rental.turbotenant.com Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u7526804.ct.sendgrid.net/ls/click?upn=wovFXl2QhM-2Bo8vImVppUKaNZ8g5zeyk2YPHT2ju09YbaEVqmCQnFhisSH5fplyZ6ctVU9DA0Pw5Ot3wlU...
Effective URL:
https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
Submission: On February 08 via manual (February 8th 2023, 11:34:28 pm UTC) from IN — Scanned from DE

Summary HTTP 130 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 40 IPs in 5 countries across 29 domains to perform 130 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is rental.turbotenant.com. The Cisco Umbrella rank of the primary domain is 647288.
TLS certificate: Issued by GTS CA 1P5 on January 20th 2023. Valid for: 3 months.

This is the only time rental.turbotenant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.122 167.89.123.122	11377 (SENDGRID) (SENDGRID)
12	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:c7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
8	52.34.137.185 52.34.137.185	16509 (AMAZON-02) (AMAZON-02)
8	13.224.192.183 13.224.192.183	16509 (AMAZON-02) (AMAZON-02)
1	34.96.110.71 34.96.110.71	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
3	99.86.4.76 99.86.4.76	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.110.26 13.32.110.26	16509 (AMAZON-02) (AMAZON-02)
6	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
2	18.66.196.105 18.66.196.105	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1	18.164.52.95 18.164.52.95	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.80 13.224.189.80	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.103.85.187 104.103.85.187	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:402... 2a00:1450:4025:401::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:802::200d	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
1	13.224.189.18 13.224.189.18	16509 (AMAZON-02) (AMAZON-02)
3	34.213.113.84 34.213.113.84	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.93 99.86.4.93	16509 (AMAZON-02) (AMAZON-02)
1	34.96.67.224 34.96.67.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	174.138.116.207 174.138.116.207	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	54.81.202.145 54.81.202.145	14618 (AMAZON-AES) (AMAZON-AES)
3	34.102.232.42 34.102.232.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.162.22.199 35.162.22.199	16509 (AMAZON-02) (AMAZON-02)
130	40

1 167.89.123.122 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x122.outbound-mail.sendgrid.net

u7526804.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

rental.turbotenant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:c7f (United States)

ASN13335 (CLOUDFLARENET, US)

widget.reviews.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.34.137.185 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-137-185.us-west-2.compute.amazonaws.com

api.turbotenant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.224.192.183 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-183.fra2.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.110.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.110.96.34.bc.googleusercontent.com

cdn.wootric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-26.vie50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

utt.impactcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.196.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-196-105.mxp63.r.cloudfront.net

cdn.pbbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.52.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-95.cdg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-80.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.103.85.187 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-85-187.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::200d (Ireland)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-18.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.213.113.84 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-113-84.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-93.fra6.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.sift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.138.116.207 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

br-rx.atatus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.81.202.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-202-145.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.162.22.199 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-22-199.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	turbotenant.com rental.turbotenant.com — Cisco Umbrella Rank: 647288 api.turbotenant.com — Cisco Umbrella Rank: 432360	2 MB
16	google.com www.google.com — Cisco Umbrella Rank: 2 apis.google.com — Cisco Umbrella Rank: 97 accounts.google.com — Cisco Umbrella Rank: 70	156 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	696 KB
9	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 2841 static-tracking.klaviyo.com — Cisco Umbrella Rank: 3505 fast.a.klaviyo.com — Cisco Umbrella Rank: 4105 static-forms.klaviyo.com — Cisco Umbrella Rank: 3840	72 KB
8	stripe.com js.stripe.com — Cisco Umbrella Rank: 1014 q.stripe.com — Cisco Umbrella Rank: 6465 m.stripe.com — Cisco Umbrella Rank: 1010	110 KB
8	segment.com cdn.segment.com — Cisco Umbrella Rank: 1383	77 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 23 region1.google-analytics.com — Cisco Umbrella Rank: 2453	20 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6211	903 B
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	3 KB
3	hexagon-analytics.com hexagon-analytics.com — Cisco Umbrella Rank: 5085	510 B
3	segment.io api.segment.io — Cisco Umbrella Rank: 989	532 B
3	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1914 api-iam.intercom.io — Cisco Umbrella Rank: 2340	10 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 617 script.hotjar.com — Cisco Umbrella Rank: 787 vars.hotjar.com — Cisco Umbrella Rank: 835	72 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	4 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1145	17 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2544	200 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	87 KB
2	pbbl.co cdn.pbbl.co — Cisco Umbrella Rank: 8271
2	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 901	93 KB
2	impactcdn.com utt.impactcdn.com — Cisco Umbrella Rank: 5349	26 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	159 KB
1	atatus.com br-rx.atatus.com — Cisco Umbrella Rank: 177932	239 B
1	sift.com cdn.sift.com — Cisco Umbrella Rank: 9848	20 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 2936	18 KB
1	cdn-apple.com appleid.cdn-apple.com — Cisco Umbrella Rank: 3187	17 KB
1	wootric.com cdn.wootric.com — Cisco Umbrella Rank: 7382	63 KB
1	reviews.io widget.reviews.io — Cisco Umbrella Rank: 28452	847 B
1	sendgrid.net 1 redirects u7526804.ct.sendgrid.net — Cisco Umbrella Rank: 885051	322 B
0	mixpanel.com Failed api-js.mixpanel.com Failed
130	29

	Domain	Requested by
12	rental.turbotenant.com	rental.turbotenant.com
10	www.google.com	rental.turbotenant.com www.gstatic.com www.google.com
8	fonts.gstatic.com	fonts.googleapis.com www.google.com
8	cdn.segment.com	rental.turbotenant.com cdn.segment.com
8	api.turbotenant.com	rental.turbotenant.com
6	www.google.de	rental.turbotenant.com
6	www.gstatic.com	www.google.com www.gstatic.com accounts.google.com
5	www.google-analytics.com	www.googletagmanager.com rental.turbotenant.com
5	static.klaviyo.com	www.googletagmanager.com static.klaviyo.com
4	stats.g.doubleclick.net	rental.turbotenant.com
3	hexagon-analytics.com
3	q.stripe.com	rental.turbotenant.com
3	api.segment.io	rental.turbotenant.com
3	accounts.google.com	apis.google.com rental.turbotenant.com www.gstatic.com
3	apis.google.com	rental.turbotenant.com apis.google.com
3	js.stripe.com	rental.turbotenant.com js.stripe.com
3	fonts.googleapis.com	rental.turbotenant.com client
2	m.stripe.com	m.stripe.network
2	api-iam.intercom.io	js.intercomcdn.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	js.intercomcdn.com	widget.intercom.io
2	connect.facebook.net	rental.turbotenant.com connect.facebook.net
2	static-tracking.klaviyo.com	static.klaviyo.com
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.pbbl.co	rental.turbotenant.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.googleoptimize.com	www.googletagmanager.com
2	utt.impactcdn.com	rental.turbotenant.com
2	www.googletagmanager.com	rental.turbotenant.com www.googletagmanager.com
1	br-rx.atatus.com	rental.turbotenant.com
1	cdn.sift.com	rental.turbotenant.com
1	widget.intercom.io	cdn.segment.com
1	cdn.mxpnl.com	cdn.segment.com
1	static-forms.klaviyo.com	rental.turbotenant.com
1	fast.a.klaviyo.com	rental.turbotenant.com
1	appleid.cdn-apple.com	rental.turbotenant.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	cdn.wootric.com	rental.turbotenant.com
1	widget.reviews.io	rental.turbotenant.com
1	u7526804.ct.sendgrid.net	1 redirects
0	api-js.mixpanel.com Failed	rental.turbotenant.com
130	43

This site contains links to these domains. Also see Links.

Domain
www.turbotenant.com

Subject Issuer	Validity	Valid
*.turbotenant.com GTS CA 1P5	`2023-01-20` - `2023-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-28` - `2023-05-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.segment.com Amazon	`2022-12-13` - `2024-01-12`	a year	crt.sh
cdn.wootric.com GTS CA 1D4	`2023-02-05` - `2023-05-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
static.klaviyo.com R3	`2023-01-18` - `2023-04-18`	3 months	crt.sh
utt.impactcdn.com GTS CA 1D4	`2023-01-29` - `2023-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.pbbl.co Amazon	`2022-10-04` - `2023-11-02`	a year	crt.sh
static-tracking.klaviyo.com R3	`2023-01-26` - `2023-04-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-18` - `2023-02-16`	3 months	crt.sh
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1	`2022-04-19` - `2023-05-19`	a year	crt.sh
fast.a.klaviyo.com R3	`2023-01-18` - `2023-04-18`	3 months	crt.sh
static-forms.klaviyo.com R3	`2022-12-27` - `2023-03-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.mxpnl.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-07-11` - `2023-07-28`	a year	crt.sh
*.intercom.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh
*.segment.io Amazon	`2023-01-11` - `2024-02-10`	a year	crt.sh
*.intercomcdn.com Amazon	`2022-12-31` - `2024-01-29`	a year	crt.sh
*.sift.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-10` - `2024-02-10`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-12` - `2023-03-09`	4 months	crt.sh
*.atatus.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-15` - `2023-12-09`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.hexagon-analytics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-31` - `2023-12-01`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-08` - `2023-04-08`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
Frame ID: 8918CDA8726312B9DE21B5EFD1F15DC5
Requests: 102 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
Frame ID: 16D0FD081BD02FA82DCBC9DA1ABBFEE2
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfV9AIhAAAAAIy34sYo72Q6iqbaOgHL8Mkbayov&co=aHR0cHM6Ly9yZW50YWwudHVyYm90ZW5hbnQuY29tOjQ0Mw..&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=4zktzs22hwn2
Frame ID: 6C8EC5BC7C3B08EE4AA703781D1F030E
Requests: 7 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: DA8CC49709CB61FFC7CFB1AEEBD30A2B
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.4f91633b.js
Frame ID: 299E62E4073E0B44F93FDC6EFDB16795
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 5DCB2222F7581DB3B7C6E074B3A59866
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B1D2D89B721C082B85A349119F8D54CC
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Landlord Login - TurboTenant

Page URL History Show full URLs

https://u7526804.ct.sendgrid.net/ls/click?upn=wovFXl2QhM-2Bo8vImVppUKaNZ8g5zeyk2YPHT2ju09YbaEVqmCQnFhisSH5fpl... HTTP 302
https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_sour... Page URL

Detected technologies

Apple Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

appleid\.auth\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

130
Requests

99 %
HTTPS

43 %
IPv6

29
Domains

43
Subdomains

40
IPs

5
Countries

3632 kB
Transfer

11247 kB
Size

27
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.turbotenant.com/

Search URL Search Domain Scan URL

URL: https://www.turbotenant.com/scams
Title: Avoid Scams in Rental Housing

Search URL Search Domain Scan URL

URL: https://www.turbotenant.com/fair-housing/
Title: Equal Housing Opportunity

Search URL Search Domain Scan URL

URL: https://www.turbotenant.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.turbotenant.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u7526804.ct.sendgrid.net/ls/click?upn=wovFXl2QhM-2Bo8vImVppUKaNZ8g5zeyk2YPHT2ju09YbaEVqmCQnFhisSH5fplyZ6ctVU9DA0Pw5Ot3wlUKgzVLTEmxMaXCw7FwQyb8yaVRvbuTZLseeh2jqtu5Jk0FFWFZTzDIET6ojFOCdMP3lktKuFtQ3IVaHBTvpbxZdckdQ-3DDM8j_bB6PlzGFGXrmm2uTeT-2FlQ41xl-2FSxLksMFsuamKJ08PibH7-2BH9PtDrGGcBEDHXbqV6cVZIs-2BFvohb3ukV98GvmmNTF-2BS2XJU40WOEPR0KRQ-2FWTSOMop-2B4HE9qy8WxVbYnajlsZve0-2FpHH-2BaUulmvWK-2BxGNexwCrlTYaGIqx9bU02KVxXnfKj89ApYEF-2BfvVEeB0ZheegQXAE0Bsaw-2FNQfAzROrUBH6yRFCK3olZYRqF9F-2FNBcRZYkiT3v4ufiHdb1e9uaMw7Kpbha1nfgMzJ3pA-3D-3D HTTP 302
https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

