vestal-citigrade.jiffy.so Open in urlscan Pro
76.76.21.22 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vestal-citigrade.jiffy.so/
Submission: On September 22 via automatic, source certstream-suspicious (September 22nd 2023, 6:28:10 am UTC) — Scanned from DE

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 3 countries across 24 domains to perform 54 HTTP transactions. The main IP is 76.76.21.22, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is vestal-citigrade.jiffy.so.
TLS certificate: Issued by R3 on September 22nd 2023. Valid for: 3 months.

This is the only time vestal-citigrade.jiffy.so was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	76.76.21.22 76.76.21.22	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2491:9800:1d:db7c:7380:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 5	18.153.4.44 18.153.4.44	16509 (AMAZON-02) (AMAZON-02)
2	104.102.38.132 104.102.38.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:223... 2600:9000:223c:7800:9:d7d4:1380:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:223... 2600:9000:223f:ca00:17:3f5c:f800:21	16509 (AMAZON-02) (AMAZON-02)
5	2.23.209.17 2.23.209.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2	44.239.250.189 44.239.250.189	16509 (AMAZON-02) (AMAZON-02)
1	52.43.72.5 52.43.72.5	16509 (AMAZON-02) (AMAZON-02)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
1	18.173.184.218 18.173.184.218	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26d... 2600:9000:26db:b200:3:760:2800:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26d... 2600:9000:26da:3c00:17:f683:1d40:21	16509 (AMAZON-02) (AMAZON-02)
1 2	52.211.179.46 52.211.179.46	16509 (AMAZON-02) (AMAZON-02)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2.16.238.13 2.16.238.13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
54	29

3 76.76.21.22 (Walnut, United States)

ASN16509 (AMAZON-02, US)

vestal-citigrade.jiffy.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:9800:1d:db7c:7380:93a1 (United States)

ASN16509 (AMAZON-02, US)

aif.notion.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.153.4.44 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

x.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.38.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-38-132.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:7800:9:d7d4:1380:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.metadata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:ca00:17:3f5c:f800:21 (United States)

ASN16509 (AMAZON-02, US)

d2hrivdxn8ekm8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.23.209.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-17.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.239.250.189 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-250-189.us-west-2.compute.amazonaws.com

insights.metadata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.43.72.5 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-72-5.us-west-2.compute.amazonaws.com

a.usbrowserspeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

414-xmy-838.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.184.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-184-218.muc50.r.cloudfront.net

dvqigh9b7wa32.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:b200:3:760:2800:21 (United States)

ASN16509 (AMAZON-02, US)

d330aiyvva2oww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:3c00:17:f683:1d40:21 (United States)

ASN16509 (AMAZON-02, US)

d1lu3pmaz2ilpx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.179.46 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-179-46.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.238.13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-13.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 830 www.linkedin.com — Cisco Umbrella Rank: 951 px4.ads.linkedin.com — Cisco Umbrella Rank: 7048	5 KB
6	cloudfront.net d2hrivdxn8ekm8.cloudfront.net dvqigh9b7wa32.cloudfront.net d330aiyvva2oww.cloudfront.net d1lu3pmaz2ilpx.cloudfront.net	28 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 691	30 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 875	138 KB
4	metadata.io cdn.metadata.io — Cisco Umbrella Rank: 64392 insights.metadata.io — Cisco Umbrella Rank: 58060	4 KB
4	clearbitjs.com 1 redirects x.clearbitjs.com — Cisco Umbrella Rank: 29924	46 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	252 KB
3	jiffy.so vestal-citigrade.jiffy.so	7 KB
2	bidr.io 1 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 6817	1 KB
2	adnxs.com acdn.adnxs.com — Cisco Umbrella Rank: 960 ib.adnxs.com — Cisco Umbrella Rank: 360	4 KB
2	reddit.com alb.reddit.com — Cisco Umbrella Rank: 2076	712 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 7483	6 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1593	44 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	88 KB
1	clearbit.com app.clearbit.com — Cisco Umbrella Rank: 30845	1 KB
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2902	736 B
1	mktoresp.com 414-xmy-838.mktoresp.com — Cisco Umbrella Rank: 70250	318 B
1	usbrowserspeed.com a.usbrowserspeed.com — Cisco Umbrella Rank: 10423
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1065	726 B
1	t.co t.co — Cisco Umbrella Rank: 707	378 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1078	15 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1759	8 KB
1	notion.so aif.notion.so — Cisco Umbrella Rank: 93060	2 KB
0	Failed function sub() { [native code] }. Failed
54	24

	Domain	Requested by
6	bat.bing.com	www.googletagmanager.com bat.bing.com aif.notion.so
5	analytics.tiktok.com	vestal-citigrade.jiffy.so analytics.tiktok.com
4	px.ads.linkedin.com	3 redirects snap.licdn.com
4	x.clearbitjs.com	1 redirects aif.notion.so x.clearbitjs.com
3	d2hrivdxn8ekm8.cloudfront.net	vestal-citigrade.jiffy.so d2hrivdxn8ekm8.cloudfront.net
3	www.googletagmanager.com	aif.notion.so www.googletagmanager.com
3	vestal-citigrade.jiffy.so	vestal-citigrade.jiffy.so
2	segment.prod.bidr.io	1 redirects aif.notion.so
2	insights.metadata.io	cdn.metadata.io
2	alb.reddit.com	aif.notion.so
2	cdn.metadata.io	vestal-citigrade.jiffy.so
2	munchkin.marketo.net	vestal-citigrade.jiffy.so munchkin.marketo.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	connect.facebook.net	aif.notion.so connect.facebook.net
1	app.clearbit.com	x.clearbitjs.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	ib.adnxs.com	aif.notion.so
1	px4.ads.linkedin.com	aif.notion.so
1	www.linkedin.com	1 redirects
1	d1lu3pmaz2ilpx.cloudfront.net	d2hrivdxn8ekm8.cloudfront.net
1	d330aiyvva2oww.cloudfront.net	d2hrivdxn8ekm8.cloudfront.net
1	dvqigh9b7wa32.cloudfront.net	d2hrivdxn8ekm8.cloudfront.net
1	414-xmy-838.mktoresp.com	munchkin.marketo.net
1	a.usbrowserspeed.com	cdn.metadata.io
1	analytics.twitter.com	aif.notion.so
1	t.co	aif.notion.so
1	acdn.adnxs.com	d2hrivdxn8ekm8.cloudfront.net
1	static.ads-twitter.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	aif.notion.so	vestal-citigrade.jiffy.so
0	localhost Failed	vestal-citigrade.jiffy.so
54	31

This site contains no links.

