snip.ly Open in urlscan Pro
104.22.6.164  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response snip.ly/cal/	10 KB 3 KB	1070ms 1012ms	Document text/html	104.22.6.164 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://snip.ly/cal/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.6.164 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d23dc818f74abee7f5b4dbb9841c67f999cf079de7ca6d333a6c87728fa0bf51 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Response headers cf-cache-status DYNAMIC cf-ray 8f64847df91eac54-YYZ content-encoding br content-type text/html; charset=utf-8 date Mon, 23 Dec 2024 01:18:25 GMT link <orig6745abce47bf9583c9942c03--https://nagawinbot.com/cal>; rel="canonical" server cloudflare sniply-cache MISS vary Cookie, Origin x-robots-tag noindex, follow
GET H3	200	app.js Show response ctarendering.snip.ly/	2 MB 1 MB	121ms 43ms	Script text/javascript	172.66.0.96 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ctarendering.snip.ly/app.js Requested by Host: snip.ly URL: https://snip.ly/cal/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 147aa7304ec826f37c3b183e3160bfbf388948e88fb3b8fd34a7e7feb850d46f Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Referer https://snip.ly/ Response headers x-envoy-upstream-healthchecked-cluster content-encoding br cf-cache-status HIT etag W/"6d4c764f826f0772fc58b0b94d99ec60" age 33472 alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 23 Dec 2024 01:18:26 GMT x-rgw-object-type Normal content-type text/javascript; charset=utf-8 last-modified Thu, 23 May 2024 15:06:44 GMT vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding priority u=3,i=?0 cache-control public,max-age=10,s-maxage=86400 x-do-app-origin 2a66456c-5318-453b-ad88-1fe2ad8e4f82 x-amz-request-id tx00000524a961b7460d174-006748322c-10d1b6618-fra1b cf-ray 8f648484d96a36cf-YYZ server cloudflare x-do-orig-status 200
GET H3	200	jquery.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/	242 KB 61 KB	57ms 30ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.js Requested by Host: snip.ly URL: https://snip.ly/cal/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Referer https://snip.ly/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5eb03ec4-3c72d" age 278992 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aR7MmnIpHB4hZ8JqqRub2y5Xr31ctWaPlNIvo5CaUgEAWxJ%2Ffx%2FttQLGqugo3GCNNiygeXManWugIC9mPbfoSeQQYrSn2nBotVP2tyxeWcoFP3LDFJ9AGLh87CBlpwdWUXRsmPPT"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Sat, 13 Dec 2025 01:18:26 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 23 Dec 2024 01:18:26 GMT content-type application/javascript; charset=utf-8 last-modified Mon, 04 May 2020 16:11:48 GMT vary Accept-Encoding priority u=1,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8f6484848f78ab04-YYZ accept-ranges bytes access-control-allow-origin * content-length 61737 server cloudflare
GET H2	200	css fonts.googleapis.com/	17 KB 2 KB	190ms 113ms	Stylesheet text/css	142.251.40.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,300,600 Requested by Host: snip.ly URL: https://snip.ly/cal/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.106 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f10.1e100.net Software ESF / Resource Hash 69aefcf06e8eaeb09cacd7fec2cf4b201c9c8f68fc27fa5df97f9a6357230904 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Referer https://snip.ly/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 23 Dec 2024 01:18:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 23 Dec 2024 01:18:26 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Mon, 23 Dec 2024 00:46:53 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H3	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/	99 KB 19 KB	56ms 29ms	Stylesheet text/css	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css Requested by Host: snip.ly URL: https://snip.ly/cal/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Origin https://snip.ly Referer Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "630e6e62-4900" age 283266 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fBX%2Fs%2FD7dhBsIPeHng23pZXAGlWSXUJzQa4PEYCOVxzUnbRGy9CCRnuTY0Ig6HgQWoVtsNCt3ASGR9GykVwSaXiE6FqhoXjANKHollcR9Ds9PI9ORuFlB0fUt2VoM%2BIKeTULnBLt"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Sat, 13 Dec 2025 01:18:26 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 23 Dec 2024 01:18:26 GMT content-type text/css; charset=utf-8 last-modified Tue, 30 Aug 2022 20:09:06 GMT vary Accept-Encoding priority u=0,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8f64848489f7ac76-YYZ accept-ranges bytes access-control-allow-origin * content-length 18688 server cloudflare