130 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request referrals Show response
rental.turbotenant.com/owners/
Redirect Chain

https://u7526804.ct.sendgrid.net/ls/click?upn=wovFXl2QhM-2Bo8vImVppUKaNZ8g5zeyk2YPHT2ju09YbaEVqmCQnFhisSH5fplyZ6ctVU9DA0Pw5Ot3wlUKgzVLTEmxMaXCw7FwQyb8yaVRvbuTZLseeh2jqtu5Jk0FFWFZTzDIET6ojFOCdMP3lkt...
https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid

3 KB
2 KB

743ms
619ms

Document
text/html

2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12d80779197c3d345f7d99ff81ef6058f2297b0c4cb501d40223400c6ae4ce89

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79682ce7cddc9975-FRA
content-encoding: br
content-type: text/html
date: Wed, 08 Feb 2023 23:34:20 GMT
last-modified: Wed, 08 Feb 2023 19:30:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kb1XIGJIcnxIVHe8A5ybUj5PUHTt9DcwBFHweNO4j7OXg4hfQKzJiHHpiRPvyy3IhcPc7tEIvvP8UqsTmCyxCa8GeEMDgUqTrtXVeg9sHTjUvqJhTORo%2F0WUj9d5DA%2FIDafZmog3QO7bO9uFtfqf%2BOJUi%2FNm"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-id: YW5kssGJ8Mb4zpeJ1odAujdIa9BP0LkUFEiZvZ3eAoF4dYg8_O3pbw==
x-amz-cf-pop: DUS51-P1
x-cache: Error from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 149
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Feb 2023 23:34:19 GMT
Location: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 203ms
75ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9dc8e62b83994a1eda313381316790cec86d097f2c843ae416a097747864382b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Feb 2023 23:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 22:07:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Feb 2023 23:34:20 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
665 B 202ms
76ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@100;300;400;500;600;900&display=swap

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e863428d39966b2051e5358d06d9ab31d204e80bc708cada6cee3d27a199643f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Feb 2023 23:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 23:34:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Feb 2023 23:34:20 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
870 B 137ms
49ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

719dd9d08854f73d2ff4b8bd2516a8d9f247b28fea167d18db7e8a689257ed2c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 550
x-xss-protection: 1; mode=block
expires: Wed, 08 Feb 2023 23:34:21 GMT

GET
H2 200 dist.js Show response
widget.reviews.io/badge-ribbon/ 893 B
847 B 141ms
45ms Script
text/javascript 2606:4700:10::6816:c7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.reviews.io/badge-ribbon/dist.js
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3a6e01208b42520a3e3ef5700b731d62633513f1f40378127aada936030c2ac4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:20 GMT
content-encoding: br
x-amzn-remapped-content-length: 893
cf-cache-status: HIT
age: 19924
x-amzn-requestid: 74f60850-3e19-4492-8075-d42ea59d5503
x-powered-by: Express
x-amz-apigw-id: fnoG0F7XIAMFw7g=
cf-bgj: minify
server: cloudflare
etag: W/"37d-mNMDRBYthwZqiDss8QZEqdQl34w"
x-amzn-trace-id: Root=1-63d953c4-753aef4d59cdb5cf7f94eae0;Sampled=0
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7200
cf-ray: 79682cec5c019a0f-FRA

GET
H2 200 main.56ad6141.css
rental.turbotenant.com/static/css/ 229 KB
53 KB 296ms
292ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.turbotenant.com/static/css/main.56ad6141.css
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ebb3978caf1937f9ee9ed95d40a0e354bc93e5da05802513c35b62fa93955d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:21 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Feb 2023 16:27:01 GMT
server: cloudflare
etag: W/"cbe2d498a8e09a30c8feb148e34994db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqFy0sZ7CWOJqN6vh8X2db6l9Fa9xxsUbUMkO84nSRCEWfBdt156ra0zRtWjpJPR8okTXKK3%2BGRXEgEoJkRIdgnXBhVSo%2BBXAoB%2F5SxExg5Bqup0wGvHhxt7k4ShJYybkVtShV8gw1ymcq1k7N9Cm7EGD%2FjF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79682cebc8e49975-FRA
x-amz-cf-id: _ZcY6-IHT6NZTvI1Vw-6dx7z13MqH8ZJsJCFoXHktQtKuzs13-1hwA==

GET
H2 200 main-0741d1a7aa7afa780ff2.js Show response
rental.turbotenant.com/ 5 MB
1 MB 63ms
60ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecddc9177ed9be3776926d246e807a7a2b38833177bd4efee6b7dd6eacc8f64f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:20 GMT
via: 1.1 60977f24a6858f4bd1384356217daad0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: BOS50-C2
age: 151
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 Feb 2023 19:30:17 GMT
server: cloudflare
etag: W/"9dc668eaacdb39481a962f69699e6710"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BjZlLpoQN990fxeHFPTem1J45PJHsG5S9AQYl64axRUovAir3bQ1PCh2uJtCpLIpofwB3jDyaIQHfyrkhpAV6ijAVVTOZi5DdC6SY4MmpWx%2BMBzvAek0a%2BpurwjS%2BIneLzX%2BglAgYOrLJL4%2FJnfLQy7cZe1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79682cebc8e59975-FRA
x-amz-cf-id: 3kutZ9R-sHqMqOuXpdx7BFx-J55WZfbLwTbYq6XJLmkonVR2g6b3rA==

GET
H2 200 vendor-0741d1a7aa7afa780ff2.js Show response
rental.turbotenant.com/ 39 KB
13 KB 113ms
110ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.turbotenant.com/vendor-0741d1a7aa7afa780ff2.js
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff59385f65bc163ce53b06eb3c7389ddddc021f1c98bf02d88d60cf569a4cc9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:20 GMT
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 Feb 2023 19:30:17 GMT
server: cloudflare
etag: W/"b71de0029eee0c536d294456ed00f743"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7TLDse%2Fk0IMmAjMAe9mG%2BqF7iHXFV4ZWO95VOFf4%2FYiWRPTPZrqfuY9hr3MlMKPhRnAqcWj4Rcz403VNejwbeW2exdX1XqtvwQZLla33hrx0FJX5iXL4mBRyiZh52gmEfEk09JB%2B9%2FJnVLVdchC288mqu6T"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79682cebc8e69975-FRA
x-amz-cf-id: tIm3s1SFOA8Y4g9zD5QwhMDm1J_zqqgHn9I18pebtm7Lu8ABZbsPPg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 243 KB
84 KB 335ms
97ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M8TBKSP

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adbc475d4e23a007788984268904859af09a18c050830139dd4a980502c3ed3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85134
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 22:05:14 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Feb 2023 23:34:21 GMT

OPTIONS
H2 200 graphql
api.turbotenant.com/ Frame 0
0 571ms
210ms Preflight 52.34.137.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.turbotenant.com/graphql
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.137.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-137-185.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://rental.turbotenant.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-length: 0
date: Wed, 08 Feb 2023 23:34:21 GMT
server: nginx/1.20.0
vary: Access-Control-Request-Headers
x-powered-by: Express

OPTIONS
H2 200 graphql
api.turbotenant.com/ Frame 0
0 570ms
209ms Preflight 52.34.137.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.turbotenant.com/graphql
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.137.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-137-185.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://rental.turbotenant.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-length: 0
date: Wed, 08 Feb 2023 23:34:21 GMT
server: nginx/1.20.0
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H3 200 1.4a143816.chunk.css
rental.turbotenant.com/static/css/ 8 KB
3 KB 282ms
281ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.turbotenant.com/static/css/1.4a143816.chunk.css
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d51ee1f6ec032b99523d99c404f3e875ee3fb2a0171354acc219c59a21cf996

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:21 GMT
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Feb 2023 16:27:01 GMT
server: cloudflare
etag: W/"0a3d43e65dc7fcb4059463fd19715e19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZGR36Eyaaw1GcM2Mql6FNMRZy%2BRHgU6i3XcvJS%2F8HCJwldbbz3byswWZojGcjEMT8db%2BYNIn6jlAOnBfuzOP%2B3qdCGyrUwDSBvzCrJCJMnXqhKJm0kkSjgSnlgRSvly%2Fhw%2B5NXBEp7Hvqey0JwZdPNdURJU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79682cef89462c2b-FRA
x-amz-cf-id: esX9xZV8Tv9_yKHLyFcI4vH-68F4SGob13EipTUDxL4iXo_VhO-Bag==

GET
H3 200 1-0741d1a7aa7afa780ff2.bundle.js Show response
rental.turbotenant.com/ 129 KB
38 KB 620ms
620ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.turbotenant.com/1-0741d1a7aa7afa780ff2.bundle.js
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 447c4a0a8979d17b25876d112e7690694e66def0fae2840d59889f0b54e8363e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:21 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 Feb 2023 19:30:16 GMT
server: cloudflare
etag: W/"a2a989f23c95491d6a83259453eada3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaiyodriqhG1n%2FxkaYKaqCAABvSvUJg54UDv7Qe1EKlXD6Y2BG5eY3xV4jD4300qFILyX67ylRHZ6WwJpNpb66z3dIBRZ9VhIweDJdR9HgYp%2FmyOxL5uypE8PCtMbRLUXSXep5QuqdKgMXu52b1FWTFmB4b3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79682cef89482c2b-FRA
x-amz-cf-id: OtaCC_7IgIrfZWoeWOFT_Ardq5CV7uucoHiuaYTVmM76Rmg2K7Vnmg==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/AOUEGZ42xeZIZRWm1exPJZAiZ3ZC2R72/ 103 KB
28 KB 768ms
625ms Script
text/javascript 13.224.192.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/AOUEGZ42xeZIZRWm1exPJZAiZ3ZC2R72/analytics.min.js
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-183.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02878dd7e109e19d6b2ab62c9dd6aa2813c8b4f737101f0c26a8d994336f4c59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: axmuVQK4zNouYJJp9a0XuzAWNstVJAMf
content-encoding: br
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
date: Wed, 08 Feb 2023 23:34:23 GMT
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 26 Jan 2023 01:28:24 GMT
server: AmazonS3
etag: W/"12d00a7c341bbdb448df96c22a365479"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: FHaErVWyJ85O4u-HHgNgefpV2C5QOhTXb8X04B_oLqPkgJvQtoBJTg==

GET
H2 200 status Show response
api.turbotenant.com/public/ 271 B
444 B 660ms
210ms Fetch
application/json 52.34.137.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.turbotenant.com/public/status
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.137.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-137-185.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: de4649c8c299ba816317f58fba58e7455f1e3e13cabc5bbd68f13fe176b751e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Feb 2023 23:34:21 GMT
server: nginx/1.20.0
x-powered-by: Express
content-length: 271
etag: W/"10f-2/XXbicGkPmFW1hkb3aKzai20Bk"
content-type: application/json; charset=utf-8

GET
H2 200 wootric-sdk.js Show response
cdn.wootric.com/ 243 KB
63 KB 167ms
51ms Script
application/javascript 34.96.110.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wootric.com/wootric-sdk.js
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.110.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.110.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c6d8e63f719642574b63b0ea416857e4ac6605f2a1eed7c7c4a9dc5c435c4c4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:21:57 GMT
content-encoding: gzip
age: 744
x-guploader-uploadid: ADPycdtW2hYq4hR-p0kpWr9Yd5jpABvvyP5M1rTkb_VXMx9glnMKgSSlqOSooUS-5FKaID5bS6X5_SHgSzy7Gwf844ZgoV8t-Zwr
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63895
last-modified: Thu, 15 Dec 2022 23:13:46 GMT
server: UploadServer
etag: "e7c34a450ef6af21bd396c51a2da65b7"
vary: Accept-Encoding
x-goog-hash: crc32c=YNqIYg==, md5=58NKRQ72ryG9OWxRotpltw==
x-goog-generation: 1671146026770403
content-language: en
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 63895
accept-ranges: bytes
expires: Thu, 09 Feb 2023 00:21:57 GMT

OPTIONS
H2 200 graphql
api.turbotenant.com/ Frame 0
0 570ms
209ms Preflight 52.34.137.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.turbotenant.com/graphql
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.137.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-137-185.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://rental.turbotenant.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-length: 0
date: Wed, 08 Feb 2023 23:34:21 GMT
server: nginx/1.20.0
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 181ms
52ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rental.turbotenant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 08:26:15 GMT
x-content-type-options: nosniff
age: 486486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 08:26:15 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 435 KB
105 KB 211ms
52ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d829e2fd079deec705e71efc1024cb785e5d022028fb0f59e21f82fd24daf94d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 23:34:21 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 18
x-cache: Hit from cloudfront
last-modified: Wed, 08 Feb 2023 19:42:05 GMT
server: Cloudfront
etag: W/"ef2dfb45a4703b191e939bfee2c103ec"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: NlZBH8pJHdte71QyA7cQJsiqxhud2YSH5x8xqPfmpaTAC_uq_bzHdg==

