app.ex.co Open in urlscan Pro
151.101.13.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://billing.ex.co/
Effective URL:
https://app.ex.co/login/?redirect=http://billing.ex.co/
Submission: On December 13 via manual (December 13th 2019, 4:52:25 pm UTC) from US

Summary HTTP 45 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 22 domains to perform 45 HTTP transactions. The main IP is 151.101.13.209, located in Frankfurt am Main, Germany and belongs to FASTLY - Fastly, US. The main domain is app.ex.co.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on November 13th 2019. Valid for: 10 months.

This is the only time app.ex.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	52.3.217.149 52.3.217.149	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	151.101.13.209 151.101.13.209	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
5	72.247.225.133 72.247.225.133	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a02:26f0:10c... 2a02:26f0:10c:39e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2a05:f500:11:... 2a05:f500:11:101::b93f:9001	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
2	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE - Google LLC)
2	104.111.236.174 104.111.236.174	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6811:edcc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:80ab	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	192.28.147.68 192.28.147.68	53580 (MARKETO) (MARKETO - MARKETO)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700::68... 2606:4700::6810:fa05	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:81f::200d	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2606:4700::68... 2606:4700::6810:fd05	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	52.203.23.10 52.203.23.10	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
45	25

2 52.3.217.149 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-3-217-149.compute-1.amazonaws.com

billing.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.209 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

app.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 72.247.225.133 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-225-133.deploy.static.akamaitechnologies.com

cdn.playbuzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:39e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9001 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.236.174 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-236-174.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:edcc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:80ab (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN53580 (MARKETO - MARKETO, Inc., US)

486-chx-550.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:fa05 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fd05 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.23.10 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-203-23-10.compute-1.amazonaws.com

prd-collector-anon.playbuzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	playbuzz.com cdn.playbuzz.com prd-collector-anon.playbuzz.com	502 KB
5	fullstory.com edge.fullstory.com rs.fullstory.com	114 KB
5	google.com 2 redirects www.google.com apis.google.com accounts.google.com	56 KB
4	facebook.net connect.facebook.net	204 KB
4	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	facebook.com staticxx.facebook.com www.facebook.com	515 B
3	hubspot.com api.hubspot.com track.hubspot.com	1 KB
3	gstatic.com fonts.gstatic.com	29 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	ex.co 2 redirects billing.ex.co app.ex.co	6 KB
2	marketo.net munchkin.marketo.net	6 KB
2	google.de www.google.de	218 B
2	doubleclick.net 2 redirects stats.g.doubleclick.net	321 B
1	hsforms.com forms.hsforms.com	264 B
1	mktoresp.com 486-chx-550.mktoresp.com	303 B
1	hscollectedforms.net js.hscollectedforms.net	21 KB
1	hs-analytics.net js.hs-analytics.net	26 KB
1	usemessages.com js.usemessages.com	14 KB
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	23 KB
1	hs-scripts.com js.hs-scripts.com	818 B
1	googleapis.com fonts.googleapis.com	612 B
45	22

	Domain	Requested by
5	cdn.playbuzz.com	app.ex.co cdn.playbuzz.com
4	connect.facebook.net	app.ex.co connect.facebook.net cdn.playbuzz.com
4	www.google-analytics.com	1 redirects www.googletagmanager.com app.ex.co
3	rs.fullstory.com	edge.fullstory.com
3	fonts.gstatic.com	cdn.playbuzz.com
2	www.facebook.com	app.ex.co
2	api.hubspot.com	js.usemessages.com app.ex.co
2	apis.google.com	cdn.playbuzz.com apis.google.com
2	munchkin.marketo.net	app.ex.co munchkin.marketo.net
2	edge.fullstory.com	app.ex.co edge.fullstory.com
2	px.ads.linkedin.com	1 redirects app.ex.co
2	www.google.de	app.ex.co
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
2	billing.ex.co	2 redirects
1	prd-collector-anon.playbuzz.com	cdn.playbuzz.com
1	track.hubspot.com
1	staticxx.facebook.com	connect.facebook.net
1	accounts.google.com	apis.google.com
1	forms.hsforms.com	app.ex.co
1	486-chx-550.mktoresp.com	munchkin.marketo.net
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	app.ex.co
1	www.googletagmanager.com	app.ex.co
1	js.hs-scripts.com	app.ex.co
1	fonts.googleapis.com	app.ex.co
1	app.ex.co
45	30

This site contains links to these domains. Also see Links.

Domain
ex.co

Subject Issuer	Validity	Valid
e2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-11-13` - `2020-09-23`	10 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.playbuzz.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-26` - `2020-12-01`	a year	crt.sh
ssl817718.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-13` - `2020-02-19`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
www.google.de GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
edge.fullstory.com Let's Encrypt Authority X3	`2019-11-07` - `2020-02-05`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-12-24` - `2020-03-24`	a year	crt.sh
*.apis.google.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
ssl817703.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-13` - `2020-02-19`	6 months	crt.sh
ssl803670.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-06` - `2020-05-14`	6 months	crt.sh
ssl803673.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-06` - `2020-05-14`	6 months	crt.sh
*.mktoresp.com GeoTrust RSA CA 2018	`2018-02-05` - `2020-02-05`	2 years	crt.sh
*.fullstory.com COMODO RSA Domain Validation Secure Server CA	`2017-12-27` - `2021-03-26`	3 years	crt.sh
hubspot.com CloudFlare Inc ECC CA-2	`2019-12-04` - `2020-10-09`	10 months	crt.sh
ssl431287.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-07-24` - `2020-01-30`	6 months	crt.sh
accounts.google.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://app.ex.co/login/?redirect=http://billing.ex.co/
Frame ID: 85B6043EDC167D218AA9051B7D5C0A94
Requests: 42 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 15E69D55849B1857441F5AE5F11FA059
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 4A7E4817A9C31B58BAB23B191D21BFD9
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 48AB06256E79C1D38BC5E07DEF0C9F5A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://billing.ex.co/ HTTP 301
https://billing.ex.co/ HTTP 302
https://app.ex.co/login/?redirect=http://billing.ex.co/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