Subject Issuer	Validity	Valid
vestal-citigrade.jiffy.so R3	`2023-09-22` - `2023-12-21`	3 months	crt.sh
aif.notion.so Amazon RSA 2048 M02	`2023-07-05` - `2024-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-07` - `2023-09-29`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.metadata.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-18` - `2024-01-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
a.usbrowserspeed.com Amazon RSA 2048 M01	`2022-12-01` - `2023-12-30`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
clearbitjs.com Amazon RSA 2048 M01	`2023-03-17` - `2024-04-14`	a year	crt.sh
clearbit.com Amazon RSA 2048 M02	`2023-03-17` - `2024-04-14`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-06-02` - `2023-12-02`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://vestal-citigrade.jiffy.so/
Frame ID: C5446CCBB4671AD3881A10728163612E
Requests: 5 HTTP requests in this frame

Frame: https://aif.notion.so/aif-production.html
Frame ID: 010F63A8FEB9092CDDC36B4DA144C3B1
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Mysterious Spellbook

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Page Statistics

54
Requests

91 %
HTTPS

39 %
IPv6

24
Domains

31
Subdomains

29
IPs

3
Countries

677 kB
Transfer

2053 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://x.clearbitjs.com/v1/pk_254dd63702a16060ec4cf571f845ad2d/clearbit.min.js HTTP 302
https://x.clearbitjs.com/v1/pk_254dd63702a16060ec4cf571f845ad2d/tags.js?reveal=false&reveal_async=false&tracking=true&tracking_auto_page_events=false&tracking_cookies=true&tracking_legacy=true

Request Chain 39

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-2533&value=&uncacheplz=9199682037 HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-2533&value=&uncacheplz=9199682037&_bee_ppp=1

Request Chain 40

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2368700&time=1695364050908&url=https%3A%2F%2Faif.notion.so%2Faif-production.html HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2368700&time=1695364050908&url=https%3A%2F%2Faif.notion.so%2Faif-production.html&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2368700%26time%3D1695364050908%26url%3Dhttps%253A%252F%252Faif.notion.so%252Faif-production.html%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2368700&time=1695364050908&url=https%3A%2F%2Faif.notion.so%2Faif-production.html&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2368700&time=1695364050908&url=https%3A%2F%2Faif.notion.so%2Faif-production.html&cookiesTest=true&liSync=true&e_ipv6=AQLZ4nquHfbfzQAAAYq7knMFrONPGk81_SrTWcJwzT7ZB5KsNH7rfzNu0xnq16wN1t3LU3Mc

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vestal-citigrade.jiffy.so/ 22 KB
7 KB 151ms
47ms Document
text/html 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vestal-citigrade.jiffy.so/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a869436295c08c2bb7c8ae015127a112b26b4353095c3e091fabbfef26ad8b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 1
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 22 Sep 2023 06:27:30 GMT
etag: W/"49a29d95ee228cf5dcfb7c01f86855a3"
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: fra1::264zm-1695364050001-4dd6ffdb7ac1

GET injection.css
localhost/static/snapshots/klanto/the-mysterious-spellbook/assets/ 0
0

GET
H2 404 40f92a235b3fcaf3ff67ed8aaf920de731e12107.css
vestal-citigrade.jiffy.so/assets/ 0
0 32ms
31ms Stylesheet
text/plain 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vestal-citigrade.jiffy.so/assets/40f92a235b3fcaf3ff67ed8aaf920de731e12107.css

Requested by

Host: vestal-citigrade.jiffy.so
URL: https://vestal-citigrade.jiffy.so/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestal-citigrade.jiffy.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:30 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::264zm-1695364050053-262e99ec274e
x-vercel-cache: MISS
content-type: text/plain; charset=utf-8
cache-control: public, max-age=0, must-revalidate
content-length: 39
x-vercel-error: NOT_FOUND

GET injection.js
localhost/static/snapshots/klanto/the-mysterious-spellbook/assets/ 0
0

GET
H2 404 e218a1aef6df86309cb95b61e446888efa3b0379.css
vestal-citigrade.jiffy.so/assets/ 0
0 34ms
33ms Stylesheet
text/plain 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vestal-citigrade.jiffy.so/assets/e218a1aef6df86309cb95b61e446888efa3b0379.css

Requested by

Host: vestal-citigrade.jiffy.so
URL: https://vestal-citigrade.jiffy.so/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestal-citigrade.jiffy.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:30 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::ppvqs-1695364050055-9f67405951b0
x-vercel-cache: MISS
content-type: text/plain; charset=utf-8
cache-control: public, max-age=0, must-revalidate
content-length: 39
x-vercel-error: NOT_FOUND

GET
H2 200 aif-production.html Show response
aif.notion.so/ Frame 010F 2 KB
2 KB 138ms
33ms Document
text/html 2600:9000:2491:9800:1d:db7c:7380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aif.notion.so/aif-production.html
Requested by: Host: vestal-citigrade.jiffy.so
URL: https://vestal-citigrade.jiffy.so/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9800:1d:db7c:7380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1ed933903027b33287b57d5bc2d0953451a39e61838a6f596b71c55c67b1bf1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1677
content-length: 2078
content-type: text/html
date: Fri, 22 Sep 2023 05:59:34 GMT
etag: "912899c9a41c1f58a613f707e8397516"
last-modified: Mon, 09 Jan 2023 18:00:36 GMT
server: AmazonS3
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
x-amz-cf-id: x3Gqe3Vot3NDKF4L6sOkBjLTMlwdJ4W1q0ZcXtIb0ENkEILsiZjJ5Q==
x-amz-cf-pop: FRA56-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 010F 204 KB
74 KB 184ms
65ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-954804604