GET
H3 200 loading.gif
rental.turbotenant.com/ 45 KB
46 KB 278ms
278ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rental.turbotenant.com/loading.gif
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a39513fc855cf6037f9637c9ef6ce1fb921d54f20b516e1c97b77b0f855205b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:21 GMT
via: 1.1 fcba64af08748c3d9b1a3ae3aeed39c0.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG50-P1
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46278
last-modified: Thu, 26 Jan 2023 18:41:16 GMT
server: cloudflare
etag: "dabc4737d1c05ca7cf419625a9dfcf47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcK3HNOI9iGh3TVsbEE91mwZ9rLMMYuToLckr2RsNuBUZ883Fi6fxA3wp5XrkQNvpZjhDuVpG2WM6pjiN5ZaxpdHQkjd%2FEfkYBIXmZt%2FN7Osk01WAcZOMRc4ZZt%2Fkw2eXuKsJ6uAWVtJjlZHS7x3d91FW3jq"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79682cf069ea2c2b-FRA
x-amz-cf-id: 0ICtmkusaOqk1EvF8OA7ACR3nsgDQZbZ3K_rRgIbTIUIvefZK_YJgw==

POST
H2 200 graphql Show response
api.turbotenant.com/ 292 B
466 B 210ms
209ms Fetch
application/json 52.34.137.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.turbotenant.com/graphql
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.137.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-137-185.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: faa9a31d515a270fbb4092b18a30aad904453767aed4c3f15ddd79ec875c6784

Request headers

accept: */*
Referer: https://rental.turbotenant.com/
accept-language: de-DE,de;q=0.9
authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 08 Feb 2023 23:34:22 GMT
server: nginx/1.20.0
x-powered-by: Express
content-length: 292
etag: W/"124-1HaWWid67SUp+e6x9CHX6FpoS9g"
content-type: application/json; charset=utf-8

POST
H2 200 graphql Show response
api.turbotenant.com/ 245 B
418 B 214ms
212ms Fetch
application/json 52.34.137.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.turbotenant.com/graphql
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.137.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-137-185.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 733ad1538b0e3f2d6ba9c826e0824eaef3ab8d983d2474b4560bd3bb3c3ad375

Request headers

accept: */*
Referer: https://rental.turbotenant.com/
accept-language: de-DE,de;q=0.9
authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 08 Feb 2023 23:34:22 GMT
server: nginx/1.20.0
x-powered-by: Express
content-length: 245
etag: W/"f5-PHi1OPYh4V5DUC6Py3t1iC/LEBk"
content-type: application/json; charset=utf-8

POST
H2 200 graphql Show response
api.turbotenant.com/ 245 B
418 B 215ms
213ms Fetch
application/json 52.34.137.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.turbotenant.com/graphql
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.137.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-137-185.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 733ad1538b0e3f2d6ba9c826e0824eaef3ab8d983d2474b4560bd3bb3c3ad375

Request headers

accept: */*
Referer: https://rental.turbotenant.com/
accept-language: de-DE,de;q=0.9
authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 08 Feb 2023 23:34:22 GMT
server: nginx/1.20.0
x-powered-by: Express
content-length: 245
etag: W/"f5-PHi1OPYh4V5DUC6Py3t1iC/LEBk"
content-type: application/json; charset=utf-8

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 406 KB
162 KB 143ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rental.turbotenant.com/
Origin: https://rental.turbotenant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 21:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 21:07:19 GMT

GET
H2 200 hotjar-472741.js Show response
static.hotjar.com/c/ 8 KB
4 KB 178ms
64ms Script
application/javascript 13.32.110.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-472741.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8TBKSP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-26.vie50.r.cloudfront.net

Software

Resource Hash

ebf48e4b031c5023b35afbb530e8b793ac189516c4bbc8b97f1a0c52373c1f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:33:38 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cac.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 43
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/16d442d6c625e0682aa8a534e6f1e643
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: sn_GdKplOxTbZHPFotCR18SaKq27bm8ChZbqUaWoiQwJgaBqUgERQw==

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 3 KB
1 KB 166ms
42ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YudxC2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8TBKSP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3b38078836adb5f0d74769ba928f177b5be44aa34e37a7ba6e0501df73770d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:21 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 17503
x-cache: HIT, HIT
content-length: 1033
x-served-by: cache-lga21947-LGA, cache-hhn-etou8220073-HHN
server: nginx
x-timer: S1675899262.825971,VS0,VE1
etag: W/"5ce87d9ace6e35f04cf1afe6156ab185"
allow: OPTIONS, GET
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
vary: Accept-Encoding
x-resp-is-stale: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 35, 1

GET
H2 200 A3582620-1374-486a-8c90-4867a742ed841.js Show response
utt.impactcdn.com/ 41 KB
13 KB 266ms
151ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://utt.impactcdn.com/A3582620-1374-486a-8c90-4867a742ed841.js
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 26a46650c79bfbff910b23ff62979a1c8f93d9f8f46dc25098c193a685493984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:21 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdu0TTLlzvqCji59QE5QtCFlLDsZbSFMQhn7ftI2AsZNKNqSWBW1LXSn5uSqjlgkuKigLgHVp3g_JPgc3E77mZhoGQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
last-modified: Tue, 30 Aug 2022 19:22:25 GMT
server: UploadServer
etag: "688291eff85ec64b0a0d6b11738afacf"
vary: Accept-Encoding
x-goog-generation: 1661887345850040
x-goog-hash: crc32c=kiziog==, md5=aIKR7/hexksKDWsRc4r6zw==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13052
accept-ranges: bytes
expires: Wed, 08 Feb 2023 23:39:21 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 121 KB
47 KB 184ms
64ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-KGL44SK

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8TBKSP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c668fd4d9b03f9b8cdbca9698da6dc7e588d1ab35e0f32247e559942b1d873e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47318
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Feb 2023 23:34:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 178ms
51ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8TBKSP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 23:12:08 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1333
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Feb 2023 01:12:08 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/943645055/ 2 KB
1 KB 241ms
112ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/943645055/?random=1675899261694&cv=11&fst=1675899261694&bg=ffffff&guid=ON&async=1&gtm=45He3260&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frental.turbotenant.com%2Fowners%2Freferrals%3Futm_campaign%3Daccount_suspended_LL%26utm_medium%3Demail%26utm_source%3Dsendgrid&tiba=TurboTenant%20-%20The%20Easiest%20Landlord%20Software&userId=na&auid=234285615.1675899262&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8TBKSP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40ef92dd3060da7e19315ec81e0d7ef00667282fb1c4973bc7ab3a68dfe451aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 950
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 2654.js
cdn.pbbl.co/r/ 0
0 178ms
49ms Script
text/html 18.66.196.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbbl.co/r/2654.js
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.196.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-196-105.mxp63.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
75 KB 86ms
85ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VZMEYREJ3S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8TBKSP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8a6758a8cc49f3536cf06606c263dc88d993bdf9c579ecc2f2bd3df1c8401f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77177
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Feb 2023 23:34:21 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 148ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VZMEYREJ3S&gtm=45je3260h1&_p=1035603197&cid=544910199.1675899262&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675899261&sct=1&seg=0&dl=https%3A%2F%2Frental.turbotenant.com%2Fowners%2Freferrals%3Futm_campaign%3Daccount_suspended_LL%26utm_medium%3Demail%26utm_source%3Dsendgrid&dt=TurboTenant%20-%20The%20Easiest%20Landlord%20Software&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZMEYREJ3S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rental.turbotenant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fender_analytics.655ce7424169cb36416e.js Show response
static-tracking.klaviyo.com/onsite/js/ 28 KB
11 KB 175ms
40ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.655ce7424169cb36416e.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YudxC2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a7277321f3f1225ead1da79481d1154210356982736862aee4c385da13fd2d9

Request headers

Referer: https://rental.turbotenant.com/
Origin: https://rental.turbotenant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: DA49kfUB0O0s32Ljp5UGbAPIecnc3kbk
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 08 Feb 2023 23:34:22 GMT
x-amz-request-id: BEFH96F66KX7MCC2
age: 34
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 10897
x-amz-id-2: 0ad6sXmXMHiFUp4bdjmrAmBwFWJ1GaCj6pLMFwLo6bZqgTxKuIcly7KnmVyuEfGMLgr3EJYE/tE=
x-served-by: cache-lga21932-LGA, cache-hhn-etou8220041-HHN
last-modified: Fri, 03 Feb 2023 16:02:43 GMT
server: AmazonS3
etag: "2918e6090a854372153e5cf84e3da824"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 1, 11

GET
H2 200 static.18cfb961fcdbcf83a5c0.js Show response
static-tracking.klaviyo.com/onsite/js/ 4 KB
2 KB 174ms
39ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.18cfb961fcdbcf83a5c0.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YudxC2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30cd4399d45f8d063491b9d66b51d751ef3f52a91f2104d0763c760582504990

Request headers

Referer: https://rental.turbotenant.com/
Origin: https://rental.turbotenant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: gEtCTjDdAr9iUO0b1dPiDcxMzmi647ro
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 08 Feb 2023 23:34:22 GMT
x-amz-request-id: E6MHX49K8258SD1W
age: 34
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 1820
x-amz-id-2: cidyFX9R21NtX9uwGBs6mQVv2UQoeiERHmmJg4FpaYUT9NhNCxnaQYj/yfFMLtVKqSmFIRsz3Nc=
x-served-by: cache-lga21967-LGA, cache-hhn-etou8220041-HHN
last-modified: Fri, 03 Feb 2023 16:55:57 GMT
server: AmazonS3
etag: "7956ff796e65e61f53fd9de4075e1360"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 1, 12

GET
H2 200 runtime.5e89fbad15ad6bc50dbb.js Show response
static.klaviyo.com/onsite/js/ 19 KB
8 KB 121ms
39ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.5e89fbad15ad6bc50dbb.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YudxC2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcb513b9b53404598a9b8478c30475789dd6ef01afff3f3abd68bce3e7eaffa6

Request headers

Referer: https://rental.turbotenant.com/
Origin: https://rental.turbotenant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: .7alrscAaTnWmEs8mvC2QYSnwfAI..vu
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 08 Feb 2023 23:34:21 GMT
x-amz-request-id: JR283Q7EHGZPD3J0
age: 34
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 8049
x-amz-id-2: eZAB3eC702nxkpzhANCuu4QTVE8lWyGPn9+EElQlppit9M8T6T1TM5VEMwb2jJ6thuIa4hj3dtzraPZ2Yu8Z+w==
x-served-by: cache-lga21947-LGA, cache-hhn-etou8220078-HHN
last-modified: Fri, 03 Feb 2023 17:28:44 GMT
server: AmazonS3
etag: "f27ddd47bfc9beb64b7d3c1aad544c28"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 1, 24

GET
H2 200 sharedUtils.f836ad39383ce983abc9.js Show response
static.klaviyo.com/onsite/js/ 35 KB
14 KB 131ms
50ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.f836ad39383ce983abc9.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YudxC2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6773e4d0ed8f7d3a531cb6374054ad74b7d22f0fef036555c0c84fd1d5e47d1c

Request headers

Referer: https://rental.turbotenant.com/
Origin: https://rental.turbotenant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: em4KjZvOrvplqOfLA_GuFESrNbARH2fV
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 08 Feb 2023 23:34:21 GMT
x-amz-request-id: 8EDWT7CDDTHD0QQQ
age: 34
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 13995
x-amz-id-2: MZr4s9AfmD3xKtQsi28rUlLGr+go9b+rwAxZk3N/sA6pG9igq5wEqgiKcN+8dEzGuscXwAT7Kbg=
x-served-by: cache-lga21972-LGA, cache-hhn-etou8220078-HHN
last-modified: Wed, 08 Feb 2023 18:11:11 GMT
server: AmazonS3
etag: "28ef19fbbd1df6baccd97c33d0e83ec1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 32, 23

GET
H2 200 vendors~signup_forms.a31dd14a1ce62f91235b.js Show response
static.klaviyo.com/onsite/js/ 36 KB
12 KB 130ms
49ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.a31dd14a1ce62f91235b.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YudxC2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9a2731bcb2bdc94e4abdff5f16756841973c97814338e7dfb475cb78af07d4c