script /munchkin\.marketo\.net\/munchkin\.js/i

Page Statistics

45
Requests

100 %
HTTPS

72 %
IPv6

22
Domains

30
Subdomains

25
IPs

6
Countries

1022 kB
Transfer

2587 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ex.co/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://billing.ex.co/ HTTP 301
https://billing.ex.co/ HTTP 302
https://app.ex.co/login/?redirect=http://billing.ex.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2072822552&t=pageview&_s=1&dl=https%3A%2F%2Fapp.ex.co%2Flogin%2F%3Fredirect%3Dhttp%3A%2F%2Fbilling.ex.co%2F&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=236870707&gjid=79045346&cid=364654321.1576255926&tid=UA-34510589-44&_gid=1655807071.1576255926&_r=1&gtm=2wgc61TL5ZS84&z=1868055599 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34510589-44&cid=364654321.1576255926&jid=236870707&_gid=1655807071.1576255926&gjid=79045346&_v=j79&z=1868055599 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34510589-44&cid=364654321.1576255926&jid=236870707&_v=j79&z=1868055599 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34510589-44&cid=364654321.1576255926&jid=236870707&_v=j79&z=1868055599&slf_rd=1&random=2699696082

Request Chain 11

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1733697&url=https%3A%2F%2Fapp.ex.co%2Flogin%2F%3Fredirect%3Dhttp%3A%2F%2Fbilling.ex.co%2F&time=1576255926389 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1733697%26url%3Dhttps%253A%252F%252Fapp.ex.co%252Flogin%252F%253Fredirect%253Dhttp%253A%252F%252Fbilling.ex.co%252F%26time%3D1576255926389%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1733697&url=https%3A%2F%2Fapp.ex.co%2Flogin%2F%3Fredirect%3Dhttp%3A%2F%2Fbilling.ex.co%2F&time=1576255926389&liSync=true

Request Chain 14

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-34510589-30&cid=364654321.1576255926&jid=584848742&gjid=1568130749&_gid=1655807071.1576255926&_u=aGDAgEAB~&z=2010142480 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34510589-30&cid=364654321.1576255926&jid=584848742&_v=j79&z=2010142480 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34510589-30&cid=364654321.1576255926&jid=584848742&_v=j79&z=2010142480&slf_rd=1&random=2874146112

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.ex.co/login/
Redirect Chain

http://billing.ex.co/
https://billing.ex.co/
https://app.ex.co/login/?redirect=http://billing.ex.co/

11 KB
5 KB

180ms
126ms

Document
text/html

151.101.13.209
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://app.ex.co/login/?redirect=http://billing.ex.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.209 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

15e28d72d0bc338dbea54d223bbda4e5f93b0815ce182887e4b53f09e85f6163

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: app.ex.co
:scheme: https
:path: /login/?redirect=http://billing.ex.co/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-max-age: 600
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
set-cookie: PlaybuzzToken=delete-cookie-dummy-value; Max-Age=-0.001; Domain=.ex.co; Path=/; Expires=Fri, 13 Dec 2019 16:52:06 GMT; HttpOnly playbuzz=delete-cookie-dummy-value; Max-Age=-0.001; Domain=.ex.co; Path=/; Expires=Fri, 13 Dec 2019 16:52:06 GMT; HttpOnly
etag: W/"2d85-d+OrneIbGA4ONNRuOx+s8A"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 13 Dec 2019 16:52:06 GMT
via: 1.1 varnish
x-served-by: cache-fra19162-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1576255926.175462,VS0,VE103
vary: Accept-Encoding, Origin

Redirect headers

status: 302
date: Fri, 13 Dec 2019 16:52:06 GMT
content-type: text/html; charset=utf-8
content-length: 154
location: https://app.ex.co/login/?redirect=http://billing.ex.co/
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-max-age: 600
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: PlaybuzzToken=; Domain=.ex.co; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly playbuzz=; Domain=.ex.co; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly
vary: Accept

GET
H2 200 css
fonts.googleapis.com/ 4 KB
612 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,500,600&display=swap

Requested by

Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

43aebc8d8a7dcf1f85d74586e687b1cc7bd4291e46359e3dfde1d6045fbfbb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 13 Dec 2019 16:52:06 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 13 Dec 2019 16:52:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Fri, 13 Dec 2019 16:52:06 GMT

GET
H2 200 login-viewer.css
cdn.playbuzz.com/login-viewer/production/68969df1146650821ff4dfcad39240c6844580b6-2019-12-10-09-55-10/ 16 KB
4 KB 109ms
30ms Stylesheet
text/css 72.247.225.133
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playbuzz.com/login-viewer/production/68969df1146650821ff4dfcad39240c6844580b6-2019-12-10-09-55-10/login-viewer.css
Requested by: Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.225.133 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-225-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2ac3a5382ed4d9aa9f405bbed69baa1cc3cdbb4244129577769ecd36aafeb58d