Requested by

Host: aif.notion.so
URL: https://aif.notion.so/aif-production.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b97989eda8d8c232e089c1e1c8b293eb074536cf59d513f4e8b5677e303f0719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74967
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Sep 2023 06:27:30 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 010F 197 KB
53 KB 115ms
29ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: aif.notion.so
URL: https://aif.notion.so/aif-production.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 22 Sep 2023 06:27:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53243
x-xss-protection: 0
pragma: public
x-fb-debug: 8u0Pl8+MeXM+fXppJRqbQEL1P3XlqpNGHtDrA0iRa17UQRHDb5ng6ElkIOTKZkBLRB/DYUN/Sun8yV6v9Ts0/g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 010F 281 KB
89 KB 239ms
147ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MTWKTL4

Requested by

Host: aif.notion.so
URL: https://aif.notion.so/aif-production.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25b91aa4659c4603834d97cf84c65e4f76aecca387104b9159a98a66f1058d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90884
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Sep 2023 06:27:30 GMT

GET
H2 200 499229960464487 Show response
connect.facebook.net/signals/config/ Frame 010F 136 KB
35 KB 30ms
30ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/499229960464487?v=2.9.128&r=stable&domain=aif.notion.so

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4ff81fca8e61507f8c929d9b47ee3062b3bbdf21f93135c7b51caf08b888e10

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 22 Sep 2023 06:27:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36076
x-xss-protection: 0
pragma: public
x-fb-debug: CJ3Y9sWJS2ft3qnZXr7WMEY1FNKbSR2Fmfx7wC1htfkf4Zh52kwyPPDyf1MH8QLasuQOcLq3m8FO2n9eNeyTTw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 010F 12 KB
4 KB 139ms
31ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTWKTL4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=51713
accept-ranges: bytes
content-length: 3822

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ Frame 010F 23 KB
8 KB 98ms
29ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTWKTL4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:30 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 010F 56 KB
15 KB 133ms
32ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTWKTL4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:30 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220095-FRA

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 010F 44 KB
13 KB 131ms
63ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTWKTL4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 22 Sep 2023 06:27:29 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AC4803FD7DB14F088B4E400B0B7983F6 Ref B: FRAEDGE1922 Ref C: 2023-09-22T06:27:30Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2

200

tags.js Show response
x.clearbitjs.com/v1/pk_254dd63702a16060ec4cf571f845ad2d/ Frame 010F
Redirect Chain

https://x.clearbitjs.com/v1/pk_254dd63702a16060ec4cf571f845ad2d/clearbit.min.js
https://x.clearbitjs.com/v1/pk_254dd63702a16060ec4cf571f845ad2d/tags.js?reveal=false&reveal_async=false&tracking=true&tracking_auto_page_events=false&tracking_cookies=true&tracking_legacy=true

1 KB
652 B

192ms
191ms

Script
application/javascript

18.153.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v1/pk_254dd63702a16060ec4cf571f845ad2d/tags.js?reveal=false&reveal_async=false&tracking=true&tracking_auto_page_events=false&tracking_cookies=true&tracking_legacy=true

Requested by

Host: aif.notion.so
URL: https://aif.notion.so/aif-production.html

Protocol

Server

18.153.4.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

67711da5f52acb67420d8622e8fb7a587fca16d76855906a4b987bab7d2c16c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: W/"700dbcda5e883c9d73051afe3390cba5"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600

Redirect headers

date: Fri, 22 Sep 2023 06:27:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-response-flags: -
server: envoy
content-type: text/html;charset=utf-8
location: https://x.clearbitjs.com/v1/pk_254dd63702a16060ec4cf571f845ad2d/tags.js?reveal=false&reveal_async=false&tracking=true&tracking_auto_page_events=false&tracking_cookies=true&tracking_legacy=true
content-length: 0

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ Frame 010F 1 KB
1 KB 115ms
39ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: vestal-citigrade.jiffy.so
URL: https://vestal-citigrade.jiffy.so/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 06:27:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 site-script.js Show response
cdn.metadata.io/ Frame 010F 6 KB
2 KB 152ms
33ms Script
application/javascript 2600:9000:223c:7800:9:d7d4:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.metadata.io/site-script.js

Requested by

Host: vestal-citigrade.jiffy.so
URL: https://vestal-citigrade.jiffy.so/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:7800:9:d7d4:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1d4548c03b28521204ab490e46b39179b8fa196998d45215a24602306b662ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: FA0kpUmjH6379n6SM2OzYViu4FNXSGFq
content-encoding: gzip
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
date: Thu, 21 Sep 2023 23:05:51 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P2
age: 26500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Aug 2023 00:07:57 GMT
server: AmazonS3
etag: W/"2963b0a1258588f130235cbdfe809b88"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: 5HkGFU0I-6j1sPUezhUuiM4Ahrq2IJIUCM1mZvbOwdhGdOD4qpRxuA==

GET
H2 200 0fa7d05d-53d0-4e3b-9bd7-880d24b9df68-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ Frame 010F 7 KB
7 KB 132ms
34ms Script
application/javascript 2600:9000:223f:ca00:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/0fa7d05d-53d0-4e3b-9bd7-880d24b9df68-latest.js
Requested by: Host: vestal-citigrade.jiffy.so
URL: https://vestal-citigrade.jiffy.so/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3dc4403a8d07ffeef0c33b90ced857cf411c56d6da456f78cd5b2d221070e6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: 41E0__UL6_KGvsA8I.mjasoSIzxoA4q_
date: Thu, 21 Sep 2023 16:55:37 GMT
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 20:56:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 48715
etag: "f3385af335a44bb08ee8520edea65c8b"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6952
x-amz-cf-id: MnyaEVCWE4cQszOYlQVkILizRqFsF2ZYHQfQSUUQpoy1iSjnDXP-mA==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ Frame 010F 4 KB
2 KB 249ms
142ms Script
application/javascript 2.23.209.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDI1DV3C77U3IB6QOBCG&lib=ttq
Requested by: Host: vestal-citigrade.jiffy.so
URL: https://vestal-citigrade.jiffy.so/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-17.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 159fbf1ed775b1ab3f07285627d3abc4c3139798dd74a9e3ac757297374135a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-akamai-request-id: 82843b33.9cf91c5
date: Fri, 22 Sep 2023 06:27:30 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-62-213-81.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
x-parent-response-time: 104,23.62.213.81
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=7, inner; dur=4
content-length: 1318
pragma: no-cache
server: nginx
x-tt-logid: 20230922062730FF269088372C3405D25F
x-cache-remote: TCP_MISS from a23-220-106-79.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.106.79
x-tt-trace-host: 01cc10ee04cc13700af07b74b0e9ce7dc479a3c75b27f609660bb495f35e2e972fb398b89ad601987c50f8de503fc11c8c73a49b1758da1471c111c11b46dfa31626df67097b7999d1d64805e5677873695fe2ef651ea43b3d8fa05c7de76d656d12d7cde01a3b645352d00577bcba4421
expires: Fri, 22 Sep 2023 06:27:30 GMT