Request headers

Referer: https://rental.turbotenant.com/
Origin: https://rental.turbotenant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: rBkyHbrwP63IrT54R3TKQ6FrEMZmQNDN
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 08 Feb 2023 23:34:21 GMT
x-amz-request-id: A9KBBNMK73VM94KF
age: 34
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12427
x-amz-id-2: NenJFBdxfWBWOrE+S1hV2t+qSUo248+eqJkZ7PVIJJ3qO0AWiZoCcLd2/S6IpamlQVrMKAwIbJs=
x-served-by: cache-lga21957-LGA, cache-hhn-etou8220078-HHN
last-modified: Wed, 11 Jan 2023 17:07:33 GMT
server: AmazonS3
etag: "14d5f5d749c7e30f46242493ff3f2893"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 1, 24

GET
H2 200 signup_forms.e4023c6f8e62b93d2fc6.js Show response
static.klaviyo.com/onsite/js/ 33 KB
11 KB 123ms
42ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.e4023c6f8e62b93d2fc6.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YudxC2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9575fc4c66e813cbf388b8a8f24feb80d3c785bb20ab13db14014e98ae75951e

Request headers

Referer: https://rental.turbotenant.com/
Origin: https://rental.turbotenant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: ttpFO4iWwdS_2rfLn9rvfZP1dcN.knlf
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 08 Feb 2023 23:34:21 GMT
x-amz-request-id: V04WY01XTAWVPYMD
age: 34
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 11352
x-amz-id-2: jw+dBUh2+9ZK5qTQrVgGVAnBsm7XVumSn0rubCjlB9LrhdyBRoBfDgKpFu63cGUYt42Rjnmo/8A=
x-served-by: cache-lga21921-LGA, cache-hhn-etou8220078-HHN
last-modified: Tue, 24 Jan 2023 18:51:15 GMT
server: AmazonS3
etag: "5cdc6d282041cb41c958e7b444513477"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 1, 21

GET
H2 200 modules.14cb8958c3e3566a4606.js Show response
script.hotjar.com/ 260 KB
67 KB 198ms
64ms Script
application/javascript 18.164.52.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.14cb8958c3e3566a4606.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-472741.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-95.cdg50.r.cloudfront.net

Software

Resource Hash

f89f4c53525d04bc411135a5eeece025d68e2681021ae884c61bc235d54d1238

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 15:48:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 27976
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68072
last-modified: Wed, 08 Feb 2023 15:47:26 GMT
etag: "5331176444d8700436c501005f6a0731"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: vXgIANscGw7ZjYFaWQYg4TFzXnsxgHBUKgLaDwTF1mZV1h946QcmXA==

GET
H2 200 box-e031119f9e9e307a08fa610f85dbfb52.html Show response
vars.hotjar.com/ Frame 16D0 2 KB
1 KB 152ms
40ms Document
text/html 13.224.189.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-472741.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-80.fra2.r.cloudfront.net

Software

Resource Hash

f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://rental.turbotenant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 469456
cache-control: max-age=31536000
content-encoding: br
content-length: 1034
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 13:10:06 GMT
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-id: 7_D5hg_4gqvg5R4kAvi85xXMScx8xdrNYEQ8mb29XWeKrcHUtdXdiw==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 78ms
77ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1035603197&t=pageview&_s=1&dl=https%3A%2F%2Frental.turbotenant.com%2Fowners%2Freferrals%3Futm_campaign%3Daccount_suspended_LL%26utm_medium%3Demail%26utm_source%3Dsendgrid&dp=%2Fowners%2Freferrals&ul=en-us&de=UTF-8&dt=TurboTenant%20-%20The%20Easiest%20Landlord%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAAABQAAAACAEK~&jid=431561495&gjid=270916294&cid=544910199.1675899262&uid=na&tid=UA-64324164-16&_gid=1685241757.1675899262&_r=1&_slc=1&gtm=45He3260n81M8TBKSP&cd1=na&cd2=na&cd3=na&cd4=client&cd5=guest&cd6=rental&cd7=utm_campaign%3Daccount_suspended_ll%26utm_medium%3Demail%26utm_source%3Dsendgrid&cd8=session&cd9=019e6f22-6bf3-478d-a217-3c396b8ee9c0&cd10=2023-02-08T23%3A34%3A21.690%2B00%3A00&cd12=website&cd13=%2Fowners%2Freferrals&cd14=guest&cd11=544910199.1675899262&z=376113138

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rental.turbotenant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rental.turbotenant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/943645055/ 42 B
327 B 51ms
51ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/943645055/?random=1675899261694&cv=11&fst=1675897200000&bg=ffffff&guid=ON&async=1&gtm=45He3260&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Frental.turbotenant.com%2Fowners%2Freferrals%3Futm_campaign%3Daccount_suspended_LL%26utm_medium%3Demail%26utm_source%3Dsendgrid&tiba=TurboTenant%20-%20The%20Easiest%20Landlord%20Software&userId=na&fmt=3&is_vtc=1&random=145129546&rmt_tld=0&ipr=y

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/943645055/ 42 B
455 B 141ms
52ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/943645055/?random=1675899261694&cv=11&fst=1675897200000&bg=ffffff&guid=ON&async=1&gtm=45He3260&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Frental.turbotenant.com%2Fowners%2Freferrals%3Futm_campaign%3Daccount_suspended_LL%26utm_medium%3Demail%26utm_source%3Dsendgrid&tiba=TurboTenant%20-%20The%20Easiest%20Landlord%20Software&userId=na&fmt=3&is_vtc=1&random=145129546&rmt_tld=1&ipr=y

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14-0741d1a7aa7afa780ff2.bundle.js Show response
rental.turbotenant.com/ 238 KB
75 KB 693ms
693ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.turbotenant.com/14-0741d1a7aa7afa780ff2.bundle.js
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc24281d2e6d12e06f8743c16f6482d5dcbbf3e1b87b23a7bf525e06ddcfc96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:22 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 Feb 2023 19:30:16 GMT
server: cloudflare
etag: W/"5d641b812461d98b4f47ef4299dcb83d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eps0UQG%2FRaHFYTciiFX6IJGmyur76IlNWVe2tph4PoEgSLpSXSFLsw18nM%2FLtZ9Tm5xJ%2BZh9yPF1SqkKJWg9WnAnksczh3%2FBK5XWasj6I9lIGZ4lARJVtfWsNSSc9pri%2BU9i5NvmYcTVGHbJFrY94pmLJALY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79682cf3bc782c2b-FRA
x-amz-cf-id: FLd74KjFL5Y0qCScux5OLHOhK3m2RjVq719Kyug1XOAXv48Xf1SUZA==

GET
H3 200 20.bc0125b1.chunk.css
rental.turbotenant.com/static/css/ 10 KB
3 KB 291ms
290ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.turbotenant.com/static/css/20.bc0125b1.chunk.css
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15dd14ced10237a7f6c6d50059aafe39de9b8df138767298d2541e673708093b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:22 GMT
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 Feb 2023 19:30:17 GMT
server: cloudflare
etag: W/"8e1abe5f5fde2dd9e24a03dfc08bf0e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUIo9L4a3%2FWFPvrL%2FeWnJneDls2N6G8XKb2TzEIeZ3zdxxnDnDWCWQzf5F0tkkbIvfuJXb2s3U5qUlJo9KhaKhW0Hb%2BMmj0myVhzvJYB7sWa7W65HYcqPqX7uKNN74hoPcaddewTFZCtbXOQ3n0fncwhGNKb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79682cf3bc7a2c2b-FRA
x-amz-cf-id: 7dWZTlF6BJiZl5QzkHvGRPf8KXf5uvFHZhAJcCjfp7XZQpUJRe3T4Q==

GET
H3 200 20-0741d1a7aa7afa780ff2.bundle.js Show response
rental.turbotenant.com/ 137 KB
24 KB 594ms
594ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.turbotenant.com/20-0741d1a7aa7afa780ff2.bundle.js
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 057ee2a39a5547855b8b215bec6553a7a249228539bd404991fb6a06d0667b61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:22 GMT
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 Feb 2023 19:30:16 GMT
server: cloudflare
etag: W/"eafc84fbb141b7bc73d27436765eed17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8Zx%2FtlwHnY76K9fnCN2MhUvSY8t7Rm7W6eO0zYHYhT4h7ylhaNzVls41cEgboJ35JIMs4i%2BRnnJsPp9QmJ9lwD4I%2BTMNgfEvpSID8A89Y67Q6D%2Fx0iQUkK0kGzYDhSkbh64CtHupSd8aLr8uf6nmSGhiO4j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79682cf3bc7c2c2b-FRA
x-amz-cf-id: e4SlQrVXhPuzbdKbZhlgJaKgOcZj276wFlr7qZGxkdVOLJerOZ_U-w==

GET
H2 200 client:platform.js Show response
apis.google.com/js/ 54 KB
21 KB 227ms
84ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client:platform.js

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24eac9102a0192165d5e8843e9707ca294c650663b5c09c34e68e24ebb5acc02

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 23:34:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20954
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "46820d91f05f35b5"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Feb 2023 23:34:22 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 130ms
41ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d9cd7bf0bf1308c3b47d77903fd4f3180bda96f1bf0fa1b8a6911aedd8aeb3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 23:34:22 GMT
content-md5: d0umvOO+13EVJ1JI6w4ysA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 7n61urpppK5JARNXJ6rWo+En5ZWZsukX1MdPtV/61v5ITOqAAafOtE6wSPWpAQEroDcXR9V88g/10ES4yjcIcA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
x-fb-content-md5: 6662758f97c03bebbf4c0af7b2904329
cross-origin-opener-policy: same-origin-allow-popups
etag: "b2ffda0042dbc45ecfb7480c0b48ab02"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 08 Feb 2023 23:41:55 GMT

GET
H/1.1 200
OK appleid.auth.js Show response
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 42 KB
17 KB 309ms
50ms Script
application/javascript 104.103.85.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.103.85.187 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-103-85-187.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Wed, 08 Feb 2023 23:34:22 GMT
Last-Modified: Mon, 06 Feb 2023 17:47:06 GMT
Server: Apple
ETag: W/"42671-1675705626931"
Vary: accept-encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400,stale-while-revalidate=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17247

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 121 KB
46 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-KGL44SK

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8TBKSP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13f97402d5a196ab711d93c4e09d63e08c4ff311abe0dafea5d21ccf6d1d9f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47314
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Feb 2023 23:34:22 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 55ms
54ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;300;400;500;600;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rental.turbotenant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 15:34:40 GMT
x-content-type-options: nosniff
age: 460782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 15:34:40 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 61ms
60ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;300;400;500;600;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rental.turbotenant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 10:46:43 GMT
x-content-type-options: nosniff
age: 218859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 10:46:43 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 73ms
73ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1035603197&t=pageview&_s=1&dl=https%3A%2F%2Frental.turbotenant.com%2Fauth%2Flogin&dp=%2Fauth%2Flogin&ul=en-us&de=UTF-8&dt=Landlord%20Login%20-%20TurboTenant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAAABQAAAACAEK~&jid=1817861765&gjid=1662408290&cid=544910199.1675899262&uid=na&tid=UA-64324164-16&_gid=881597808.1675899262&_r=1&gtm=45He3260n81M8TBKSP&cd1=na&cd2=na&cd3=na&cd4=client&cd5=guest&cd6=rental&cd7=na&cd8=session&cd9=6a46dc97-f9ee-4065-bd79-a0f06f27ad32&cd10=2023-02-08T23%3A34%3A22.37%2B00%3A00&cd12=website&cd13=%2Fauth%2Flogin&cd14=guest&cd11=544910199.1675899262&z=33881163