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:52:06 GMT
content-encoding: gzip
status: 200
access-control-max-age: 86400
content-length: 3467
last-modified: Tue, 10 Dec 2019 09:55:11 GMT
server: AmazonS3
etag: "157e2a52eabec817d84d55ad2076ef30"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/css
access-control-allow-origin: *
cache-control: must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 20 Dec 2019 16:52:06 GMT

GET
H2 200 login-viewer-svg.js Show response
cdn.playbuzz.com/login-viewer/production/68969df1146650821ff4dfcad39240c6844580b6-2019-12-10-09-55-10/ 15 KB
6 KB 110ms
30ms Script
application/javascript 72.247.225.133
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playbuzz.com/login-viewer/production/68969df1146650821ff4dfcad39240c6844580b6-2019-12-10-09-55-10/login-viewer-svg.js
Requested by: Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.225.133 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-225-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 99052969cde35bc315dc06ec098e48e742097220fe0364b8958011f74a753d51

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:52:06 GMT
content-encoding: gzip
status: 200
access-control-max-age: 86400
content-length: 5638
last-modified: Tue, 10 Dec 2019 09:55:11 GMT
server: AmazonS3
etag: "ce23b4bba07fc102bef963cd15493fe4"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 20 Dec 2019 16:52:06 GMT

GET
H2 200 login-viewer.js Show response
cdn.playbuzz.com/login-viewer/production/68969df1146650821ff4dfcad39240c6844580b6-2019-12-10-09-55-10/ 493 KB
137 KB 111ms
32ms Script
application/javascript 72.247.225.133
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playbuzz.com/login-viewer/production/68969df1146650821ff4dfcad39240c6844580b6-2019-12-10-09-55-10/login-viewer.js
Requested by: Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.225.133 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-225-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3199ecc00b5402146b381cf0f2c176330688b08fd15976ef4badc508c72584fc

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:52:06 GMT
content-encoding: gzip
status: 200
access-control-max-age: 86400
content-length: 139343
last-modified: Tue, 10 Dec 2019 09:55:11 GMT
server: AmazonS3
etag: "df5d8cdd2195a6294d09aa03821ec1d6"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 20 Dec 2019 16:52:06 GMT

GET
H2 200 6184888.js Show response
js.hs-scripts.com/ 2 KB
818 B 142ms
142ms Script
application/javascript 2606:4700::6811:d3cc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/6184888.js
Requested by: Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83591681325fbcedb965ef6ef9daad0bb571c02a155640186bff516e9ca5d740

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:52:06 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
status: 200
access-control-max-age: 3600
content-length: 549
server: cloudflare
x-trace: 2BB3EA4545633F991C7AD5B721B64117F3D15E3064000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://app.ex.co
cache-control: public, max-age=60
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 544972536981cbc0-VIE
expires: Fri, 13 Dec 2019 16:53:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 62 KB
23 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TL5ZS84

Requested by

Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b252e85afdd553143817449e5d5de4aeb1635da20c95ed2fe56998393614d5f2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:52:06 GMT
content-encoding: br
last-modified: Fri, 13 Dec 2019 15:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 23117
x-xss-protection: 0
expires: Fri, 13 Dec 2019 16:52:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL5ZS84

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1109
date: Fri, 13 Dec 2019 16:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Fri, 13 Dec 2019 18:33:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30426
x-xss-protection: 0
pragma: public
x-fb-debug: 0emsoZqqNS6/Ce4VAxr2+DjshFK2gXFFcOpFnRs5GkMwCldSOSdnOshUO+/wxm5bEKxzonsFrsBrc6zKEToghw==
x-fb-trip-id: 420120009
date: Fri, 13 Dec 2019 16:52:06 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:10c:39e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:39e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Dec 2019 16:52:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=31755
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2072822552&t=pageview&_s=1&dl=https%3A%2F%2Fapp.ex.co%2Flogin%2F%3Fredirect%3Dhttp%3A%2F%2Fbilling.ex.co%2F&ul=en-us&de=UTF-8&dt=Login&sd=24-...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34510589-44&cid=364654321.1576255926&jid=236870707&_gid=1655807071.1576255926&gjid=79045346&_v=j79&z=1868055599
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34510589-44&cid=364654321.1576255926&jid=236870707&_v=j79&z=1868055599
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34510589-44&cid=364654321.1576255926&jid=236870707&_v=j79&z=1868055599&slf_rd=1&random=2699696082

42 B
109 B

31ms
31ms

Image
image/gif

2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34510589-44&cid=364654321.1576255926&jid=236870707&_v=j79&z=1868055599&slf_rd=1&random=2699696082

Requested by

Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Dec 2019 16:52:06 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Dec 2019 16:52:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34510589-44&cid=364654321.1576255926&jid=236870707&_v=j79&z=1868055599&slf_rd=1&random=2699696082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2488590898130190 Show response
connect.facebook.net/signals/config/ 448 KB
113 KB 418ms
418ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2488590898130190?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

54663434e0e70f59b09e931e3d91a78f7d96696da862996cec87b744fc7f7ca1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: rN0HbMOQlHcgylpgxe9ydaT/P7Vo/IMYH+z3x82/aGiPkMYPa5cyKr6cukXld7oKQZeoapwjaTYkiT28/QO8kw==
x-fb-trip-id: 420120009
date: Fri, 13 Dec 2019 16:52:06 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1733697&url=https%3A%2F%2Fapp.ex.co%2Flogin%2F%3Fredirect%3Dhttp%3A%2F%2Fbilling.ex.co%2F&time=1576255926389
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1733697%26url%3Dhttps%253A%252F%252Fapp.ex.co%252Flogin%252F%253Fredirect%253Dhtt...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1733697&url=https%3A%2F%2Fapp.ex.co%2Flogin%2F%3Fredirect%3Dhttp%3A%2F%2Fbilling.ex.co%2F&time=1576255926389&liSync=true