GET
H2 200 site-insights.js Show response
cdn.metadata.io/ Frame 010F 3 KB
1 KB 151ms
34ms Script
application/javascript 2600:9000:223c:7800:9:d7d4:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.metadata.io/site-insights.js

Requested by

Host: vestal-citigrade.jiffy.so
URL: https://vestal-citigrade.jiffy.so/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:7800:9:d7d4:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c70e11016c081695bdb4ffbabd5256305813baaf49f2fb9079ae3ddf1accc245

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 01:35:36 GMT
x-amz-version-id: V0nkAa1z_qFsvRg.lgOpxeXWtv46G9Ma
content-encoding: br
x-content-type-options: nosniff
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P2
age: 17515
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Apr 2023 16:53:20 GMT
server: AmazonS3
etag: W/"fe7d9a877e481321a707820d060478af"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: 3i5r4k_jBdf2H1Q6BuhaI7BcJuLGv0r524P1K9djBahGufeQJ1RaUQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 010F 267 KB
89 KB 86ms
85ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9ZJ8CB186L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTWKTL4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16e355384252855cb364330ab9b11f9cb419cd949c926530ba5cbd58e0c93c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Sep 2023 06:27:30 GMT

GET
H2 200 rp.gif
alb.reddit.com/ Frame 010F 42 B
637 B 105ms
29ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1695364050709&id=t2_7nj6iltu4&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=28bbcdfc-6dad-49b8-aee4-35cd3ffa25fa&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: aif.notion.so
URL: https://aif.notion.so/aif-production.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:30 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 rp.gif
alb.reddit.com/ Frame 010F 42 B
75 B 90ms
30ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1695364050710&id=t2_7nj6iltu4&event=Search&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=81f9e912-259a-4dbf-9fd4-8d3d8665517f&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: aif.notion.so
URL: https://aif.notion.so/aif-production.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:30 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ Frame 010F 11 KB
5 KB 34ms
29ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 06:27:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sun, 31 Dec 2023 06:27:30 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 010F 40 KB
40 KB 37ms
36ms Script
application/javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3ac17d461ee8b27503b79e7141b02cffef51873f0f27d5c18b4454ee16a0d97a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Sep 2023 05:14:46 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
content-type: application/javascript;charset=utf-8
cache-control: max-age=18441
accept-ranges: bytes
content-length: 40568

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame 010F 9 KB
4 KB 140ms
35ms Script
application/javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/0fa7d05d-53d0-4e3b-9bd7-880d24b9df68-latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Expires: Fri, 27 Jan 2023 02:11:02 GMT
Date: Fri, 22 Sep 2023 06:27:30 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 14893
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3340
X-Served-By: cache-lga21930-LGA, cache-fra-eddf8230100-FRA
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1695364051.944627,VS0,VE0
ETag: W/"60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 207568, 1642

GET
H2 200 0fa7d05d-53d0-4e3b-9bd7-880d24b9df68-additional-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ Frame 010F 10 KB
10 KB 39ms
38ms Script
application/javascript 2600:9000:223f:ca00:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/0fa7d05d-53d0-4e3b-9bd7-880d24b9df68-additional-latest.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/0fa7d05d-53d0-4e3b-9bd7-880d24b9df68-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 601ab5fdeb2ef725b561a2a2a85aa57d1fa689b7e7af98335fa79cfc02837d5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 17:48:47 GMT
x-amz-version-id: hAQw_WMfQTzKPuflZgDN4SUpMx1wOZCX
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified: Tue, 29 Aug 2023 22:41:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 45523
etag: "2b3cf04ce83a242fb8940154b27d98d2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9911
x-amz-cf-id: KK7KfbsCIRBAX7HEZgZPHUdVARq5zx4wclnabERKfJK7SuRilAAEVQ==

GET
H2 200 tracker-latest.min.js Show response
d2hrivdxn8ekm8.cloudfront.net/ Frame 010F 9 KB
9 KB 41ms
41ms Script
application/javascript 2600:9000:223f:ca00:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/0fa7d05d-53d0-4e3b-9bd7-880d24b9df68-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d670621488b45b33d1a17b5e1250319b2ce513ededb4dbec847284c35e06f3d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: FtDzqVxCNLcLRbf2i_demDjaD8dXoTf8
date: Fri, 22 Sep 2023 04:56:52 GMT
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2023 23:38:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 5439
x-amz-server-side-encryption: AES256
etag: "85ac140eb3a9fcf2b232e66ca1c134c3"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
content-length: 9238
x-amz-cf-id: EHkQlI-m9YEHU2OnMNpnzvYo6J0rx0xnV-uQn4kVENsRO2vhKDfEUQ==

GET
H2 200 adsct
t.co/1/i/ Frame 010F 43 B
378 B 202ms
132ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=65f50612-126c-41d3-bf29-ab62b1421848&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=a8b47fc4-e4aa-4e85-a7c9-24bbc03797ee&tw_document_href=https%3A%2F%2Faif.notion.so%2Faif-production.html&tw_iframe_status=1&txn_id=ofilm&type=javascript&version=2.3.29

Requested by

Host: aif.notion.so
URL: https://aif.notion.so/aif-production.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-response-time: 102
date: Fri, 22 Sep 2023 06:27:30 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: beb740ef79282273
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: df4c598265652505c2a4a9f5e70350fcc54ed6c004d49b086990d485e445cecb
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ Frame 010F 43 B
726 B 200ms
131ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=65f50612-126c-41d3-bf29-ab62b1421848&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=a8b47fc4-e4aa-4e85-a7c9-24bbc03797ee&tw_document_href=https%3A%2F%2Faif.notion.so%2Faif-production.html&tw_iframe_status=1&txn_id=ofilm&type=javascript&version=2.3.29