GET H2	200	gtm.js Show response www.googletagmanager.com/	327 KB 112 KB	516ms 59ms	Script application/javascript	142.250.80.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MZP55VS Requested by Host: snip.ly URL: https://snip.ly/cal/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.72 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s35-in-f8.1e100.net Software Google Tag Manager / Resource Hash 5f92ab561fc08ec4f7c00fca02ce952940898ca9177c45e4ce60e28902857229 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Referer https://snip.ly/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Mon, 23 Dec 2024 01:18:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 23 Dec 2024 01:18:26 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Mon, 23 Dec 2024 00:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 114023 x-xss-protection 0 server Google Tag Manager
GET		cal nagawinbot.com/ Frame 9B55	0 0
GET H/1.1	200 OK	1d7c73e4-51e9-459a-97e9-1e3c59e387ce 3f40f2e5d9a320633d8a-76d63bd8779f62275bae70e2be2045cf.ssl.cf5.rackcdn.com/	104 KB 105 KB	194ms 59ms	Image image/png	23.201.183.177 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://3f40f2e5d9a320633d8a-76d63bd8779f62275bae70e2be2045cf.ssl.cf5.rackcdn.com/1d7c73e4-51e9-459a-97e9-1e3c59e387ce Requested by Host: snip.ly URL: https://snip.ly/cal/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.201.183.177 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-201-183-177.deploy.static.akamaitechnologies.com Software / Resource Hash f87b3baf4e0242774d5d164101e3e50d190b86e818e2101810d3e708dfa9d4f7 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Referer https://snip.ly/ Response headers Origin https://snip.ly Cache-Control public, max-age=62754 ETag 57d60ac7ad1833c6e36177636c2a8974 X-Timestamp 1611234691.77796 Connection keep-alive Expires Mon, 23 Dec 2024 18:44:20 GMT Accept-Ranges bytes X-Trans-Id txa36ffe6a9e1b4a7fb4e44-00675fc010iad3 Content-Length 106865 Date Mon, 23 Dec 2024 01:18:26 GMT Last-Modified Thu, 21 Jan 2021 13:11:32 GMT Content-Type image/png
GET DATA	200 OK	truncated /	843 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2c8c15bf173a7b7e128e85e97659ff81e2f4e679df211d47f16bca655f0f4970 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	347 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9f0118bb5190a4e371d22d662dbfd795380ad6f1199576db9ed836cd2726766f Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	312 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 386076495ea3ff5c10fb53ce1f70445b220a8c4c3bf67a9ea8d9295e261519f2 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	8 KB 8 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Origin https://snip.ly Referer Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	8 KB 8 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Origin https://snip.ly Referer Response headers Content-Type font/woff2
POST H2	201	/ Show response snip.ly/api/v3/views/	272 B 424 B	557ms 555ms	Fetch application/json	104.22.6.164 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://snip.ly/api/v3/views/ Requested by Host: ctarendering.snip.ly URL: https://ctarendering.snip.ly/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.6.164 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8ec8c4af878284c74632cc39765576304128519fea90fece3fe2d5698e863d2 Request headers Referer https://snip.ly/cal/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 accept application/json content-type application/json Response headers cf-cache-status DYNAMIC allow POST, OPTIONS cf-ray 8f648487aa32ac54-YYZ access-control-allow-origin https://snip.ly content-length 272 date Mon, 23 Dec 2024 01:18:27 GMT content-type application/json vary Cookie, Origin server cloudflare access-control-allow-headers Authorization