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rental.turbotenant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rental.turbotenant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/943645055/ 2 KB
1 KB 84ms
84ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/943645055/?random=1675899262054&cv=11&fst=1675899262054&bg=ffffff&guid=ON&async=1&gtm=45He3260&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frental.turbotenant.com%2Fauth%2Flogin&tiba=Landlord%20Login%20-%20TurboTenant&userId=na&auid=234285615.1675899262&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8TBKSP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87a3f3653901007e544b4ec94a4e37afcd979eee2b3b2902dd484a56c0655912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 887
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 2654.js
cdn.pbbl.co/r/ 0
0 49ms
49ms Script
text/html 18.66.196.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbbl.co/r/2654.js
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.196.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-196-105.mxp63.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2 200 A3582620-1374-486a-8c90-4867a742ed841.js Show response
utt.impactcdn.com/ 41 KB
13 KB 44ms
44ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://utt.impactcdn.com/A3582620-1374-486a-8c90-4867a742ed841.js
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 26a46650c79bfbff910b23ff62979a1c8f93d9f8f46dc25098c193a685493984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:21 GMT
content-encoding: gzip
age: 1
x-guploader-uploadid: ADPycdu0TTLlzvqCji59QE5QtCFlLDsZbSFMQhn7ftI2AsZNKNqSWBW1LXSn5uSqjlgkuKigLgHVp3g_JPgc3E77mZhoGQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
last-modified: Tue, 30 Aug 2022 19:22:25 GMT
server: UploadServer
etag: "688291eff85ec64b0a0d6b11738afacf"
vary: Accept-Encoding
x-goog-generation: 1661887345850040
x-goog-hash: crc32c=kiziog==, md5=aIKR7/hexksKDWsRc4r6zw==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13052
accept-ranges: bytes
expires: Wed, 08 Feb 2023 23:39:21 GMT

GET
H3 200 loading.gif
rental.turbotenant.com/ 45 KB
46 KB 46ms
45ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rental.turbotenant.com/loading.gif
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/auth/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a39513fc855cf6037f9637c9ef6ce1fb921d54f20b516e1c97b77b0f855205b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:22 GMT
via: 1.1 fcba64af08748c3d9b1a3ae3aeed39c0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG50-P1
age: 1
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46278
last-modified: Thu, 26 Jan 2023 18:41:16 GMT
server: cloudflare
etag: "dabc4737d1c05ca7cf419625a9dfcf47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Td%2BiaLBKYT8tin%2FzLUsqjcwLBqDPF4%2FFhc6Jujq045Uy2HNeQwYiNTa5%2Bj6WviX6tis%2BbDf42Iz3mtuvgE0si7i0slbpYuz%2BC9rw8e%2FvM9y9GuZhD3CETShQ%2Brc255o0Q9FOq7cKgYgw%2F6TnBGis%2FYgdX6vE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79682cf3fcb92c2b-FRA
x-amz-cf-id: 0ICtmkusaOqk1EvF8OA7ACR3nsgDQZbZ3K_rRgIbTIUIvefZK_YJgw==

GET
H3 200 login-software.png
rental.turbotenant.com/ 99 KB
100 KB 181ms
180ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rental.turbotenant.com/login-software.png
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/auth/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db8b3bf987341b297a04ea18d92b49cd8085e5d20b5dded09e054481ddea072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:22 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101262
last-modified: Wed, 08 Feb 2023 16:35:00 GMT
server: cloudflare
etag: "da4582ae3b3221288c6195fdf1b34dab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foBqdzVF%2BUKSwmdxpMkRUyZUL6EU4pNnob5plBI6z9NWG5neVhAfdPsjMcUMKsSDoBcBQGtI153Ghqp7zVVPnDedeHhtXYNyPnMaAuvAPdi6FcCpa%2FVhiZHOrZsGn3i1cp03V4ZJFocdpUp%2B%2F8EVVsn4hacY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79682cf3fcbb2c2b-FRA
x-amz-cf-id: q3K1f_bfqx5wFxeUq9OELTouUWjsjGJTKsFHg_-J2y9jE5ftMm_6Ag==

GET
H2 200 login-stats
api.turbotenant.com/public/ 2 B
174 B 618ms
207ms Image
application/json 52.34.137.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.turbotenant.com/public/login-stats?data=aHJlZj1odHRwczovL3JlbnRhbC50dXJib3RlbmFudC5jb20vYXV0aC9sb2dpbg==
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/auth/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.137.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-137-185.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Feb 2023 23:34:22 GMT
server: nginx/1.20.0
x-powered-by: Express
content-length: 2
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
content-type: application/json; charset=utf-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 144ms
48ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-64324164-16&cid=544910199.1675899262&jid=431561495&uid=na&gjid=270916294&_gid=1685241757.1675899262&_u=aADAAAAAQAAAACAEK~&z=2093134314

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rental.turbotenant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Feb 2023 23:34:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rental.turbotenant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 3 KB
809 B 158ms
44ms XHR
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=YudxC2

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f791e2caad257aaef4f2dab14e72cbf9dc6d49c125f17838041a011f84a43b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:22 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=900
age: 1965864
x-cache: HIT, HIT
content-length: 456
x-served-by: cache-bos4630-BOS, cache-hhn-etou8220069-HHN
server: nginx
allow: GET, HEAD, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=10
access-control-allow-credentials: true
vary: Accept-Encoding, Cookie
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 5816, 1

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v6/YudxC2/ 118 KB
11 KB 157ms
41ms XHR
application/json 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v6/YudxC2/full-forms
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4198a59be2c8a243e4c21b598e6d9eb1a9c72728ae080d5e5b58deec797fee8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: j47aoSK855r2oOlG5WDpdcH4cJlNZA6f
content-encoding: gzip
via: 1.1 varnish
date: Wed, 08 Feb 2023 23:34:22 GMT
x-amz-request-id: 5WXSA28Z3B94VA87
age: 691175
x-cache: HIT
client-geo-continent: EU
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/YudxC2 custom-fonts/YudxC2
content-length: 10536
x-amz-id-2: k9pgRClmUz6YB+Y7pqABTweSzzbMjVKqcbl+AidqyPyDmV/cUmjhi4XiEfXSC7y5mStZMiS06GQ=
x-served-by: cache-hhn-etou8220057-HHN
client-geo-country: DE
last-modified: Wed, 18 Jan 2023 22:42:15 GMT
server: AmazonS3
x-timer: S1675899262.215447,VS0,VE1
etag: "4e2d46320d443aa005e9a19ae534fbfa"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 852 B
572 B 53ms
53ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6fe9f30985474091fd1f3fc0e326aec3018c91869551d9ce918c572476b76de3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 551
x-xss-protection: 1; mode=block
expires: Wed, 08 Feb 2023 23:34:22 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 89ms
52ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-64324164-16&cid=544910199.1675899262&jid=1817861765&uid=na&gjid=1662408290&_gid=881597808.1675899262&_u=aADAAAABQAAAACAEK~&z=304919099

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rental.turbotenant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Feb 2023 23:34:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rental.turbotenant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/943645055/ 42 B
64 B 50ms
49ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/943645055/?random=1675899262054&cv=11&fst=1675897200000&bg=ffffff&guid=ON&async=1&gtm=45He3260&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Frental.turbotenant.com%2Fauth%2Flogin&tiba=Landlord%20Login%20-%20TurboTenant&userId=na&fmt=3&is_vtc=1&random=626063840&rmt_tld=0&ipr=y

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/auth/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/943645055/ 42 B
108 B 55ms
54ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/943645055/?random=1675899262054&cv=11&fst=1675897200000&bg=ffffff&guid=ON&async=1&gtm=45He3260&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Frental.turbotenant.com%2Fauth%2Flogin&tiba=Landlord%20Login%20-%20TurboTenant&userId=na&fmt=3&is_vtc=1&random=626063840&rmt_tld=1&ipr=y

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 84ms
41ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0c3f690559b8fab66de6da65fd9db24f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb9f513e9c258cd28e82bf4659744267863ce6e250a4d2866f5fff9890e550f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://rental.turbotenant.com/
Origin: https://rental.turbotenant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 23:34:22 GMT
content-md5: g9E6CKNoc1mHkLtZInXNsg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86990
x-fb-rlafr: 0
x-fb-debug: kuB+aO3ikaLxIPudcuPTJGO+vLJMLbfM4nsEUWIABceYeeFEhXePYxd8mu8QQleXMo72bQPMHH4+zeHj+eXIpg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: b82eef6affa959487dce081e301a4153
cross-origin-opener-policy: same-origin-allow-popups
etag: "c3edaffb4f1bb497f5e0f4eeba1174ac"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 08 Feb 2024 21:07:45 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 406 KB
162 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rental.turbotenant.com/
Origin: https://rental.turbotenant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 21:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 21:07:19 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6C8E 42 KB
22 KB 62ms
62ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfV9AIhAAAAAIy34sYo72Q6iqbaOgHL8Mkbayov&co=aHR0cHM6Ly9yZW50YWwudHVyYm90ZW5hbnQuY29tOjQ0Mw..&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=4zktzs22hwn2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a4f849a378479f25be11ba9f7d351192e01c7f2448b2ac44dcfaf1844fdd09d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-I6ZYGwJj3D9AFTL26acXQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rental.turbotenant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22220
content-security-policy: script-src 'report-sample' 'nonce-I6ZYGwJj3D9AFTL26acXQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 23:34:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/AOUEGZ42xeZIZRWm1exPJZAiZ3ZC2R72/ 2 KB
1 KB 127ms
45ms Fetch
application/json 13.224.192.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/AOUEGZ42xeZIZRWm1exPJZAiZ3ZC2R72/settings
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-183.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19d20c1f78af10f602f0335ad6019d092bc93e5e6301308b76eb72d4689df536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: RIm0TPkzgA2X5HItCwEyk6MMRAlGadxo
content-encoding: gzip
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
date: Wed, 08 Feb 2023 23:34:22 GMT
x-amz-cf-pop: FRA2-C1
age: 5273
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 08 Sep 2022 18:58:19 GMT
server: AmazonS3
etag: W/"d34baf66e7f53a9dc11304ff1e12a3ee"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: Yx6QzsiO_Q9gda5tjv3ZH-J0qmS-q1wR4gLbMmXQj7XwTehHOJlE9A==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64324164-16&cid=544910199.1675899262&jid=431561495&_u=aADAAAAAQAAAACAEK~&z=1602149990

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/auth/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 56ms
55ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64324164-16&cid=544910199.1675899262&jid=431561495&_u=aADAAAAAQAAAACAEK~&z=1602149990

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 59ms
58ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64324164-16&cid=544910199.1675899262&jid=1817861765&_u=aADAAAABQAAAACAEK~&z=1746322994

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/auth/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 56ms
56ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64324164-16&cid=544910199.1675899262&jid=1817861765&_u=aADAAAABQAAAACAEK~&z=1746322994

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 55 KB
2 KB 80ms
80ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Kanit:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Open+Sans:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

905d1ee0e4c481be583dff2e6dcb19ceed0daa82232ca634da683fe1e0cdd81a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Feb 2023 23:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 23:34:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Feb 2023 23:34:22 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 6C8E 55 KB
24 KB 127ms
43ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfV9AIhAAAAAIy34sYo72Q6iqbaOgHL8Mkbayov&co=aHR0cHM6Ly9yZW50YWwudHVyYm90ZW5hbnQuY29tOjQ0Mw..&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=4zktzs22hwn2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 21:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 21:20:03 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 6C8E 406 KB
162 KB 123ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 21:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 21:07:19 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ 314 KB
108 KB 55ms
53ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ed2f1c5e15079f95a1a4cb3af72a70830fb79e2709a6c6c9b3524315d0762bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 08:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109671
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 08:48:23 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ 62 B
153 B 148ms
148ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:12:58 GMT
x-content-type-options: nosniff
age: 534084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 19:12:58 GMT

GET
H2 200 ajs-destination.bundle.2cd9e450202b69d545a3.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 42ms
40ms Script
application/javascript 13.224.192.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.2cd9e450202b69d545a3.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/AOUEGZ42xeZIZRWm1exPJZAiZ3ZC2R72/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-183.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27cf59f2f5b8446bbf81f4ed9bbea4fcbbece316e3655ade51da075cdc9962d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 02:13:11 GMT
x-amz-version-id: jZ2L92raJDMf08tukXqdJ6aGBdPFzdTy
content-encoding: br
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 1113672
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 26 Jan 2023 20:14:52 GMT
server: AmazonS3
etag: W/"cc39e85781964199cd0d9501c897e385"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: hmvT0EEwsU_mDnawQlwNP-CSqpc7vuSAGYrWw2nCoOuEvkebIKiABg==

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 74ms
74ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Open+Sans:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rental.turbotenant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 15:34:40 GMT
x-content-type-options: nosniff
age: 460782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 15:34:40 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 51ms
51ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rental.turbotenant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 08:26:15 GMT
x-content-type-options: nosniff
age: 486487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 08:26:15 GMT

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 80ms
79ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rental.turbotenant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 10:46:43 GMT
x-content-type-options: nosniff
age: 218859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 10:46:43 GMT

