29b342a79ac950a93

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:14:23 GMT
Last-Modified
Wed, 05 Apr 2023 20:11:52 GMT
Server
nginx/1.17.2
ETag
"642dd608-7d26"
Content-Type
image/x-icon
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32038
Expires
Thu, 11 Jul 2024 01:14:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
account.lrwriters.com
URL
https://account.lrwriters.com/api/v3/profile/notices_notification?limit=20&sort=-created_at&event_tag[]=notify_mark_bad&event_tag[]=notify_issue_cancelled&event_tag[]=notify_issue_closed&event_tag[]=notify_notice_bad&event_tag[]=notify_writer_order_feedback_cancelled&event_tag[]=notify_veriff_declined&event_tag[]=notify_veriff_resubmission&event_tag[]=notify_group_down&event_tag[]=notify_mark_good&event_tag[]=notify_mark_update&event_tag[]=notify_mark_hide&event_tag[]=notify_writer_order_feedback_resolved&event_tag[]=notify_veriff_approved&event_tag[]=notify_group_up&event_tag[]=notify_issue_resolved&event_tag[]=notify_revision_accept&event_tag[]=notify_rdd_changed
Domain
account.lrwriters.com
URL
https://account.lrwriters.com/api/v3/profile
Domain
account.lrwriters.com
URL
https://account.lrwriters.com/api/v3/notification
Domain
account.lrwriters.com
URL
https://account.lrwriters.com/api/v3/settings?country_list=1
Domain
account.lrwriters.com
URL
https://account.lrwriters.com/api/v3/profile/notices
Domain
account.lrwriters.com
URL
https://account.lrwriters.com/api/v3/live_schedules?all=true&deleted=true
Domain
pp.signalayer.com
URL
https://pp.signalayer.com/3d214891-7e32-41b1-bfeb-615508762ca3
Domain
data.signalayer.com
URL
https://data.signalayer.com/player/fetch/3d214891-7e32-41b1-bfeb-615508762ca3.json
Domain
account.lrwriters.com
URL
https://account.lrwriters.com/api/v3/orders
Domain
cdn.polyfill.io
URL
https://cdn.polyfill.io/v2/polyfill.min.js

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| dataLayer function| ClientJS object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbq function| _fbq function| readCookie object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled

11 Cookies

Domain/Path Name / Value
.lrwriters.com/ Name: _hjSessionUser_2055233
Value: eyJpZCI6IjQzZDZiYjIxLWM2NTYtNTg5Ny1hODhiLTAwZWQxNWI4ZTI4ZCIsImNyZWF0ZWQiOjE3MjAwNTU2NjI3MjgsImV4aXN0aW5nIjpmYWxzZX0=
.lrwriters.com/ Name: _hjSession_2055233
Value: eyJpZCI6IjYzYTJiYTE3LTRlMjMtNDM2Yy1iOWQ1LTYyNzEyYWNlODkzMiIsImMiOjE3MjAwNTU2NjI3MjksInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
myaccount.lrwriters.com/ Name: _lrtrack_tcid
Value: 72a82feb-7cde-4cc8-8a54-15fbdee8bd78
myaccount.lrwriters.com/ Name: _sl_ping_marker
Value: initial
.oauth.dsh-agency.com/ Name: referrer_a
Value: https://myaccount.lrwriters.com/
.dsh-agency.com/ Name: _ga
Value: GA1.2.1401349451.1720055664
.dsh-agency.com/ Name: _gid
Value: GA1.2.138340413.1720055664
.dsh-agency.com/ Name: _gat_UA-129148043-1
Value: 1
.dsh-agency.com/ Name: _hjSessionUser_505540
Value: eyJpZCI6ImFhNWFiNDNlLWNlNmItNWIyZi04ZjY2LWY1M2M2N2YwYWRlNiIsImNyZWF0ZWQiOjE3MjAwNTU2NjM2ODcsImV4aXN0aW5nIjp0cnVlfQ==
.dsh-agency.com/ Name: _hjSession_505540
Value: eyJpZCI6IjQxNmIyNGU2LWZiMWQtNDJlNy1hMzg4LTVmNTY4NTU3NzliNyIsImMiOjE3MjAwNTU2NjM2ODgsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.dsh-agency.com/ Name: _fbp
Value: fb.1.1720055663734.556921181145177706

4 Console Messages

Source Level URL
Text
network error URL: https://tickettool.dsh-agency.com/api/v1/state_data
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://cdn.polyfill.io/v2/polyfill.min.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
recommendation verbose URL: https://oauth.dsh-agency.com/?redirect_url=aHR0cHM6Ly9teWFjY291bnQubHJ3cml0ZXJzLmNvbS8=
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://auth-back.dsh-agency.com/self
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.lrwriters.com
api.ipify.org
auth-back.dsh-agency.com
cdn.polyfill.io
cdn.signalayer.com
connect.facebook.net
data.signalayer.com
fonts.googleapis.com
fonts.gstatic.com
myaccount.lrwriters.com
oauth.dsh-agency.com
pp.signalayer.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
tickettool.dsh-agency.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
account.lrwriters.com
cdn.polyfill.io
data.signalayer.com
pp.signalayer.com
104.26.13.205
13.32.27.107
13.32.27.54
142.250.185.196
148.251.23.206
157.230.97.66
164.92.176.90
172.217.16.195
18.66.102.11
18.66.102.53
206.81.27.11
2a00:1450:4001:803::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2008
2a00:1450:4001:829::200a
2a00:1450:400c:c1d::9c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a0b:4d07:101::1
3.161.82.74
10190b23633194839752328681f3bab217a571070c0b846ac56f90b1629f1256
23530f79939f7833451e84bd8b170a50c424fd5dd1f2303f891039e339468cfe
2765e875a9c81620f07dda220ec455b70e963a4e68e917b92af654f4da790c57
369f2d426c38977b3d5fed3a03e9ca4246a83b8ce7f749c5304ad066ce6b1548
38a0474672476ee2f960c1203877918e66a61d86497a60793cedf76fb792e702
4b74adce203915ff39c59917039582fdec9fb533cda88fcddfa9d110473fc420
503d32f05811989b339ff5bbe81095a8652dc0a1e8dffb3ec0189ffbdedbbf10
570a5bcf9e42992afef158871b8509cedd373ebdaa8e1d6a1e3fdafd1da6a7e2
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85f7f586fe7032bfc85efaf83d37a4678e3b8552555cfadf18151aaadb70b4cd
97dfb9d5f99440dd00e312e3a4acbec75975a53939b16e8781754d33b650b275
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91
bfa8184f76406aee9c85213e336e99ea7d1bab686945e9165c0ab4b395a3df6d
c7e52d1b3ea7535d114503d9e51c845219a1511941dce3bf1d8d69506ade2441
caac557753b8f2c54a22850b54bf960d6807375fd563298983caaf100070edfe
cd3507143e7005ea284ee86d891feea12d7f48bd290f0196d3ae31a8195cdbb3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e33c0ee123ba9a72984c6764786c3a02a4e378b7db8eeb42b6830160a1a68b79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8ea0c50080f735cd285171c3f08bd2dc6157dd2397d0ae29b342a79ac950a93