GET H2	200	js Show response www.googletagmanager.com/gtag/	317 KB 106 KB	330ms 329ms	Script application/javascript	142.250.80.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-E9XB5HEC0V&l=dataLayer&cx=c&gtm=45He4cc1v843677799za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZP55VS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.72 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s35-in-f8.1e100.net Software Google Tag Manager / Resource Hash 49700e618b3c52448ddff96bc0523de58bbb79d61297206486044534aa391813 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Referer https://snip.ly/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Mon, 23 Dec 2024 01:18:27 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 23 Dec 2024 01:18:27 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 108435 x-xss-protection 0 server Google Tag Manager
GET H2	200	hotjar-3179593.js Show response static.hotjar.com/c/	13 KB 6 KB	468ms 115ms	Script application/javascript	13.33.252.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-3179593.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZP55VS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.252.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-252-92.jfk50.r.cloudfront.net Software / Resource Hash 287e882d7239ba1a7c8f065c5ed86d7f2aec4cbb8d6c95b4faab1cbf967e6a73 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Referer https://snip.ly/ Response headers strict-transport-security max-age=2592000; includeSubDomains cache-control max-age=60 content-encoding br etag W/d0fe9275ec189afd234e7d0d1620ecc5 cross-origin-resource-policy cross-origin x-content-type-options nosniff x-cache-hit 1 via 1.1 37c23a320daf1957772cba43d1a5bde0.cloudfront.net (CloudFront) access-control-allow-origin * x-cache RefreshHit from cloudfront x-amz-cf-id qdFkvwPElhhHchqlgkigh3uvtCCxwmsXvpUg6L-3PycxPjZ_fRlAOw== date Mon, 23 Dec 2024 01:18:27 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-amz-cf-pop JFK50-P10
POST H2	204	collect www.google-analytics.com/g/	0 0	127ms 47ms	Fetch text/plain	172.217.165.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-E9XB5HEC0V&gtm=45je4cc1v880726019z8843677799za200zb843677799&_p=1734916706160&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=473197393.1734916707&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734916707&sct=1&seg=0&dl=https%3A%2F%2Fsnip.ly%2Fcal%2F&dt=%D7%98%D7%95%D7%A4%D7%A1%20%D7%AA%D7%A9%D7%9C%D7%95%D7%9D&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2352 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-E9XB5HEC0V&l=dataLayer&cx=c&gtm=45He4cc1v843677799za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.165.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s70-in-f14.1e100.net Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Referer https://snip.ly/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://snip.ly cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 23 Dec 2024 01:18:27 GMT content-type text/plain server Golfe2
GET H2	200	modules.60031afbf51fb3e88a5b.js Show response script.hotjar.com/	223 KB 56 KB	165ms 38ms	Script application/javascript	18.164.96.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.60031afbf51fb3e88a5b.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-3179593.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-46.jfk50.r.cloudfront.net Software / Resource Hash e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Referer https://snip.ly/ Response headers x-robots-tag none content-encoding br etag "b4a1a7933e55e780894c3f39b1aca0b4" age 394040 x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id MEFmSB0M0WMDVlrS36SUyFcp_o0dtebdcp1c0sZaKeBcuThYMSg9nA== date Wed, 18 Dec 2024 11:51:07 GMT content-type application/javascript; charset=utf-8 last-modified Wed, 18 Dec 2024 11:50:24 GMT vary Accept-Encoding strict-transport-security max-age=2592000; includeSubDomains cache-control max-age=31536000 cross-origin-resource-policy cross-origin via 1.1 5ba825173b1f7429171e730e7ae12588.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 56408 x-amz-cf-pop JFK50-P5
GET H2	200	browser-perf.8417c6bba72228fa2e29.js Show response script.hotjar.com/	5 KB 2 KB	34ms 33ms	Script application/javascript	18.164.96.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.60031afbf51fb3e88a5b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-46.jfk50.r.cloudfront.net Software / Resource Hash 70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Referer https://snip.ly/ Response headers x-robots-tag none content-encoding br etag "b83b61bc5871e9a23a0434e2c539f4f3" age 8235667 x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id aiVDquF-0vGTP_wWftuG5j84QbQbxFNKSJABGuDatPmc2XRBYS8_FQ== date Wed, 18 Sep 2024 17:37:20 GMT content-type application/javascript; charset=utf-8 last-modified Tue, 17 Sep 2024 15:41:53 GMT vary Accept-Encoding strict-transport-security max-age=2592000; includeSubDomains cache-control max-age=31536000 cross-origin-resource-policy cross-origin via 1.1 5ba825173b1f7429171e730e7ae12588.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 1782 x-amz-cf-pop JFK50-P5