0
88 B

170ms
169ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1733697&url=https%3A%2F%2Fapp.ex.co%2Flogin%2F%3Fredirect%3Dhttp%3A%2F%2Fbilling.ex.co%2F&time=1576255926389&liSync=true
Requested by: Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:52:06 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 20
x-li-uuid: ioIF+Gn83xUQU4oUESsAAA==

Redirect headers

date: Fri, 13 Dec 2019 16:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
x-li-pop: prod-tln1
content-length: 20
x-li-uuid: +n4E8mn83xUQbCkgECsAAA==
pragma: no-cache
server: Play
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1733697&url=https%3A%2F%2Fapp.ex.co%2Flogin%2F%3Fredirect%3Dhttp%3A%2F%2Fbilling.ex.co%2F&time=1576255926389&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 183 KB
56 KB 60ms
20ms Script
application/javascript 35.201.112.186
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.112.186 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ce433a42620c600e8e76cf486c9b4f93200f486b60923cdaf9f9d16d1ec62434

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
Origin: https://app.ex.co

Response headers

date: Fri, 13 Dec 2019 16:49:48 GMT
content-encoding: gzip
age: 138
status: 200
x-guploader-uploadid: AEnB2UpTzJrLs-OBLIwezS6OGZ0r6uEeEvefY5F3uYqpwImwG_lw78UGmzsm80W1oprfdGUevfZ8SvnuDUHFIeWLm2Z3__X7Kg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 56632
last-modified: Tue, 10 Dec 2019 16:16:24 GMT
server: UploadServer
etag: "cca9d3f9938f94b9b7f9903a47a02b92"
x-goog-hash: crc32c=p9SvWw==, md5=zKnT+ZOPlLm3+ZA6R6Arkg==
x-goog-generation: 1575994584868693
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=600,no-transform
x-goog-stored-content-length: 56632
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 13 Dec 2019 16:59:48 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=2072822552&t=pageview&_s=1&dl=https%3A%2F%2Fapp.ex.co%2Flogin%2F%3Fredirect%3Dhttp%3A%2F%2Fbilling.ex.co%2F&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEAB~&jid=584848742&gjid=1568130749&cid=364654321.1576255926&tid=UA-34510589-30&_gid=1655807071.1576255926&z=76698154

Requested by

Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 03:43:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1861739
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-34510589-30&cid=364654321.1576255926&jid=584848742&gjid=1568130749&_gid=1655807071.1576255926&_u=aGDAgEAB~&z=2010142480
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34510589-30&cid=364654321.1576255926&jid=584848742&_v=j79&z=2010142480
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34510589-30&cid=364654321.1576255926&jid=584848742&_v=j79&z=2010142480&slf_rd=1&random=2874146112

42 B
109 B

29ms
28ms

Image
image/gif

2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34510589-30&cid=364654321.1576255926&jid=584848742&_v=j79&z=2010142480&slf_rd=1&random=2874146112

Requested by

Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Dec 2019 16:52:06 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Dec 2019 16:52:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34510589-30&cid=364654321.1576255926&jid=584848742&_v=j79&z=2010142480&slf_rd=1&random=2874146112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 25ms
24ms Script
application/x-javascript 104.111.236.174
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.174 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-236-174.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f97341de4415531cb15d7472b1a00e875c1ad9b5541fd7e9f8ef5905f2a02092

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Dec 2019 16:52:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Oct 2019 16:30:39 GMT
Server: Apache
ETag: "521a36d038605fd35c0785cc62e39b0e:1572021039"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 766

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/155/ 9 KB
4 KB 26ms
25ms Script
application/x-javascript 104.111.236.174
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/155/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.174 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-236-174.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Dec 2019 16:52:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 03:18:20 GMT
Server: Apache
ETag: "c67dad42946949112916578f78706df8:1543547900"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 3923
Expires: Sun, 22 Mar 2020 16:52:06 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 48 KB
19 KB 50ms
34ms Script
application/javascript 2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=gapiLoaded

Requested by

Host: cdn.playbuzz.com
URL: https://cdn.playbuzz.com/login-viewer/production/68969df1146650821ff4dfcad39240c6844580b6-2019-12-10-09-55-10/login-viewer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

f0eb0c09379e9e73f4b79515d7e9897b545aca489e5140b6435ccda332554fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-h8x69x201eC8OBw/uZsW2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "2d60bdf98d21ee68b38eeaf00c081c71"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Fri, 13 Dec 2019 16:52:06 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: cdn.playbuzz.com
URL: https://cdn.playbuzz.com/login-viewer/production/68969df1146650821ff4dfcad39240c6844580b6-2019-12-10-09-55-10/login-viewer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

43a26f6d0cd44b3d541ecaae8ec8732f94865f6dd7c8d0baa367f2fc4557ca33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: aFzzJ+rWn7yhRx38HYlo/A==
status: 200
date: Fri, 13 Dec 2019 16:52:06 GMT
expires: Fri, 13 Dec 2019 16:53:54 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 1779
x-fb-debug: QUU6EXSga+2+ZXiRodQhp7vESZCVEkCQt6qtriMxCOmTRtajO43bTP6mZ6p9n9LMJBSdtZchzdDTNnlrHW2RPQ==
x-fb-trip-id: 420120009
x-fb-content-md5: f906e87d56eeaa1474f9d92109a029d8
etag: "0433dff49ee31d99d53e8d9bb0c0d236"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 background.jpg
cdn.playbuzz.com/content/login-pages/ 275 KB
245 KB 29ms
29ms Image
image/jpeg 72.247.225.133
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.playbuzz.com/content/login-pages/background.jpg
Requested by: Host: cdn.playbuzz.com
URL: https://cdn.playbuzz.com/login-viewer/production/68969df1146650821ff4dfcad39240c6844580b6-2019-12-10-09-55-10/login-viewer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.225.133 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-225-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d1d5249deb032b37c9acf7f7072f9d58e2cb92ddaa8dc9fbc64fc07bbdadb401