Requested by

Host: aif.notion.so
URL: https://aif.notion.so/aif-production.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-response-time: 102
date: Fri, 22 Sep 2023 06:27:30 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 174ae6980aac1852
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 974a08f3ef39267c35382cb55795e7604cb2257e7926be6616c80613b6133e71
content-length: 43

OPTIONS
H2 204 traffic
insights.metadata.io/ Frame 0
0 616ms
195ms Preflight 44.239.250.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://insights.metadata.io/traffic

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.239.250.189 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-250-189.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://aif.notion.so
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Fri, 22 Sep 2023 06:27:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 202 traffic
insights.metadata.io/ Frame 010F 0
0 197ms
196ms Fetch 44.239.250.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://insights.metadata.io/traffic

Requested by

Host: cdn.metadata.io
URL: https://cdn.metadata.io/site-insights.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.239.250.189 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-250-189.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://aif.notion.so/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Sep 2023 06:27:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 0

GET
H2 204 cs
a.usbrowserspeed.com/ Frame 010F 0
0 653ms
219ms Fetch 52.43.72.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.usbrowserspeed.com/cs?pid=5de38576d91fe7ac65e01de48078379caf9e72e979b06a5762372b0c12e930ef&puid=lmu7zdsfcf9rug6kpmn
Requested by: Host: cdn.metadata.io
URL: https://cdn.metadata.io/site-insights.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.72.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-72-5.us-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:31 GMT
server: awselb/2.0

POST
H/1.1 200
OK visitWebPage
414-xmy-838.mktoresp.com/webevents/ Frame 010F 2 B
318 B 1017ms
186ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://414-xmy-838.mktoresp.com/webevents/visitWebPage?_mchNc=1695364050837&_mchCn=&_mchId=414-XMY-838&_mchTk=_mch-aif.notion.so-1695364050835-55014&_mchHo=aif.notion.so&_mchPo=&_mchRu=%2Faif-production.html&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 06:27:31 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 470554f7-7dd1-4b5b-b5b9-b6826514a4f9

GET
H2 200 211022843.js Show response
bat.bing.com/p/action/ Frame 010F 1 KB
841 B 58ms
56ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/211022843.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

db49316076a307a8dc5e5854c324c581226cb0425c0b068df82f0c0aaf09d98f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Fri, 22 Sep 2023 06:27:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 799A31A45B9746B9B864AB98C242ABDE Ref B: FRAEDGE1922 Ref C: 2023-09-22T06:27:30Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ Frame 010F 0
285 B 81ms
81ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=211022843&tm=gtm002&Ver=2&mid=4c769118-5841-4334-870b-5cf6b37affe5&sid=1babfde0591111eebc1d0137e826f6ce&vid=1bac3fe0591111ee9d345d6b844c0ec3&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Faif.notion.so%2Faif-production.html&r=&lt=172&evt=pageLoad&ifm=1&sv=1&rn=685894

Requested by

Host: aif.notion.so
URL: https://aif.notion.so/aif-production.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 22 Sep 2023 06:27:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4463C17219574B0396F170C02B15D62E Ref B: FRAEDGE1922 Ref C: 2023-09-22T06:27:30Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWQ0NWRkZTlhMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ Frame 010F 370 KB
99 KB 35ms
34ms Script
application/javascript 2.23.209.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDI1DV3C77U3IB6QOBCG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-17.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-akamai-request-id: 9cf92d6
date: Fri, 22 Sep 2023 06:27:30 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230921123823311CAA6A3A24C6C69B96
vary: Accept-Encoding
x-cache: TCP_HIT from a23-62-213-81.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d477f9a7419fb2290fb5e207a4daebc6247f95a69b4dda02f33e06d77c02378e56c7e9dadebd6074ac2e83318c242a34bd6bf0cd6ff0d333991091745cea17dac2a4c4143d4bc419573323f4745f75f6ac6cc51ba4cc6d153ee18f2e50572b95
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length: 100813

GET
H2 200 5a28e627 Show response
dvqigh9b7wa32.cloudfront.net/ Frame 010F 43 B
486 B 197ms
38ms XHR
image/gif 18.173.184.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dvqigh9b7wa32.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49MGZhN2QwNWQtNTNkMC00ZTNiLTliZDctODgwZDI0YjlkZjY4JnNlc3Npb25JZD01ZmJmOTQ0Mi0yMzg2LTRlNTUtNTMzOC1jMmE1MjkwNGJkMTM%3D&date=1695364050884
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.184.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-184-218.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 05:03:40 GMT
via: 1.1 455035b7b3ab5f564b775e2968249d3e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 5032
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 7-DbSJDQvLvPK3q8upRJ7GHJhlCTU9umChjmVAIIYb2xOdvfZfdSvw==

GET
H2 200 5a28e627 Show response
d330aiyvva2oww.cloudfront.net/ Frame 010F 43 B
486 B 139ms
39ms XHR
image/gif 2600:9000:26db:b200:3:760:2800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d330aiyvva2oww.cloudfront.net/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE3JnRva2VuPTBmYTdkMDVkLTUzZDAtNGUzYi05YmQ3LTg4MGQyNGI5ZGY2OCZzZXNzaW9uSWQ9NWZiZjk0NDItMjM4Ni00ZTU1LTUzMzgtYzJhNTI5MDRiZDEz&date=1695364050884
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:b200:3:760:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 04:52:52 GMT
via: 1.1 3346ad1679ff01fe81e117084323b814.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 82726
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: REugTQAPaJYQe4yxMCUdNYwOlUnEYYWR7lhuqW0mE3CIA0U9MeO-aA==

GET
H2 200 5a28e627 Show response
d1lu3pmaz2ilpx.cloudfront.net/ Frame 010F 43 B
441 B 162ms
47ms XHR
image/gif 2600:9000:26da:3c00:17:f683:1d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lu3pmaz2ilpx.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49MGZhN2QwNWQtNTNkMC00ZTNiLTliZDctODgwZDI0YjlkZjY4JnNlc3Npb25JZD00Y2I2NjUwZC1kMThhLWMxMzctNjdjMS05YWM2NTg4MTk5ZjAmY29va2llU3VwcG9ydD1OT05FJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPVdpbmRvd3MmJTI0Y3VycmVudFVybD1odHRwcyUzQSUyRiUyRmFpZi5ub3Rpb24uc28lMkZhaWYtcHJvZHVjdGlvbi5odG1s&date=1695364050902
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:3c00:17:f683:1d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 03:02:30 GMT
via: 1.1 03f0b5e1388e49b279dc44f8ff1caa78.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 12302
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
vary: Origin
accept-ranges: bytes
x-amz-cf-id: 6ILw-1QI46ok_zCU_pSiRhnz8cEKVAyf5pKvh-j04Hniu8ekmQ9rNg==