GET
H2 200 schemaFilter.bundle.d0fc84c62e956d168cce.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 40ms
40ms Script
application/javascript 13.224.192.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.d0fc84c62e956d168cce.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/AOUEGZ42xeZIZRWm1exPJZAiZ3ZC2R72/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-183.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ac404a65bffee85a15718f669a44f5a034c94116661e6e0e48b1609f4a8617a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 02:25:35 GMT
x-amz-version-id: VLQuST3Rg1zoSyN.SWag4b2R93Pv7oyc
content-encoding: br
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 2063328
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 16 Jan 2023 00:06:36 GMT
server: AmazonS3
etag: W/"d6985af1d6ad9e8c2f97f24f7b27306e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: AimDNbnfgRdCPd_4LdO8jo3RBAuhiwlpk-e0ywtcjpYVS6Jwaw2Xwg==

GET
H2 200 mixpanel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/mixpanel/3.2.1/ 8 KB
4 KB 43ms
41ms Script
application/javascript 13.224.192.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/mixpanel/3.2.1/mixpanel.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/AOUEGZ42xeZIZRWm1exPJZAiZ3ZC2R72/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-183.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e15216f9af8cf124d19716c4d4550d4cd46b3215109f438d5bf8eab9618db67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:48:32 GMT
content-encoding: gzip
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
x-amz-version-id: oXPVseFybw87PTd.JscGVOgt_RyjbfKn
x-amz-cf-pop: FRA2-C1
age: 751551
x-cache: Hit from cloudfront
content-length: 3261
last-modified: Tue, 10 Jan 2023 21:20:19 GMT
server: AmazonS3
etag: "4b707616bb405dad306d9a7746c54485"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: MsUUSNUQW3M7DZh_fEUJLIiKKG5b3gFiN1AVA6PUo17ccY9dRuwXXw==

GET
H2 200 intercom.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/intercom/3.1.0/ 4 KB
2 KB 43ms
42ms Script
application/javascript 13.224.192.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/intercom/3.1.0/intercom.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/AOUEGZ42xeZIZRWm1exPJZAiZ3ZC2R72/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-183.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f17f078ea883fbe048f75ab5e7371c081cbd7d85ec5d91d443512d1ecd63dfb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:05:06 GMT
content-encoding: gzip
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
x-amz-version-id: xKxRWAM7m47dZHuIc2C0vu.OyryydvCi
x-amz-cf-pop: FRA2-C1
age: 5524157
x-cache: Hit from cloudfront
content-length: 1878
last-modified: Tue, 06 Dec 2022 17:40:57 GMT
server: AmazonS3
etag: "d20b898e8b1fe44f03e532db7fe5cf4e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: eer01ZN5_abQ_WavvJuXQC71cSKCUhFG1SkmDQDrkJpaT7KiVXCnuw==

GET
H2 200 visual-tagger.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/ 45 KB
16 KB 50ms
49ms Script
application/javascript 13.224.192.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/AOUEGZ42xeZIZRWm1exPJZAiZ3ZC2R72/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-183.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:21:30 GMT
content-encoding: gzip
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
x-amz-version-id: YcjPBq158HmbOau219HnMtBgmWi3MrI8
x-amz-cf-pop: FRA2-C1
age: 5609573
x-cache: Hit from cloudfront
content-length: 15523
last-modified: Thu, 01 Dec 2022 07:21:45 GMT
server: AmazonS3
etag: "22f964b449ca210bdea17404f4624ac9"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: w9OU2KGXp35Ywx5JMrAw0gedOHuSIIj8PIG8xc2ii0lnrLkkShhYxQ==

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame DA8C 280 B
1 KB 255ms
128ms Document
text/html 2a00:1450:400d:802::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e585204b3f858352c6cd495e7a7c9ebe25fb589c73cc5fe2e8eabe0e5f411278

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W8KXVH_BCCO2g8zxwqD_4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rental.turbotenant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-W8KXVH_BCCO2g8zxwqD_4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 23:34:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 46ms
46ms Script
application/javascript 13.224.192.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/AOUEGZ42xeZIZRWm1exPJZAiZ3ZC2R72/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-183.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:46:36 GMT
content-encoding: gzip
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
x-amz-version-id: XSryTsiM6vN7xj.wuhafUdfSpr8DWfV5
x-amz-cf-pop: FRA2-C1
age: 362867
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Tue, 10 Jan 2023 21:20:17 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: 6W3R6d8YG0e7_zFVGtaVHadZNDpEV1tHkK5x2q4VUYqjqt2liTh0JA==

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6C8E 2 KB
2 KB 40ms
40ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 08:02:07 GMT
x-content-type-options: nosniff
age: 228735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 13 Feb 2023 08:02:07 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6C8E 15 KB
15 KB 52ms
51ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 03:31:26 GMT
x-content-type-options: nosniff
age: 72176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 03:31:26 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6C8E 15 KB
15 KB 54ms
54ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 21:18:22 GMT
x-content-type-options: nosniff
age: 8160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 21:18:22 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6C8E 102 B
133 B 49ms
49ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=gEr-ODersURoIfof1hiDm7R5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfV9AIhAAAAAIy34sYo72Q6iqbaOgHL8Mkbayov&co=aHR0cHM6Ly9yZW50YWwudHVyYm90ZW5hbnQuY29tOjQ0Mw..&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=4zktzs22hwn2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Wed, 08 Feb 2023 23:34:22 GMT

POST
H2 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame DA8C 2 KB
915 B 82ms
81ms Other
text/html 2a00:1450:400d:802::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c6b230c872f046c6d87bb4aa7a0e744f35500697bc7b260d328d0d9d9514a836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.2bNLG_CYMlY.es5.O/d=1/rs=AOaEmlHoEX1rtvoTEo2jeI_sUHF0Jv0r-A/ Frame DA8C 100 KB
34 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.2bNLG_CYMlY.es5.O/d=1/rs=AOaEmlHoEX1rtvoTEo2jeI_sUHF0Jv0r-A/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b075dc2bf38f54ee71c7a49664ac11eb2652436f855d285e5485675e0ff1f327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:12:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35052
x-xss-protection: 0
last-modified: Sat, 28 Jan 2023 03:39:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 23:12:34 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 50 KB
18 KB 158ms
41ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:24:34 GMT
content-encoding: gzip
age: 589
x-guploader-uploadid: ADPycdsrQ8TG_R5Lt4B4vaPZ9jlEBfJ7BGrL4aTFLmGmTUjSJUsaKWHnHO5i2fQ9Y4QRd7cuWx-f69y4Oy5jeZD09xG_HA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-generation: 1645129310876382
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
expires: Wed, 08 Feb 2023 23:34:34 GMT

GET
H2 200 u88mhpe8 Show response
widget.intercom.io/widget/ 18 KB
6 KB 152ms
45ms Script
application/javascript 13.224.189.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/u88mhpe8
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-18.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3822628b1e16faf1342bfc767b3cb837ade25aab382d166c6584019db9441914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: mOoU.O03KpeNwj5aP1fj9xOSdxbV_OPS
content-encoding: gzip
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
date: Wed, 08 Feb 2023 23:23:38 GMT
x-amz-cf-pop: FRA2-C1
age: 723
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6045
last-modified: Wed, 08 Feb 2023 13:57:20 GMT
server: AmazonS3
etag: "77a427e669fd0d8751137f40e98f4424"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: 1104Fs_99R_D9-SRSoc-8QYdUb-Dk0IiD1pWQx_KJrwgjyEOr0AOVw==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
177 B 647ms
202ms Fetch
application/json 34.213.113.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.213.113.84 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-113-84.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rental.turbotenant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://rental.turbotenant.com
date: Wed, 08 Feb 2023 23:34:23 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
178 B 643ms
200ms Fetch
application/json 34.213.113.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.213.113.84 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-113-84.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rental.turbotenant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://rental.turbotenant.com
date: Wed, 08 Feb 2023 23:34:23 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
177 B 642ms
201ms Fetch
application/json 34.213.113.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.213.113.84 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-113-84.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rental.turbotenant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://rental.turbotenant.com
date: Wed, 08 Feb 2023 23:34:23 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame DA8C 49 B
809 B 102ms
102ms XHR
application/json 2a00:1450:400d:802::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Frental.turbotenant.com&client_id=48153984094-6jrceij12r960ns6anonai8b7rvuo7v4.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.2bNLG_CYMlY.es5.O/d=1/rs=AOaEmlHoEX1rtvoTEo2jeI_sUHF0Jv0r-A/m=base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-sl-ukL1na0e5yGSVA0EJHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:34:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-sl-ukL1na0e5yGSVA0EJHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-encoding: gzip
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
content-type: application/json; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 08 Feb 2023 23:34:23 GMT

GET
H2 200 frame-modern.4f91633b.js Show response
js.intercomcdn.com/ Frame 299E 464 KB
127 KB 165ms
45ms Script
application/javascript 99.86.4.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.4f91633b.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/u88mhpe8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-93.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

98d89307ae3eef85a3286296d9d6fbd7b6c62441e09e91ff0aecb0a90cc91739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 22:14:41 GMT
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-version-id: Ywc4kqg0HH49TOb75G0k3c1YiOml_OAw
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA6-C1
age: 4783
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 129093
last-modified: Wed, 08 Feb 2023 13:55:37 GMT
server: AmazonS3
etag: "439ec83c3b849a79f2b62d897a996a94"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: xFCrTiwhl_0DVkWw0T4MvrzcdI8VTrSE6CoTGYUkxJ8spcwjd22Iiw==

GET
H2 200 vendor-modern.bf2fc44b.js Show response
js.intercomcdn.com/ Frame 299E 236 KB
73 KB 251ms
131ms Script
application/javascript 99.86.4.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.bf2fc44b.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/u88mhpe8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-93.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2c0b36116790d5222385c8a4896ba56213a9fd1004acc0581d2809de80f8ddf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: WNBfKr81q1PDWSWPIECjtzROUrIuDdzm
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
date: Wed, 08 Feb 2023 22:57:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA6-C1
age: 2228
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74413
last-modified: Wed, 08 Feb 2023 13:55:37 GMT
server: AmazonS3
etag: "4d1ca9efe014d2b78e81f605f2c0b4ea"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: wDiy3A5rXz3OHg0ACbdt-U6kjExqfP5jnwct36J9ii93DWdutqspeA==

GET
H2 200 s.js Show response
cdn.sift.com/ 61 KB
20 KB 294ms
43ms Script
application/javascript 34.96.67.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sift.com/s.js
Requested by: Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.67.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 02:17:07 GMT
content-encoding: gzip
age: 76636
x-guploader-uploadid: ADPycduBGDnJPZBXKnyam5xYrWQ8VcowMIwvFRzUYDOVZNQswJCYvB5orLk6Pm9gIJR3dABXG0ghoc7euSUV824lQHu4Sg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20452
last-modified: Thu, 09 Apr 2020 21:59:13 GMT
server: UploadServer
etag: "07cb8203158abb26b3c18318350e7b36"
vary: Accept-Encoding
x-goog-generation: 1586469553682331
x-goog-hash: crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng==
content-type: application/javascript
cache-control: public, max-age=86400
x-goog-stored-content-length: 20452
accept-ranges: bytes
expires: Thu, 09 Feb 2023 02:17:07 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 5DCB 200 B
1 KB 41ms
41ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rental.turbotenant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2049
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Feb 2023 23:00:14 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Tue, 07 Feb 2023 17:44:43 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-id: CoWFn9YZvb5ubiRNx_22FbR1PbrrqbdXDa7526nGos1kgbwDNAzyAQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 73ms
73ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1035603197&t=timing&_s=2&dl=https%3A%2F%2Frental.turbotenant.com%2Fowners%2Freferrals%3Futm_campaign%3Daccount_suspended_LL%26utm_medium%3Demail%26utm_source%3Dsendgrid&dp=%2Fowners%2Freferrals&ul=en-us&de=UTF-8&dt=Landlord%20Login%20-%20TurboTenant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3668&pdt=3&dns=30&rrt=535&srt=619&tcp=93&dit=2213&clt=2213&_gst=2243&_gbt=2448&_u=aADAAAABQAAAACAEK~&jid=1076918124&gjid=745235313&cid=544910199.1675899262&uid=na&tid=UA-64324164-16&_gid=1685241757.1675899262&_r=1&gtm=45He3260n81M8TBKSP&cd1=na&cd2=na&cd3=na&cd4=client&cd5=guest&cd6=rental&cd7=utm_campaign%3Daccount_suspended_ll%26utm_medium%3Demail%26utm_source%3Dsendgrid&cd8=session&cd9=019e6f22-6bf3-478d-a217-3c396b8ee9c0&cd10=2023-02-08T23%3A34%3A21.690%2B00%3A00&cd12=website&cd13=%2Fowners%2Freferrals&cd14=guest&cd11=544910199.1675899262&z=674817614