Request headers

Referer: https://cdn.playbuzz.com/login-viewer/production/68969df1146650821ff4dfcad39240c6844580b6-2019-12-10-09-55-10/login-viewer.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:52:06 GMT
content-encoding: gzip
last-modified: Wed, 13 Nov 2019 16:47:47 GMT
server: AmazonS3
access-control-allow-origin: *
etag: "5483087bf089bbdf7a8deb221c823938"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: image/jpeg
status: 200
access-control-max-age: 86400
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 250427

GET
H2 200 HLBysyo0MQBO_7E-DWLwzg.woff2
fonts.gstatic.com/s/poppins/v1/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v1/HLBysyo0MQBO_7E-DWLwzg.woff2

Requested by

Host: cdn.playbuzz.com
URL: https://cdn.playbuzz.com/login-viewer/production/68969df1146650821ff4dfcad39240c6844580b6-2019-12-10-09-55-10/login-viewer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d2cd4a9dbd710efc99b77a7a93b99652f9f68a299406605e25e57244d5b5ab96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://cdn.playbuzz.com/login-viewer/production/68969df1146650821ff4dfcad39240c6844580b6-2019-12-10-09-55-10/login-viewer.css
Origin: https://app.ex.co

Response headers

date: Wed, 20 Nov 2019 08:13:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jun 2015 22:54:53 GMT
server: sffe
age: 2018293
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13576
x-xss-protection: 0
expires: Thu, 19 Nov 2020 08:13:53 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: cdn.playbuzz.com
URL: https://cdn.playbuzz.com/login-viewer/production/68969df1146650821ff4dfcad39240c6844580b6-2019-12-10-09-55-10/login-viewer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Poppins:400,500,600&display=swap
Origin: https://app.ex.co

Response headers

date: Thu, 21 Nov 2019 17:48:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:13 GMT
server: sffe
age: 1897419
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7836
x-xss-protection: 0
expires: Fri, 20 Nov 2020 17:48:27 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: cdn.playbuzz.com
URL: https://cdn.playbuzz.com/login-viewer/production/68969df1146650821ff4dfcad39240c6844580b6-2019-12-10-09-55-10/login-viewer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Poppins:400,500,600&display=swap
Origin: https://app.ex.co

Response headers

date: Tue, 10 Dec 2019 08:48:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:04 GMT
server: sffe
age: 288212
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7968
x-xss-protection: 0
expires: Wed, 09 Dec 2020 08:48:34 GMT

GET
H2 200 login-laptop.png
cdn.playbuzz.com/content/login-pages/ 110 KB
110 KB 30ms
30ms Image
image/png 72.247.225.133
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.playbuzz.com/content/login-pages/login-laptop.png
Requested by: Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.225.133 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-225-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b8410fdae5029bdbcdd64038266a4c56c0bfd95e0628e704ac735085d3f6c5a5

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:52:06 GMT
content-encoding: gzip
last-modified: Wed, 13 Nov 2019 16:37:46 GMT
server: AmazonS3
access-control-allow-origin: *
etag: "23fbc7bc762241712004644d28440f8e"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: image/png
status: 200
access-control-max-age: 86400
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 112227

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 57 KB
14 KB 49ms
20ms Script
application/javascript 2606:4700::6811:edcc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6184888.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:edcc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15edd6e8d46ac8eb14f2da524770bfe9ad3e2ac4ff1e67bf4c87612f01f161a3

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:52:06 GMT
via: 1.1 d91484ed0f2bc08dc4c74b0ab1bda282.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 127
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
x-amz-version-id: nYsvVX6znxFVGV._6xSi6cQhwkhwuJd8
last-modified: Thu, 12 Dec 2019 09:37:50 GMT
server: cloudflare
etag: W/"53590932e5a2458492f03697842cf635"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
x-amz-cf-pop: IAD89-C2
cf-ray: 54497255493fcb9c-VIE
x-amz-cf-id: bLtIGPubqMAbvKB0nz9-SrgttweUXRR9I1gbrN6H6my_H7NA4Fv85g==

GET
H2 200 6184888.js Show response
js.hs-analytics.net/analytics/1576255800000/ 75 KB
26 KB 140ms
137ms Script
text/javascript 2606:4700::6811:47b0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1576255800000/6184888.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6184888.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f7a56b6b1f19cc2d4ae89fcf4e7a3d79fe2d8bb837872bd910707744f0117b4

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:52:06 GMT
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: FF4028D73EE06B86
status: 200
content-type: text/javascript
x-amz-id-2: iGmUpRcz7YYohnQSkMxOWM6BU5T+x+GVJkVQ281HLpF3NxPinauSjxmPFCdzP43zPjWzKyRiSgI=
last-modified: Mon, 25 Nov 2019 12:48:28 GMT
server: cloudflare
etag: W/"ec4ff9f22db3b1750b771397556425d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 544972551c48cbc4-VIE
expires: Fri, 13 Dec 2019 16:57:06 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 84 KB
21 KB 24ms
21ms Script
application/javascript 2606:4700::6811:80ab
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6184888.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:80ab , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34f7ec85a88bb0b956c14ff68b6bbcbb0b6c0cd86db761b553129d681b0149a1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
Origin: https://app.ex.co