GET H2	404	None snip.ly/cal/	32 KB 7 KB	412ms 412ms	Other text/html	104.22.6.164 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://snip.ly/cal/None Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.6.164 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5d709aeeadaca0de3e2ab61097a1834c9c2a17d37f5219b053a8a76fa281bd6 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 Referer https://snip.ly/cal/ Response headers cf-ray 8f64848e4fe1ac54-YYZ content-encoding br cf-cache-status DYNAMIC date Mon, 23 Dec 2024 01:18:27 GMT content-type text/html; charset=utf-8 vary Cookie, Origin server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

nagawinbot.com

URL

orig6745abce47bf9583c9942c03--https://nagawinbot.com/cal?utm_source=sniply&utm_campaign=sniply&utm_medium=sniply

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ctaData string| sniply_referrer string| sniply_user_ip string| sniply_user_device string| sniply_link_id string| sniply_link_slug string| sniply_non_static_url function| $ function| jQuery object| dataLayer object| content_frame object| afs_ads_div function| tryAvoidFilters object| content_frame_observer function| onMyFrameLoad object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| onYouTubeIframeAPIReady object| gaGlobal object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			snip.ly/	1970-01-21 04:04:52	Name: sessionid Value: s83tqb25wlsk5ejrbher6yjajssdd2et
			.ctarendering.snip.ly/	1970-01-21 01:55:18	Name: __cf_bm Value: oquiUunxAJSeyt8FLLD_tO.Lo6yBcRIcvSsfy.ImRt8-1734916706-1.0.1.1-P9f_Afo91aLwbX7X0vE4FM5.kyw.17RH2mtP3IV9H2DjPC7Kx2Fh3EkcCQklO5Bq9O3VzzVkDys.noo50PeS4A
			.snip.ly/	1970-01-21 11:31:16	Name: _ga Value: GA1.1.473197393.1734916707
			.snip.ly/	1970-01-21 11:31:16	Name: _ga_E9XB5HEC0V Value: GS1.1.1734916707.1.0.1734916707.0.0.0
			.snip.ly/	1970-01-21 10:40:52	Name: _hjSessionUser_3179593 Value: eyJpZCI6IjNkNzAyN2Y4LTUxNWEtNTQxMi05ZTgwLTY4ZWM1ZDBjODQ5YSIsImNyZWF0ZWQiOjE3MzQ5MTY3MDc1MTQsImV4aXN0aW5nIjpmYWxzZX0=
			.snip.ly/	1970-01-21 01:55:18	Name: _hjSession_3179593 Value: eyJpZCI6ImRjYzRmMTdhLWQzODgtNGE5OC1hMTE3LWY3ZmJmY2EyNTBjOCIsImMiOjE3MzQ5MTY3MDc1MTUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://snip.ly/cal/ Message: Not allowed to launch 'orig6745abce47bf9583c9942c03--https://nagawinbot.com/cal?utm_source=sniply&utm_campaign=sniply&utm_medium=sniply' because a user gesture is required.
network	error	URL: https://snip.ly/cal/None Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3f40f2e5d9a320633d8a-76d63bd8779f62275bae70e2be2045cf.ssl.cf5.rackcdn.com
cdnjs.cloudflare.com
ctarendering.snip.ly
fonts.googleapis.com
nagawinbot.com
script.hotjar.com
snip.ly
static.hotjar.com
www.google-analytics.com
www.googletagmanager.com
nagawinbot.com
104.17.24.14
104.22.6.164
13.33.252.92
142.250.80.72
142.251.40.106
172.217.165.142
172.66.0.96
18.164.96.46
23.201.183.177
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
147aa7304ec826f37c3b183e3160bfbf388948e88fb3b8fd34a7e7feb850d46f
287e882d7239ba1a7c8f065c5ed86d7f2aec4cbb8d6c95b4faab1cbf967e6a73
2c8c15bf173a7b7e128e85e97659ff81e2f4e679df211d47f16bca655f0f4970
386076495ea3ff5c10fb53ce1f70445b220a8c4c3bf67a9ea8d9295e261519f2
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
49700e618b3c52448ddff96bc0523de58bbb79d61297206486044534aa391813
5f92ab561fc08ec4f7c00fca02ce952940898ca9177c45e4ce60e28902857229
69aefcf06e8eaeb09cacd7fec2cf4b201c9c8f68fc27fa5df97f9a6357230904
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
9f0118bb5190a4e371d22d662dbfd795380ad6f1199576db9ed836cd2726766f
b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
c8ec8c4af878284c74632cc39765576304128519fea90fece3fe2d5698e863d2
d23dc818f74abee7f5b4dbb9841c67f999cf079de7ca6d333a6c87728fa0bf51
d5d709aeeadaca0de3e2ab61097a1834c9c2a17d37f5219b053a8a76fa281bd6
e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a
f87b3baf4e0242774d5d164101e3e50d190b86e818e2101810d3e708dfa9d4f7