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rental.turbotenant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rental.turbotenant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 74ms
74ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1035603197&t=timing&_s=2&dl=https%3A%2F%2Frental.turbotenant.com%2Fauth%2Flogin&dp=%2Fauth%2Flogin&ul=en-us&de=UTF-8&dt=Landlord%20Login%20-%20TurboTenant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3668&pdt=3&dns=30&rrt=535&srt=619&tcp=93&dit=2213&clt=2213&_gst=2243&_gbt=2448&_u=aADAAAABQAAAACAEK~&jid=236654062&gjid=979834061&cid=544910199.1675899262&uid=na&tid=UA-64324164-16&_gid=881597808.1675899262&_r=1&gtm=45He3260n81M8TBKSP&cd1=na&cd2=na&cd3=na&cd4=client&cd5=guest&cd6=rental&cd7=na&cd8=session&cd9=6a46dc97-f9ee-4065-bd79-a0f06f27ad32&cd10=2023-02-08T23%3A34%3A22.37%2B00%3A00&cd12=website&cd13=%2Fauth%2Flogin&cd14=guest&cd11=544910199.1675899262&z=2057955551

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rental.turbotenant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rental.turbotenant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 5DCB 0
600 B 790ms
203ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Feb 2023 23:34:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 5DCB 0
599 B 790ms
203ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Feb 2023 23:34:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5DCB 631 B
1 KB 42ms
41ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 08 Feb 2023 22:43:31 GMT
x-content-type-options: nosniff
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3074
x-cache: Hit from cloudfront
content-length: 631
last-modified: Tue, 07 Feb 2023 17:44:43 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: G3x0vOT4rVARnRdu9YT240LvyV4hiDWEWok7EnmqwXIt1dx2AtDezg==

GET
H2 200 pageload Show response
br-rx.atatus.com/track/browser/perf/ 84 B
239 B 402ms
116ms Script
text/javascript 174.138.116.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://br-rx.atatus.com/track/browser/perf/pageload?data=%7B%22nt%22%3A1278%2C%22dp%22%3A935%2C%22pr%22%3A1461%2C%22pl%22%3A3674%2C%22timing%22%3A%7B%22ns%22%3A0%2C%22rds%22%3A-1%2C%22rde%22%3A-1%2C%22us%22%3A-1%2C%22ue%22%3A-1%2C%22fs%22%3A535%2C%22dls%22%3A536%2C%22dle%22%3A566%2C%22cs%22%3A566%2C%22scs%22%3A606%2C%22ce%22%3A659%2C%22hs%22%3A-1%2C%22rqs%22%3A659%2C%22rps%22%3A1278%2C%22rpe%22%3A1281%2C%22dl%22%3A1288%2C%22di%22%3A2213%2C%22dcs%22%3A2213%2C%22dce%22%3A2213%2C%22dc%22%3A3668%2C%22ls%22%3A3668%2C%22le%22%3A3674%7D%2C%22fp%22%3A1647%2C%22fcp%22%3A2061%2C%22ts%22%3A1675899263182%2C%22apikey%22%3A%22e5a81245693543419757a562d0e0b735%22%2C%22request%22%3A%7B%22url%22%3A%22https%3A%2F%2Frental.turbotenant.com%2Fauth%2Flogin%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.77%20Safari%2F537.36%22%2C%22w%22%3A1600%2C%22h%22%3A1200%7D%2C%22connection%22%3A%7B%22dlk%22%3A9.8%2C%22eft%22%3A%224g%22%2C%22rtt%22%3A0%7D%2C%22tags%22%3A%5B%5D%2C%22user%22%3Anull%2C%22aid%22%3A%2292f7b04975874bffb3f3b8968543da14%22%2C%22sid%22%3A%2217ced71b60144693921ed86253514424%22%2C%22v%22%3A%22%22%2C%22_v%22%3A%224.2.1-spa%22%7D&callback=atatus._setFeatures&apikey=e5a81245693543419757a562d0e0b735&v=4.2.1-spa

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.138.116.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

ddc145d08fdac80523c3f789e85814880e8457a544c822708d0015f192b34de5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Feb 2023 23:34:23 GMT
x-content-type-options: nosniff
etag: W/"54-mpHcMFp15d2PfCcEZhCrYWoymXQ"
content-length: 84
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 49ms
48ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-64324164-16&cid=544910199.1675899262&jid=1076918124&uid=na&gjid=745235313&_gid=1685241757.1675899262&_u=aADAAAABQAAAACAEK~&z=711234188

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rental.turbotenant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Feb 2023 23:34:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rental.turbotenant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 49ms
48ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-64324164-16&cid=544910199.1675899262&jid=236654062&uid=na&gjid=979834061&_gid=881597808.1675899262&_u=aADAAAABQAAAACAEK~&z=1471852999

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/main-0741d1a7aa7afa780ff2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rental.turbotenant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Feb 2023 23:34:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rental.turbotenant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame B1D2 930 B
1 KB 184ms
38ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 293
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Feb 2023 23:34:23 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 166
x-content-type-options: nosniff
x-request-id: a65e6a85-5ff8-4aef-ad9f-8bcd45fe2118
x-served-by: cache-hhn-etou8220026-HHN
x-timer: S1675899263.373329,VS0,VE0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64324164-16&cid=544910199.1675899262&jid=1076918124&_u=aADAAAABQAAAACAEK~&z=1384744104

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 75ms
72ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64324164-16&cid=544910199.1675899262&jid=1076918124&_u=aADAAAABQAAAACAEK~&z=1384744104

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64324164-16&cid=544910199.1675899262&jid=236654062&_u=aADAAAABQAAAACAEK~&z=726235277

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 56ms
55ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64324164-16&cid=544910199.1675899262&jid=236654062&_u=aADAAAABQAAAACAEK~&z=726235277

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame B1D2 0
373 B 536ms
204ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: rental.turbotenant.com
URL: https://rental.turbotenant.com/owners/referrals?utm_campaign=account_suspended_LL&utm_medium=email&utm_source=sendgrid

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: blue
pragma: no-cache
date: Wed, 08 Feb 2023 23:34:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
x-robots-tag: none
content-length: 0
expires: 0

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 299E 4 KB
3 KB 999ms
729ms XHR
application/json 54.81.202.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.4f91633b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.81.202.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-81-202-145.compute-1.amazonaws.com

Software

nginx /

Resource Hash

65267c712280557422c7d17767db2f0375d613f1ad99863a9415b65ef1b03554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Feb 2023 23:34:24 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-028cdaadd94b7283a
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0014mqvvt53ppah75sfg
x-runtime: 0.564193
server: nginx
etag: W/"65267c712280557422c7d17767db2f03"
x-ratelimit-remaining: 13311
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rental.turbotenant.com
x-intercom-version: 7f9cb99a801f8d29bd9515a4ea7ee509b6719de6
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1675899270
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame B1D2 86 KB
16 KB 39ms
39ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 08 Feb 2023 23:34:23 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 19
x-cache: HIT
content-length: 16031
x-request-id: 5ef7c010-c81a-49d3-928b-ab41a84c6f19
x-served-by: cache-hhn-etou8220026-HHN
server: Fastly
x-timer: S1675899264.505224,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 12

GET
H2 200 77503.gif
hexagon-analytics.com/images/ 43 B
108 B 369ms
137ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/77503.gif?bk=51bfb78038&tm=26&r=101217256&v=105&cs=UTF-8&h=rental.turbotenant.com&l=en-US&S=214983474b415dbf70de7dd2ec895979&uu=b3bf5dc225438a9354da93a3c4e356d&t=Landlord%20Login%20-%20TurboTenant&u=https%3A%2F%2Frental.turbotenant.com%2Fauth%2Flogin&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.77%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:23 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 965419.gif
hexagon-analytics.com/images/ 43 B
297 B 356ms
136ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/965419.gif?bk=51bfb78038&tm=39&r=595399719&v=105&cs=UTF-8&h=rental.turbotenant.com&l=en-US&S=214983474b415dbf70de7dd2ec895979&uu=b3bf5dc225438a9354da93a3c4e356d&t=Landlord%20Login%20-%20TurboTenant&u=https%3A%2F%2Frental.turbotenant.com%2Fauth%2Flogin&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.77%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:23 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 217264.gif
hexagon-analytics.com/images/ 43 B
105 B 348ms
138ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/217264.gif?bk=51bfb78038&tm=49&r=958473618&v=105&cs=UTF-8&h=rental.turbotenant.com&l=en-US&S=214983474b415dbf70de7dd2ec895979&uu=b3bf5dc225438a9354da93a3c4e356d&t=Landlord%20Login%20-%20TurboTenant&u=https%3A%2F%2Frental.turbotenant.com%2Fauth%2Flogin&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.77%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.turbotenant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:23 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame B1D2 156 B
551 B 657ms
210ms XHR
application/json 35.162.22.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.162.22.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-162-22-199.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2fc49351ac9e30e824f90c9c9102d90b697a00d24a3d61ee7f765c6cd9f5f339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 08 Feb 2023 23:34:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 422 events Show response
api-iam.intercom.io/messenger/web/ Frame 299E 140 B
808 B 209ms
209ms XHR
application/json 54.81.202.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/events

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.4f91633b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.81.202.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-81-202-145.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d6d2800b485b99e9327584742eb349a66f274f9ac4853a7a174c79ec5139f249

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Feb 2023 23:34:24 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
status: 422 Unprocessable Entity
x-xss-protection: 1; mode=block
x-request-id: 00150ls1olsm4lqfct40
x-runtime: 0.069829
server: nginx
x-ratelimit-remaining: 13316
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rental.turbotenant.com
x-intercom-version: 7f9cb99a801f8d29bd9515a4ea7ee509b6719de6
cache-control: no-cache
access-control-allow-credentials: true
x-ratelimit-reset: 1675899270
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

POST
H2 200 6 Show response
m.stripe.com/ Frame B1D2 156 B
550 B 210ms
210ms XHR
application/json 35.162.22.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.162.22.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-162-22-199.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2fc49351ac9e30e824f90c9c9102d90b697a00d24a3d61ee7f765c6cd9f5f339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 08 Feb 2023 23:34:26 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VZMEYREJ3S&gtm=45je3260h1&_p=1035603197&cid=544910199.1675899262&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1675899261&sct=1&seg=1&dl=https%3A%2F%2Frental.turbotenant.com%2Fauth%2Flogin&dt=Landlord%20Login%20-%20TurboTenant&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZMEYREJ3S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rental.turbotenant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 23:34:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rental.turbotenant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST /
api-js.mixpanel.com/track/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api-js.mixpanel.com
URL: https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1675899268101