Response headers

date: Fri, 13 Dec 2019 16:52:06 GMT
via: 1.1 8fc9659fc06389e49927f68638e9bc94.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 332
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: gzip
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Dec 2019 10:57:31 GMT
server: cloudflare
etag: W/"a1288efcca8ca35661e31644bdcc0f76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: T86BGnigcY0.o4rQSj_aOQ6XCAJ0QZGv
access-control-allow-origin: *
cache-control: max-age=600
x-amz-cf-pop: IAD89-C1
cf-ray: 544972551ee6cbac-VIE
x-amz-cf-id: KQiddiFMkG_e3mc9J1DlDRvZf5ox-R_-vCIBi1rpCSVu7RXxxLMqYQ==

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=2072822552&t=event&ni=1&_s=2&dl=https%3A%2F%2Fapp.ex.co%2Flogin%2F%3Fredirect%3Dhttp%3A%2F%2Fbilling.ex.co%2F&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pageLoad&ea=&el=&_u=aGDAgEAB~&jid=&gjid=&cid=364654321.1576255926&tid=UA-34510589-30&_gid=1655807071.1576255926&z=1108589714

Requested by

Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 03:43:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1861739
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visitWebPage Show response
486-chx-550.mktoresp.com/webevents/ 2 B
303 B 916ms
168ms XHR
text/plain 192.28.147.68
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL: https://486-chx-550.mktoresp.com/webevents/visitWebPage?_mchNc=1576255926596&_mchCn=&_mchId=486-CHX-550&_mchTk=_mch-app.ex.co-1576255926595-32277&_mchHo=app.ex.co&_mchPo=&_mchRu=%2Flogin%2F&_mchPc=https%3A&_mchVr=155&_mchHa=&_mchRe=&_mchQp=redirect%3Dhttp%3A%2F%2Fbilling.ex.co%2F
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/155/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN53580 (MARKETO - MARKETO, Inc., US),
Reverse DNS
Software: akka-http/10.1.7 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
Origin: https://app.ex.co

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 13 Dec 2019 16:52:07 GMT
Content-Encoding: gzip
Server: akka-http/10.1.7
Transfer-Encoding: chunked
X-Request-Id: 1b669445-2ebb-4708-81be-92cb4c1e8d01
Content-Type: text/plain; charset=UTF-8

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 196 KB
59 KB 10ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=fa7d716f036d48b8ae6f83e55c6d1bd1&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

a9f6a9d2071e8052b33386e7ff9e5ec6967597edbda0b41f25fe873ea4edda77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
Origin: https://app.ex.co

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: FJo7MdSiUbGO9+bYlMqz2g==
status: 200
date: Fri, 13 Dec 2019 16:52:06 GMT
expires: Sat, 12 Dec 2020 16:03:20 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 60112
x-fb-debug: /eHe927Ln7h99zjO6nNVi0biEbvvLavroA2RVLut8EkvPYSmdexTfqcz2pb8ec9Pi5WglPiZX2qOpX75cUZM/w==
x-fb-trip-id: 420120009
x-fb-content-md5: 2bd095718b35b1f848e1a1a249a39209
etag: "01696b21f218b664962856b0aac439c0"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

POST
H2 200 page Show response
rs.fullstory.com/rec/ 2 KB
2 KB 506ms
453ms XHR
application/json 35.186.194.58
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4bba4a07aa13dd3f067ffcb36feabe801db20bc0f7f923130bcfc09d8ccf4fc6

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
Origin: https://app.ex.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Dec 2019 16:52:07 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.ex.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: 0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/ 106 KB
36 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=gapiLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b7680cf0ac6893bfa22d7071d991bfb13de32d28e5ffa2185dc0d5cea3ff731a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 08:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 06 Nov 2019 22:31:30 GMT
server: sffe
age: 2102101
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 36990
x-xss-protection: 0
expires: Wed, 18 Nov 2020 08:57:05 GMT

OPTIONS
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 23 B
670 B 153ms
125ms XHR
text/plain 2606:4700::6810:fa05
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=6184888&conversations-embed=static-1.5349&mobile=false&messagesUtk=70a2ac77d9814b5eb00de087e3b1e603&traceId=70a2ac77d9814b5eb00de087e3b1e603

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e5f27d5e5d92a7499b2c01025e9d8f6c78effa35afbe71156159a221be6cece

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method: GET
Origin: https://app.ex.co
Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: x-hubspot-messages-uri

Response headers

date: Fri, 13 Dec 2019 16:52:06 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
content-length: 23
allow: HEAD,GET,OPTIONS,PUT
server: cloudflare
x-trace: 2B576A09C7203E50848BE1982876441D9A9C245E88000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://app.ex.co
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 544972562db25964-VIE
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
264 B 121ms
121ms Image
image/gif 2606:4700::6810:5905
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-error-caught&count=1

Requested by

Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:52:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2B16AA33EC782679BC6F6E652758B80DF3B755BFE2000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 544972561fbacba4-VIE
content-length: 35