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/ Frame 010F
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-2533&value=&uncacheplz=9199682037
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-2533&value=&uncacheplz=9199682037&_bee_ppp=1

43 B
796 B

45ms
44ms

Image
image/gif

52.211.179.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-2533&value=&uncacheplz=9199682037&_bee_ppp=1

Requested by

Host: aif.notion.so
URL: https://aif.notion.so/aif-production.html

Protocol

HTTP/1.1

Server

52.211.179.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-179-46.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 22 Sep 2023 06:27:31 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-2533&value=&uncacheplz=9199682037&_bee_ppp=1
Date: Fri, 22 Sep 2023 06:27:31 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

collect
px4.ads.linkedin.com/ Frame 010F
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2368700&time=1695364050908&url=https%3A%2F%2Faif.notion.so%2Faif-production.html
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2368700&time=1695364050908&url=https%3A%2F%2Faif.notion.so%2Faif-production.html&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2368700%26time%3D1695364050908%26url%3Dhttps%253A%252F%252Faif.notion.so%252Faif-...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2368700&time=1695364050908&url=https%3A%2F%2Faif.notion.so%2Faif-production.html&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2368700&time=1695364050908&url=https%3A%2F%2Faif.notion.so%2Faif-production.html&cookiesTest=true&liSync=true&e_ipv6=AQLZ4nquHfbfzQAAAYq7knMFrONP...

0
265 B

332ms
250ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2368700&time=1695364050908&url=https%3A%2F%2Faif.notion.so%2Faif-production.html&cookiesTest=true&liSync=true&e_ipv6=AQLZ4nquHfbfzQAAAYq7knMFrONPGk81_SrTWcJwzT7ZB5KsNH7rfzNu0xnq16wN1t3LU3Mc
Requested by: Host: aif.notion.so
URL: https://aif.notion.so/aif-production.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:31 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4C9D715EAFBB4CA8980320CF29149C6B Ref B: FRAEDGE1409 Ref C: 2023-09-22T06:27:31Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYF7LQWSqcp2E+tEayvXw==

Redirect headers

date: Fri, 22 Sep 2023 06:27:31 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 36270B6C1CCC43CC91F6F93B3E91C795 Ref B: FRAEDGE1807 Ref C: 2023-09-22T06:27:31Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2368700&time=1695364050908&url=https%3A%2F%2Faif.notion.so%2Faif-production.html&cookiesTest=true&liSync=true&e_ipv6=AQLZ4nquHfbfzQAAAYq7knMFrONPGk81_SrTWcJwzT7ZB5KsNH7rfzNu0xnq16wN1t3LU3Mc
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYF7LQRMhu7HsnwSPHenA==

GET
H2 200 211022843 Show response
bat.bing.com/p/insights/t/ Frame 010F 643 B
862 B 193ms
192ms Script
application/x-javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/211022843

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/211022843.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d40245eed0f59c0f7064d1d5ba45647d5c2d15870e74e4802f554c8984dca3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: -1
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 22 Sep 2023 06:27:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9136672655914786B80DB10665D00F04 Ref B: FRAEDGE1922 Ref C: 2023-09-22T06:27:30Z
vary: Accept-Encoding
x-azure-ref: 20230922T062730Z-wvxry17ax51sbf7u0u3ke7d0ss0000000f7g000000000a4e
content-type: application/x-javascript
x-cache: CONFIG_NOCACHE
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 585
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 pixie
ib.adnxs.com/ Frame 010F 42 B
226 B 116ms
32ms Image
image/gif 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=16afbefb-a19a-4817-9cc0-27b3359d4c24&it=1695364050966&v=0.0.20&u=https%3A%2F%2Faif.notion.so%2Faif-production.html&st=1695364050966&et=1695364050966&if=1
Requested by: Host: aif.notion.so
URL: https://aif.notion.so/aif-production.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:31 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx/1.21.3
x-proxy-origin: 193.32.248.222; 193.32.248.222; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 42
content-type: image/gif

GET
H2 200 identify_7dd78.js Show response
analytics.tiktok.com/i18n/pixel/static/ Frame 010F 134 KB
35 KB 37ms
33ms Script
application/javascript 2.23.209.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-17.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-akamai-request-id: 9cf93bd
date: Fri, 22 Sep 2023 06:27:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202309071107150225082CA02103823177
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-62-213-81.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 015f3cf50e0c89bde3d23af9bb2fd36a09115d2d9fb9a16631dec18a6637b6d356598e41a39921d4af41ad7f66a5948847960477e57391dfa27209f006c35c342954d185ed2b9458314eb8c9f85a0985a8cc4563597ea9fd6427e79eb66cc2c819
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 35726

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ Frame 010F 0
736 B 245ms
125ms Ping
text/plain 2.16.238.13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-13.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aif.notion.so/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 306f6615
date: Fri, 22 Sep 2023 06:27:31 GMT
x-bytefaas-request-id: 20230922062731260F212DB5DB477C4FC4
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-239-13.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4-50766152) (-)
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=0, origin; dur=96
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230922062731260F212DB5DB477C4FC4
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 4.85
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 96,2.16.239.13
x-tt-trace-host: 01cc10ee04cc13700af07b74b0e9ce7dc4a94833c24b9a457269523f83a2e7031454bc26696d69e064631d310f49b082531f004ffc8fd5ce6c072c0e79133f3560a392bc81b1958eb8bf5eadd7b4d4ae69f024080871565970f1475f6059c989f1
access-control-allow-headers: *
expires: Fri, 22 Sep 2023 06:27:31 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ Frame 010F 0
787 B 219ms
213ms Ping
text/plain 2.23.209.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-17.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aif.notion.so/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 150f118.9cf942e
date: Fri, 22 Sep 2023 06:27:31 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-62-213-81.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
x-parent-response-time: 172,23.62.213.81
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=77, inner; dur=31
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230922062731CD17A302CFA8D6156237
x-cache-remote: TCP_MISS from a23-32-16-92.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 77,23.32.16.92
x-tt-trace-host: 01cc10ee04cc13700af07b74b0e9ce7dc479a3c75b27f609660bb495f35e2e972fff329c3dfeb74b5f76f2d31924af16ccfe8389ab8f38a5275a002081c0a9e8debf8b4dc63bd1701c51e236aaea582d5e5b2e41180e92d91335c58aa262d50eedc3afe0d477a4be236d5ddd07122079c1
access-control-allow-headers: Authorization,*
expires: Fri, 22 Sep 2023 06:27:31 GMT