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rental.turbotenant.com/	1969-12-31 23:59:59	Name: atatus-aid Value: id\|92f7b04975874bffb3f3b8968543da14&timestamp\|2023-02-08T23:34:21.384Z
.turbotenant.com/	1970-01-20 11:41:15	Name: _gcl_au Value: 1.1.234285615.1675899262
.turbotenant.com/	1970-01-20 10:14:51	Name: ownerId Value: na
.turbotenant.com/	1970-01-20 10:14:51	Name: ownerType Value: guest
.turbotenant.com/	1970-01-20 19:07:39	Name: _ga Value: GA1.1.544910199.1675899262
.turbotenant.com/	1969-12-31 23:59:59	Name: IR_gbd Value: turbotenant.com
.turbotenant.com/	1969-12-31 23:59:59	Name: IR_16969 Value: 1675899261962%7C0%7C1675899261962%7C%7C
rental.turbotenant.com/	1970-01-20 19:07:39	Name: __kla_id Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2NzU4OTkyNjIsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vcmVudGFsLnR1cmJvdGVuYW50LmNvbS9hdXRoL2xvZ2luIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNjc1ODk5MjYyLCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL3JlbnRhbC50dXJib3RlbmFudC5jb20vYXV0aC9sb2dpbiJ9fQ==
.doubleclick.net/	1970-01-20 18:53:15	Name: IDE Value: AHWqTUmG-nO2LRjXUzHXoO0slUPobW1XTIkyf-cwUucELEoqe9_g407RjoAzjeOt
.turbotenant.com/	1970-01-20 18:17:15	Name: _hjSessionUser_472741 Value: eyJpZCI6ImYyNjAzZDE4LThlZTUtNThiOS1hZjhiLWFiYzMyMjgwOTYzNCIsImNyZWF0ZWQiOjE2NzU4OTkyNjIxNjQsImV4aXN0aW5nIjpmYWxzZX0=
.turbotenant.com/	1970-01-20 09:31:41	Name: _hjFirstSeen Value: 1
rental.turbotenant.com/	1970-01-20 09:31:39	Name: _hjIncludedInSessionSample Value: 0
.turbotenant.com/	1970-01-20 09:31:41	Name: _hjSession_472741 Value: eyJpZCI6IjY1OGZmZGE5LTJhMzctNDAxNS05NWJlLTBhMGQ1OWIyMGFmZSIsImNyZWF0ZWQiOjE2NzU4OTkyNjIxNzUsImluU2FtcGxlIjpmYWxzZX0=
.turbotenant.com/	1970-01-20 09:31:40	Name: _hjAbsoluteSessionInProgress Value: 0
.rental.turbotenant.com/	1970-01-20 19:07:39	Name: G_ENABLED_IDPS Value: google
.turbotenant.com/	1970-01-20 18:17:15	Name: ajs_anonymous_id Value: d724a122-b4a6-4143-8a7c-ee97502adefc
.turbotenant.com/	1970-01-20 19:07:39	Name: _ga_VZMEYREJ3S Value: GS1.1.1675899261.1.1.1675899263.0.0.0
.google.com/	1970-01-20 13:55:10	Name: NID Value: 511=CeSqkJ3TsemV6H-cHpB4FVDijTd7ZTI6Ax7pHP618mY-7dGUS7mrlgJxBnpvGhJ6WRtk8EzA4kaorWaQYNL4AFQ-7iTYVUMRwpWrKP_z8KL349aL5EH9tP9ie3bcVW_cF9Nj-00JnyGrUoHfxfMrSoMRhW7ihlqNuCwNVZ-C_8U
.turbotenant.com/	1970-01-20 18:17:15	Name: mp_709d775c7008bca71130796e80ec13ad_mixpanel Value: %7B%22distinct_id%22%3A%20%2218633615880ee-03ef94cf513d1-1932327c-1d4c00-18633615881c61%22%2C%22%24device_id%22%3A%20%2218633615880ee-03ef94cf513d1-1932327c-1d4c00-18633615881c61%22%2C%22mp_lib%22%3A%20%22Segment%3A%20web%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
rental.turbotenant.com/	1969-12-31 23:59:59	Name: atatus-sid Value: id\|17ced71b60144693921ed86253514424&timestamp\|2023-02-08T23:34:23.112Z
.turbotenant.com/	1970-01-20 19:07:39	Name: __ssid Value: b3bf5dc225438a9354da93a3c4e356d
m.stripe.com/	1970-01-20 19:07:39	Name: m Value: b9ed57e6-e044-4104-bc2a-36371b8d3c231e0e6e
.rental.turbotenant.com/	1970-01-20 18:17:15	Name: __stripe_mid Value: 6acc043c-6617-44e3-b29d-eda094cd787cee6e28
.rental.turbotenant.com/	1970-01-20 09:31:41	Name: __stripe_sid Value: a7901996-3c36-4f56-8d57-d97b1fd50f53522286
.turbotenant.com/	1970-01-20 16:00:29	Name: intercom-id-u88mhpe8 Value: 7376d63e-9ee2-41db-a00b-28bc3d4cb5e8
.turbotenant.com/	1970-01-20 09:41:44	Name: intercom-session-u88mhpe8 Value:
.turbotenant.com/	1970-01-20 16:00:29	Name: intercom-device-id-u88mhpe8 Value: 3d5e91a4-5d0b-4c8d-8302-754efb1b2ddc

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.pbbl.co/r/2654.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cdn.pbbl.co/r/2654.js Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs(Line 404) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://api-iam.intercom.io/messenger/web/events Message: Failed to load resource: the server responded with a status of 422 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api-iam.intercom.io
api-js.mixpanel.com
api.segment.io
api.turbotenant.com
apis.google.com
appleid.cdn-apple.com
br-rx.atatus.com
cdn.mxpnl.com
cdn.pbbl.co
cdn.segment.com
cdn.sift.com
cdn.wootric.com
connect.facebook.net
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hexagon-analytics.com
js.intercomcdn.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
region1.google-analytics.com
rental.turbotenant.com
script.hotjar.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.hotjar.com
static.klaviyo.com
stats.g.doubleclick.net
u7526804.ct.sendgrid.net
utt.impactcdn.com
vars.hotjar.com
widget.intercom.io
widget.reviews.io
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
api-js.mixpanel.com
104.103.85.187
13.224.189.18
13.224.189.80
13.224.192.183
13.32.110.26
151.101.194.133
151.101.64.176
151.101.66.133
167.89.123.122
174.138.116.207
18.164.52.95
18.66.196.105
2001:4860:4802:32::36
2600:1901:0:bc29::
2606:4700:10::6816:c7f
2a00:1450:4001:806::200e
2a00:1450:4001:812::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2003
2a00:1450:400d:802::200a
2a00:1450:400d:802::200d
2a00:1450:400d:803::200e
2a00:1450:400d:807::200e
2a00:1450:400d:808::2003
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2008
2a00:1450:4025:401::9c
2a03:2880:f02d:12:face:b00c:0:3
2a06:98c1:3120::c
34.102.232.42
34.213.113.84
34.96.110.71
34.96.67.224
35.162.22.199
35.186.249.72
52.34.137.185
54.187.119.242
54.81.202.145
99.86.4.76
99.86.4.93
01ebb3978caf1937f9ee9ed95d40a0e354bc93e5da05802513c35b62fa93955d
02878dd7e109e19d6b2ab62c9dd6aa2813c8b4f737101f0c26a8d994336f4c59
057ee2a39a5547855b8b215bec6553a7a249228539bd404991fb6a06d0667b61
12d80779197c3d345f7d99ff81ef6058f2297b0c4cb501d40223400c6ae4ce89
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13f97402d5a196ab711d93c4e09d63e08c4ff311abe0dafea5d21ccf6d1d9f36
15dd14ced10237a7f6c6d50059aafe39de9b8df138767298d2541e673708093b
19d20c1f78af10f602f0335ad6019d092bc93e5e6301308b76eb72d4689df536
1a39513fc855cf6037f9637c9ef6ce1fb921d54f20b516e1c97b77b0f855205b
1a7277321f3f1225ead1da79481d1154210356982736862aee4c385da13fd2d9
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
24eac9102a0192165d5e8843e9707ca294c650663b5c09c34e68e24ebb5acc02
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
26a46650c79bfbff910b23ff62979a1c8f93d9f8f46dc25098c193a685493984
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
27cf59f2f5b8446bbf81f4ed9bbea4fcbbece316e3655ade51da075cdc9962d4
2c0b36116790d5222385c8a4896ba56213a9fd1004acc0581d2809de80f8ddf9
2fc49351ac9e30e824f90c9c9102d90b697a00d24a3d61ee7f765c6cd9f5f339
30cd4399d45f8d063491b9d66b51d751ef3f52a91f2104d0763c760582504990
3822628b1e16faf1342bfc767b3cb837ade25aab382d166c6584019db9441914
3a6e01208b42520a3e3ef5700b731d62633513f1f40378127aada936030c2ac4
3db8b3bf987341b297a04ea18d92b49cd8085e5d20b5dded09e054481ddea072
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40ef92dd3060da7e19315ec81e0d7ef00667282fb1c4973bc7ab3a68dfe451aa
4198a59be2c8a243e4c21b598e6d9eb1a9c72728ae080d5e5b58deec797fee8a
447c4a0a8979d17b25876d112e7690694e66def0fae2840d59889f0b54e8363e
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d9cd7bf0bf1308c3b47d77903fd4f3180bda96f1bf0fa1b8a6911aedd8aeb3b
5ed2f1c5e15079f95a1a4cb3af72a70830fb79e2709a6c6c9b3524315d0762bc
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
65267c712280557422c7d17767db2f0375d613f1ad99863a9415b65ef1b03554
6773e4d0ed8f7d3a531cb6374054ad74b7d22f0fef036555c0c84fd1d5e47d1c
6ac404a65bffee85a15718f669a44f5a034c94116661e6e0e48b1609f4a8617a
6fe9f30985474091fd1f3fc0e326aec3018c91869551d9ce918c572476b76de3
7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9
719dd9d08854f73d2ff4b8bd2516a8d9f247b28fea167d18db7e8a689257ed2c
733ad1538b0e3f2d6ba9c826e0824eaef3ab8d983d2474b4560bd3bb3c3ad375
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
7e15216f9af8cf124d19716c4d4550d4cd46b3215109f438d5bf8eab9618db67
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87a3f3653901007e544b4ec94a4e37afcd979eee2b3b2902dd484a56c0655912
8d51ee1f6ec032b99523d99c404f3e875ee3fb2a0171354acc219c59a21cf996
905d1ee0e4c481be583dff2e6dcb19ceed0daa82232ca634da683fe1e0cdd81a
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9575fc4c66e813cbf388b8a8f24feb80d3c785bb20ab13db14014e98ae75951e
98d89307ae3eef85a3286296d9d6fbd7b6c62441e09e91ff0aecb0a90cc91739
9dc8e62b83994a1eda313381316790cec86d097f2c843ae416a097747864382b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3b38078836adb5f0d74769ba928f177b5be44aa34e37a7ba6e0501df73770d5
a4f849a378479f25be11ba9f7d351192e01c7f2448b2ac44dcfaf1844fdd09d0
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
adbc475d4e23a007788984268904859af09a18c050830139dd4a980502c3ed3e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b075dc2bf38f54ee71c7a49664ac11eb2652436f855d285e5485675e0ff1f327
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
c668fd4d9b03f9b8cdbca9698da6dc7e588d1ab35e0f32247e559942b1d873e6
c6b230c872f046c6d87bb4aa7a0e744f35500697bc7b260d328d0d9d9514a836
c6d8e63f719642574b63b0ea416857e4ac6605f2a1eed7c7c4a9dc5c435c4c4f
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736
d6d2800b485b99e9327584742eb349a66f274f9ac4853a7a174c79ec5139f249
d829e2fd079deec705e71efc1024cb785e5d022028fb0f59e21f82fd24daf94d
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
dcb513b9b53404598a9b8478c30475789dd6ef01afff3f3abd68bce3e7eaffa6
dcc24281d2e6d12e06f8743c16f6482d5dcbbf3e1b87b23a7bf525e06ddcfc96
ddc145d08fdac80523c3f789e85814880e8457a544c822708d0015f192b34de5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de4649c8c299ba816317f58fba58e7455f1e3e13cabc5bbd68f13fe176b751e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e585204b3f858352c6cd495e7a7c9ebe25fb589c73cc5fe2e8eabe0e5f411278
e863428d39966b2051e5358d06d9ab31d204e80bc708cada6cee3d27a199643f
e9a2731bcb2bdc94e4abdff5f16756841973c97814338e7dfb475cb78af07d4c
ebf48e4b031c5023b35afbb530e8b793ac189516c4bbc8b97f1a0c52373c1f22
ecddc9177ed9be3776926d246e807a7a2b38833177bd4efee6b7dd6eacc8f64f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17f078ea883fbe048f75ab5e7371c081cbd7d85ec5d91d443512d1ecd63dfb3
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f791e2caad257aaef4f2dab14e72cbf9dc6d49c125f17838041a011f84a43b0e
f89f4c53525d04bc411135a5eeece025d68e2681021ae884c61bc235d54d1238
f8a6758a8cc49f3536cf06606c263dc88d993bdf9c579ecc2f2bd3df1c8401f7
f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e
faa9a31d515a270fbb4092b18a30aad904453767aed4c3f15ddd79ec875c6784
fb9f513e9c258cd28e82bf4659744267863ce6e250a4d2866f5fff9890e550f7
ff59385f65bc163ce53b06eb3c7389ddddc021f1c98bf02d88d60cf569a4cc9a

rental.turbotenant.com Open in urlscan Pro 2a06:98c1:3120::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

99 %HTTPS

43 %IPv6

29 Domains

43 Subdomains

40 IPs

5 Countries

3632 kBTransfer

11247 kBSize

27 Cookies

5 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rental.turbotenant.com Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

99 %
HTTPS

43 %
IPv6

29
Domains

43
Subdomains

40
IPs

5
Countries

3632 kB
Transfer

11247 kB
Size

27
Cookies

130 HTTP transactions
0 data transactions