GET
H2 200 iframe
accounts.google.com/o/oauth2/ Frame 15E6 0
0 41ms
41ms Document
text/html 2a00:1450:4001:81f::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t0qxhBUDDtDLDsk3bmpyHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
accept-encoding: gzip, deflate, br
cookie: NID=193=kHaBzALV_eZ4SWZ2_xjzMnwlAupOEMHt8wtSBhZBQWsmyn2-KZU7NnmLqyL_MmbaCdoUmrilAmIaLGwLtH7LzCx9qm_SK-AxZOqhzGmLNyVd11oDCXI9SpoRNkpGNCPiUql6JWG2dbeUsgObaQrbn-4O_FDGoz3e6yUmRbBnuKg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 13 Dec 2019 16:52:06 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-t0qxhBUDDtDLDsk3bmpyHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 4A7E 0
0 7ms
7ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=fa7d716f036d48b8ae6f83e55c6d1bd1&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
accept-encoding: gzip, deflate, br
cookie: fr=048eMbMsVYwH3Buhd..Bd88G2...1.0.Bd88G2.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/

Response headers

status: 200
content-encoding: br
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Thu, 10 Dec 2020 21:03:31 GMT
cache-control: public,max-age=31536000,immutable
x-fb-debug: 5FBgTiM6ZzctPqyoDqzxr83v2WFGs3fGWZbuoUx8VX0jAFwOC+J3dWMdPa6YlduLxP0GHC+tkPgdUHoOcOsKnA==
content-length: 12364
x-fb-trip-id: 420120009
date: Fri, 13 Dec 2019 16:52:06 GMT
alt-svc: h3-24=":443"; ma=3600

GET
H2 200 /
www.facebook.com/tr/ 44 B
257 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2488590898130190&ev=PageView&dl=https%3A%2F%2Fapp.ex.co%2Flogin%2F%3Fredirect%3Dhttp%3A%2F%2Fbilling.ex.co%2F&rl=&if=false&ts=1576255926879&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1576255926878.541177622&it=1576255926387&coo=false&rqm=GET

Requested by

Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:52:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Fri, 13 Dec 2019 16:52:06 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 289 B
427 B 126ms
126ms XHR
application/json 2606:4700::6810:fa05
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: app.ex.co
URL: https://app.ex.co/login/?redirect=http://billing.ex.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

03583430fe42a3a216cf3d06899e5b4a0db77d951a5ddbd607a02783f45cf990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
Origin: https://app.ex.co
X-HubSpot-Messages-Uri: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:52:07 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
content-length: 222
server: cloudflare
x-trace: 2BDDD7CE133AD5243B037FE6C873136253ABC051F9000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.ex.co
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 544972570e625964-VIE
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ Frame 48AB 183 KB
55 KB 27ms
27ms Script
application/javascript 35.201.112.186
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.112.186 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ce433a42620c600e8e76cf486c9b4f93200f486b60923cdaf9f9d16d1ec62434

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://app.ex.co

Response headers

date: Fri, 13 Dec 2019 16:49:48 GMT
content-encoding: gzip
age: 139
status: 200
x-guploader-uploadid: AEnB2UpTzJrLs-OBLIwezS6OGZ0r6uEeEvefY5F3uYqpwImwG_lw78UGmzsm80W1oprfdGUevfZ8SvnuDUHFIeWLm2Z3__X7Kg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 56632
last-modified: Tue, 10 Dec 2019 16:16:24 GMT
server: UploadServer
etag: "cca9d3f9938f94b9b7f9903a47a02b92"
x-goog-hash: crc32c=p9SvWw==, md5=zKnT+ZOPlLm3+ZA6R6Arkg==
x-goog-generation: 1575994584868693
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=600,no-transform
x-goog-stored-content-length: 56632
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 13 Dec 2019 16:59:48 GMT

POST
H2 200 bundle Show response
rs.fullstory.com/rec/ 29 B
97 B 242ms
241ms XHR
application/json 35.186.194.58
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=4JR5F&UserId=6485093231198208&SessionId=5018331566407680&PageId=5116717237895168&Seq=1&PageStart=1576255926890&PrevBundleTime=0&LastActivityTime=1576255926614
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 392ae2f2b8eb0532b28d142fe768eb0aa918e4f4b7c1f4a790386a7afee6f33f

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
Origin: https://app.ex.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Dec 2019 16:52:07 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.ex.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 29
expires: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
222 B 43ms
43ms Image
image/gif 2606:4700::6810:fd05
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2430194794&v=1.1&a=6184888&pu=https%3A%2F%2Fapp.ex.co%2Flogin%2F%3Fredirect%3Dhttp%3A%2F%2Fbilling.ex.co%2F&t=Login&cts=1576255927198&vi=2189d26a356bcd5f2ec0a7f719a6da67&nc=true&u=39020924.2189d26a356bcd5f2ec0a7f719a6da67.1576255927195.1576255927195.1576255927195.1&b=39020924.1.1576255927196

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fd05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:52:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 544972590bae5952-VIE
content-type: image/gif
content-length: 45
x-robots-tag: none

POST
H2 200 events Show response
prd-collector-anon.playbuzz.com/main/ 0
141 B 330ms
103ms Fetch
text/plain 52.203.23.10
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.playbuzz.com/main/events
Requested by: Host: cdn.playbuzz.com
URL: https://cdn.playbuzz.com/login-viewer/production/68969df1146650821ff4dfcad39240c6844580b6-2019-12-10-09-55-10/login-viewer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.23.10 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-203-23-10.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
Origin: https://app.ex.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 200
date: Fri, 13 Dec 2019 16:52:07 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://app.ex.co
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2488590898130190&ev=Microdata&dl=https%3A%2F%2Fapp.ex.co%2Flogin%2F%3Fredirect%3Dhttp%3A%2F%2Fbilling.ex.co%2F&rl=&if=false&ts=1576255928385&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1576255928385.978369338&it=1576255926387&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:52:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Fri, 13 Dec 2019 16:52:08 GMT