GET
H2 200 destinations.min.js Show response
x.clearbitjs.com/v2/pk_254dd63702a16060ec4cf571f845ad2d/ Frame 010F 0
21 B 216ms
216ms Script
application/javascript 18.153.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_254dd63702a16060ec4cf571f845ad2d/destinations.min.js

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v1/pk_254dd63702a16060ec4cf571f845ad2d/clearbit.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.153.4.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-response-flags: -
server: envoy
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
content-length: 0

GET
H2 200 tracking.min.js Show response
x.clearbitjs.com/v2/pk_254dd63702a16060ec4cf571f845ad2d/ Frame 010F 168 KB
45 KB 187ms
187ms Script
application/javascript 18.153.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_254dd63702a16060ec4cf571f845ad2d/tracking.min.js

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v1/pk_254dd63702a16060ec4cf571f845ad2d/clearbit.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.153.4.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

88ab2df7cff6cd14e2cbe1e3c295d414e6dde3e2e79663f17703865be5463c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600

GET
H2 200 0.7.10 Show response
bat.bing.com/p/insights/s/ Frame 010F 34 KB
15 KB 71ms
70ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.10

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/211022843

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

21e440f5fa584e7e8e926aeebec9d20b83f5cd2b2c65aebdee9c3e1c05cc600b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aif.notion.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Fri, 22 Sep 2023 06:27:30 GMT
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
content-length: 14541
last-modified: Mon, 18 Sep 2023 19:28:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2F9795060DDF49D794964E04A0114074 Ref B: FRAEDGE1922 Ref C: 2023-09-22T06:27:31Z
etag: W/"0x8DBB87D7475AE00"
vary: Accept-Encoding
x-azure-ref: 20230922T062731Z-emn7sg5hkh2sm7u73bcx1kpym40000000fvg00000000bxhe
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 19401110-801e-0048-07d6-ea33ec000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ Frame 010F 0
787 B 140ms
140ms Ping
text/plain 2.23.209.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-17.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aif.notion.so/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 150f7e5.9cf9571
date: Fri, 22 Sep 2023 06:27:31 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-62-213-81.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
x-parent-response-time: 101,23.62.213.81
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=15, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230922062731B5AA948E9861178665AD
x-cache-remote: TCP_MISS from a23-32-16-92.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,23.32.16.92
x-tt-trace-host: 01cc10ee04cc13700af07b74b0e9ce7dc479a3c75b27f609660bb495f35e2e972fff329c3dfeb74b5f76f2d31924af16cc471fe80e6cf355b69da17b30e2d4d16dcc94ac4aa8a79de8add354e1524e415c0cd2880bbe03e4d3896f88dcecc626e9ff259123368737ecee636227d2c8623a
access-control-allow-headers: Authorization,*
expires: Fri, 22 Sep 2023 06:27:31 GMT

POST
H2 204 t Show response
bat.bing.com/p/insights/c/ Frame 010F 0
208 B 127ms
127ms XHR
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/t

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/x-webinsights-gzip
Referer: https://aif.notion.so/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 22 Sep 2023 06:27:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E54DD8CA35C44F6C8D06D6239EFFBA69 Ref B: FRAEDGE1922 Ref C: 2023-09-22T06:27:31Z
x-powered-by: ARR/3.0
vary: Origin
x-cache: CONFIG_NOCACHE
access-control-allow-origin: https://aif.notion.so
access-control-allow-credentials: true
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H2 200 p Show response
app.clearbit.com/v1/ Frame 010F 16 B
1 KB 281ms
198ms XHR
application/json 18.153.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clearbit.com/v1/p

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v2/pk_254dd63702a16060ec4cf571f845ad2d/tracking.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.153.4.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aif.notion.so/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Sep 2023 06:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://aif.notion.so
content-security-policy-report-only: default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://checkout.stripe.com https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com https://*.commandbar.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://*.commandbar.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://*.commandbar.com https://api.segment.io https://checkout.stripe.com https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*.commandbar.com https://checkout.stripe.com; img-src 'self' https://*.commandbar.com https://*.stripe.com data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
access-control-allow-credentials: true
access-control-allow-headers: Authorization, API-Version, Content-Type

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ Frame 010F 0
193 B 198ms
198ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://aif.notion.so/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 22 Sep 2023 06:27:32 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 59A32ADF11E44173AE2E232907EEEB4F Ref B: FRAEDGE1807 Ref C: 2023-09-22T06:27:32Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://aif.notion.so
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYF7LQZURAR0KDuaOyykA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: localhost
URL: http://localhost:8022/static/snapshots/klanto/the-mysterious-spellbook/assets/injection.css

Domain: localhost
URL: http://localhost:8022/static/snapshots/klanto/the-mysterious-spellbook/assets/injection.js