POST
H2 200 bundle Show response
rs.fullstory.com/rec/ 29 B
94 B 144ms
144ms XHR
application/json 35.186.194.58
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=4JR5F&UserId=6485093231198208&SessionId=5018331566407680&PageId=5116717237895168&Seq=2&PageStart=1576255926890&PrevBundleTime=1576255927236&LastActivityTime=1576255927295
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 2918f197a747ba9504e2ac102a32c4a98e5a80a511cd8a5612c70f0b553d2c54

Request headers

Referer: https://app.ex.co/login/?redirect=http://billing.ex.co/
Origin: https://app.ex.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Dec 2019 16:52:12 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.ex.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 29
expires: 0

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ex.co/	1970-01-19 05:50:57	Name: __hssc Value: 39020924.1.1576255927196
.ex.co/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.ex.co/	1970-01-19 15:12:31	Name: hubspotutk Value: 2189d26a356bcd5f2ec0a7f719a6da67
.ex.co/	1970-01-19 15:12:31	Name: __hstc Value: 39020924.2189d26a356bcd5f2ec0a7f719a6da67.1576255927195.1576255927195.1576255927195.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

486-chx-550.mktoresp.com
accounts.google.com
api.hubspot.com
apis.google.com
app.ex.co
billing.ex.co
cdn.playbuzz.com
connect.facebook.net
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
js.hs-analytics.net
js.hs-scripts.com
js.hscollectedforms.net
js.usemessages.com
munchkin.marketo.net
prd-collector-anon.playbuzz.com
px.ads.linkedin.com
rs.fullstory.com
snap.licdn.com
staticxx.facebook.com
stats.g.doubleclick.net
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
104.111.236.174
151.101.13.209
192.28.147.68
2606:4700::6810:5905
2606:4700::6810:fa05
2606:4700::6810:fd05
2606:4700::6811:47b0
2606:4700::6811:80ab
2606:4700::6811:d3cc
2606:4700::6811:edcc
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:817::2004
2a00:1450:4001:818::2003
2a00:1450:4001:81f::200d
2a00:1450:4001:820::200e
2a00:1450:4001:824::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9b
2a02:26f0:10c:39e::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
2a05:f500:11:101::b93f:9001
35.186.194.58
35.201.112.186
52.203.23.10
52.3.217.149
72.247.225.133
03583430fe42a3a216cf3d06899e5b4a0db77d951a5ddbd607a02783f45cf990
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15e28d72d0bc338dbea54d223bbda4e5f93b0815ce182887e4b53f09e85f6163
15edd6e8d46ac8eb14f2da524770bfe9ad3e2ac4ff1e67bf4c87612f01f161a3
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1f7a56b6b1f19cc2d4ae89fcf4e7a3d79fe2d8bb837872bd910707744f0117b4
2918f197a747ba9504e2ac102a32c4a98e5a80a511cd8a5612c70f0b553d2c54
2ac3a5382ed4d9aa9f405bbed69baa1cc3cdbb4244129577769ecd36aafeb58d
3199ecc00b5402146b381cf0f2c176330688b08fd15976ef4badc508c72584fc
34f7ec85a88bb0b956c14ff68b6bbcbb0b6c0cd86db761b553129d681b0149a1
392ae2f2b8eb0532b28d142fe768eb0aa918e4f4b7c1f4a790386a7afee6f33f
3e5f27d5e5d92a7499b2c01025e9d8f6c78effa35afbe71156159a221be6cece
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
43a26f6d0cd44b3d541ecaae8ec8732f94865f6dd7c8d0baa367f2fc4557ca33
43aebc8d8a7dcf1f85d74586e687b1cc7bd4291e46359e3dfde1d6045fbfbb86
4bba4a07aa13dd3f067ffcb36feabe801db20bc0f7f923130bcfc09d8ccf4fc6
54663434e0e70f59b09e931e3d91a78f7d96696da862996cec87b744fc7f7ca1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83591681325fbcedb965ef6ef9daad0bb571c02a155640186bff516e9ca5d740
99052969cde35bc315dc06ec098e48e742097220fe0364b8958011f74a753d51
a9f6a9d2071e8052b33386e7ff9e5ec6967597edbda0b41f25fe873ea4edda77
b252e85afdd553143817449e5d5de4aeb1635da20c95ed2fe56998393614d5f2
b7680cf0ac6893bfa22d7071d991bfb13de32d28e5ffa2185dc0d5cea3ff731a
b8410fdae5029bdbcdd64038266a4c56c0bfd95e0628e704ac735085d3f6c5a5
ce433a42620c600e8e76cf486c9b4f93200f486b60923cdaf9f9d16d1ec62434
d1d5249deb032b37c9acf7f7072f9d58e2cb92ddaa8dc9fbc64fc07bbdadb401
d2cd4a9dbd710efc99b77a7a93b99652f9f68a299406605e25e57244d5b5ab96
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775
f0eb0c09379e9e73f4b79515d7e9897b545aca489e5140b6435ccda332554fef
f97341de4415531cb15d7472b1a00e875c1ad9b5541fd7e9f8ef5905f2a02092
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388

app.ex.co Open in urlscan Pro 151.101.13.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

72 %IPv6

22 Domains

30 Subdomains

25 IPs

6 Countries

1022 kBTransfer

2587 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.ex.co Open in urlscan Pro
151.101.13.209 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

72 %
IPv6

22
Domains

30
Subdomains

25
IPs

6
Countries

1022 kB
Transfer

2587 kB
Size

4
Cookies

45 HTTP transactions
0 data transactions