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tiktok.com/	1970-01-21 00:17:40	Name: _ttp Value: 2Vjz05c3gbSH2PA3UjQPVdt9cs4
.bing.com/	1970-01-21 00:17:40	Name: MUID Value: 2C80DE1D3EBF6DFD3683CD893FBF6C29
.twitter.com/	1970-01-21 00:32:04	Name: guest_id_marketing Value: v1%3A169536405096441655
.twitter.com/	1970-01-21 00:32:04	Name: guest_id_ads Value: v1%3A169536405096441655
.twitter.com/	1970-01-21 00:32:04	Name: personalization_id Value: "v1_JM3qZ3+pCaFlo176KZwgYA=="
.twitter.com/	1970-01-21 00:32:04	Name: guest_id Value: v1%3A169536405096441655
.t.co/	1970-01-21 00:32:04	Name: muc_ads Value: 91d9acf1-0335-4691-b033-43c0b9ddc974
.bidr.io/	1970-01-21 00:24:37	Name: bito Value: AABmB07KGmgAABi4cyjl-g
.bidr.io/	1970-01-21 00:24:37	Name: bitoIsSecure Value: ok
.linkedin.com/	1970-01-20 17:05:40	Name: li_sugr Value: 37a96b60-04fd-409c-8b32-d392905ec70b
.linkedin.com/	1970-01-20 23:41:40	Name: bcookie Value: "v=2&ab1ca62c-5852-4089-841f-8c16e9ec4126"
.linkedin.com/	1970-01-20 14:57:30	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3000:u=1:x=1:i=1695364051:t=1695450451:v=2:sig=AQGmwXzKhMx_l4AvdVI2Kv7GcqzHQ-Y9"
.linkedin.com/	1970-01-20 15:39:16	Name: UserMatchHistory Value: AQLlibMrJpBrUwAAAYq7knF0ZV-c09NnvYZlDdqz48JwX0ydiloRpq_dxuBSJL78wMkbh9EAhvhi_w
.linkedin.com/	1970-01-20 15:39:16	Name: AnalyticsSyncHistory Value: AQLXO32r2x0eJwAAAYq7knF0SlaiGMZGK-aZHmHtuEdMx5RHxsR09td8si2Il1CCjl563ZSfLgXgqkucAbPNMA
.a.usbrowserspeed.com/	1970-01-20 23:41:40	Name: tuid Value: dfe02551-d412-47d0-ba14-a552d67e47a5
.www.linkedin.com/	1970-01-20 23:41:40	Name: bscookie Value: "v=1&20230922062731d4e2c40c-77e5-4486-8b42-27cdb9706476AQFh36A7ZpLUUvodfqYTnpvE9qjPlHWe"
.linkedin.com/	1970-01-20 19:15:16	Name: li_gc Value: MTswOzE2OTUzNjQwNTE7MjswMjFu/oQCvXVVPoEMfR3WeZ7U2/EbYglQiveTXYwXUP10oQ==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://vestal-citigrade.jiffy.so/assets/40f92a235b3fcaf3ff67ed8aaf920de731e12107.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vestal-citigrade.jiffy.so/assets/e218a1aef6df86309cb95b61e446888efa3b0379.css Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

414-xmy-838.mktoresp.com
a.usbrowserspeed.com
acdn.adnxs.com
aif.notion.so
alb.reddit.com
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
app.clearbit.com
bat.bing.com
cdn.metadata.io
connect.facebook.net
d1lu3pmaz2ilpx.cloudfront.net
d2hrivdxn8ekm8.cloudfront.net
d330aiyvva2oww.cloudfront.net
dvqigh9b7wa32.cloudfront.net
ib.adnxs.com
insights.metadata.io
localhost
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
segment.prod.bidr.io
snap.licdn.com
static.ads-twitter.com
t.co
vestal-citigrade.jiffy.so
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
x.clearbitjs.com
localhost
104.102.38.132
104.244.42.131
104.244.42.69
13.107.42.14
146.75.120.157
151.101.129.140
151.101.193.108
18.153.4.44
18.173.184.218
185.89.210.101
192.28.147.68
2.16.238.13
2.23.209.17
2600:9000:223c:7800:9:d7d4:1380:93a1
2600:9000:223f:ca00:17:3f5c:f800:21
2600:9000:2491:9800:1d:db7c:7380:93a1
2600:9000:26da:3c00:17:f683:1d40:21
2600:9000:26db:b200:3:760:2800:21
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:81c::2008
2a02:26f0:480:f::213:7ec6
2a03:2880:f084:105:face:b00c:0:3
2a04:4e42::396
44.239.250.189
52.211.179.46
52.43.72.5
76.76.21.22
159fbf1ed775b1ab3f07285627d3abc4c3139798dd74a9e3ac757297374135a2
16e355384252855cb364330ab9b11f9cb419cd949c926530ba5cbd58e0c93c95
1d4548c03b28521204ab490e46b39179b8fa196998d45215a24602306b662ab5
20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321
21e440f5fa584e7e8e926aeebec9d20b83f5cd2b2c65aebdee9c3e1c05cc600b
25b91aa4659c4603834d97cf84c65e4f76aecca387104b9159a98a66f1058d99
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
3ac17d461ee8b27503b79e7141b02cffef51873f0f27d5c18b4454ee16a0d97a
3dc4403a8d07ffeef0c33b90ced857cf411c56d6da456f78cd5b2d221070e6c8
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
601ab5fdeb2ef725b561a2a2a85aa57d1fa689b7e7af98335fa79cfc02837d5b
67711da5f52acb67420d8622e8fb7a587fca16d76855906a4b987bab7d2c16c5
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
88ab2df7cff6cd14e2cbe1e3c295d414e6dde3e2e79663f17703865be5463c24
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a869436295c08c2bb7c8ae015127a112b26b4353095c3e091fabbfef26ad8b16
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4
b97989eda8d8c232e089c1e1c8b293eb074536cf59d513f4e8b5677e303f0719
c4ff81fca8e61507f8c929d9b47ee3062b3bbdf21f93135c7b51caf08b888e10
c70e11016c081695bdb4ffbabd5256305813baaf49f2fb9079ae3ddf1accc245
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d40245eed0f59c0f7064d1d5ba45647d5c2d15870e74e4802f554c8984dca3ca
d670621488b45b33d1a17b5e1250319b2ce513ededb4dbec847284c35e06f3d1
db49316076a307a8dc5e5854c324c581226cb0425c0b068df82f0c0aaf09d98f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e1ed933903027b33287b57d5bc2d0953451a39e61838a6f596b71c55c67b1bf1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

vestal-citigrade.jiffy.so Open in urlscan Pro 76.76.21.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

54 Requests

91 %HTTPS

39 %IPv6

24 Domains

31 Subdomains

29 IPs

3 Countries

677 kBTransfer

2053 kBSize

17 Cookies

0 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vestal-citigrade.jiffy.so Open in urlscan Pro
76.76.21.22 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

91 %
HTTPS

39 %
IPv6

24
Domains

31
Subdomains

29
IPs

3
Countries

677 kB
Transfer

2053 kB
Size

17
Cookies

54 HTTP transactions
0 data transactions