mysites.safelink.dev.airfind.com Open in urlscan Pro
198.199.92.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mysite.safelink.dev.airfind.com/
Effective URL:
http://mysites.safelink.dev.airfind.com/
Submission: On November 01 via automatic, source certstream-suspicious (November 1st 2021, 2:55:27 pm UTC) — Scanned from DE

Summary HTTP 44 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 9 domains to perform 44 HTTP transactions. The main IP is 198.199.92.49, located in San Francisco, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is mysites.safelink.dev.airfind.com.

This is the only time mysites.safelink.dev.airfind.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	198.199.92.49 198.199.92.49	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
14	23.111.11.113 23.111.11.113	33438 (HIGHWINDS2) (HIGHWINDS2)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	143.204.98.76 143.204.98.76	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	143.204.98.33 143.204.98.33	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	142.250.186.65 142.250.186.65	15169 (GOOGLE) (GOOGLE)
1	143.204.98.123 143.204.98.123	16509 (AMAZON-02) (AMAZON-02)
1 4	104.107.160.24 104.107.160.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
5	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	142.250.185.225 142.250.185.225	15169 (GOOGLE) (GOOGLE)
1	172.217.18.100 172.217.18.100	15169 (GOOGLE) (GOOGLE)
1	2.21.140.74 2.21.140.74	16625 (AKAMAI-AS) (AKAMAI-AS)
44	17

4 198.199.92.49 (San Francisco, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

mysite.safelink.dev.airfind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mysites.safelink.dev.airfind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.dev.airfind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 23.111.11.113 (United States)

ASN33438 (HIGHWINDS2, US)

cdn.airfind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-33.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net

c388339a4663269d9e0d0bff5389fbb3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.107.160.24 (Berlin, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-160-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.100 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f100.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.140.74 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-74.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	airfind.com 1 redirects mysite.safelink.dev.airfind.com mysites.safelink.dev.airfind.com cdn.airfind.com api.dev.airfind.com	158 KB
8	googlesyndication.com c388339a4663269d9e0d0bff5389fbb3.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	38 KB
5	media.net 1 redirects contextual.media.net lg3.media.net	151 KB
5	doubleclick.net securepubads.g.doubleclick.net	128 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
2	google.com adservice.google.com www.google.com	2 KB
2	google-analytics.com www.google-analytics.com	21 KB
2	googletagservices.com www.googletagservices.com	64 KB
1	hotjar.io vc.hotjar.io	258 B
44	9

	Domain	Requested by
14	cdn.airfind.com	mysites.safelink.dev.airfind.com cdn.airfind.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net mysites.safelink.dev.airfind.com
4	contextual.media.net	1 redirects mysites.safelink.dev.airfind.com contextual.media.net
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	www.google-analytics.com	mysites.safelink.dev.airfind.com
2	www.googletagservices.com	mysites.safelink.dev.airfind.com
2	mysites.safelink.dev.airfind.com	mysites.safelink.dev.airfind.com
1	lg3.media.net
1	www.google.com	tpc.googlesyndication.com
1	api.dev.airfind.com
1	vc.hotjar.io	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	c388339a4663269d9e0d0bff5389fbb3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	mysites.safelink.dev.airfind.com
1	mysite.safelink.dev.airfind.com	1 redirects
44	18

This site contains links to these domains. Also see Links.

Domain
mysites.safelink.com
dsweb.safelink.com
www.safelink.com
play.google.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
cdn.airfind.com R3	`2021-08-24` - `2021-11-22`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
api.dev.airfind.com R3	`2021-10-25` - `2022-01-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://mysites.safelink.dev.airfind.com/
Frame ID: 39C0174C850C7F4B1EB4B5F66E1C3758
Requests: 40 HTTP requests in this frame

Frame: https://c388339a4663269d9e0d0bff5389fbb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5A17362FE971F7CEA1FF1B18B9F20FBA
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Frame ID: 4E963D876B45933BBD28AC6FDD123452
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV8478.js
Frame ID: 68C16A3240F74CBA553A3BA3E3663E53
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 40856739F168B353ABA577121105F621
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3190D773D1055372BECC0FEE8A27BD37
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tracfone

Page URL History Show full URLs

https://mysite.safelink.dev.airfind.com/ HTTP 301
http://mysites.safelink.dev.airfind.com/ Page URL

Page Statistics

44
Requests

57 %
HTTPS

0 %
IPv6

9
Domains

18
Subdomains

17
IPs

2
Countries

624 kB
Transfer

1766 kB
Size

15
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://mysites.safelink.com/lifeline
Title: My Lifeline Programs

Search URL Search Domain Scan URL

URL: https://dsweb.safelink.com/611611/help/
Title: 611611 Helpline

Search URL Search Domain Scan URL

URL: https://www.safelink.com/wps/portal/home/retailers
Title: Store Locator

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.safelinkwireless.app

Search URL Search Domain Scan URL

URL: https://www.safelink.com/wps/portal/home/h/tandc
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.safelink.com/wps/portal/home/h/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mysite.safelink.dev.airfind.com/ HTTP 301
http://mysites.safelink.dev.airfind.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 9

http://www.google-analytics.com/plugins/ua/linkid.js HTTP 307
https://www.google-analytics.com/plugins/ua/linkid.js

Request Chain 29

http://contextual.media.net/dmedianet.js?cid=8CU38B48Y HTTP 302
https://contextual.media.net/dmedianet.js?cid=8CU38B48Y

44 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
mysites.safelink.dev.airfind.com/
Redirect Chain

https://mysite.safelink.dev.airfind.com/
http://mysites.safelink.dev.airfind.com/

75 KB
35 KB

444ms
203ms

Document
text/html

198.199.92.49
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://mysites.safelink.dev.airfind.com/
Protocol: HTTP/1.1
Server: 198.199.92.49 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 / Express
Resource Hash: 92e6a4dde139522f7366304fa41d979a11f214422e900bbc554da960d4254ebe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.10.3
Date: Mon, 01 Nov 2021 14:55:22 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type
Content-Encoding: gzip

Redirect headers

server: nginx/1.10.3
date: Mon, 01 Nov 2021 14:55:22 GMT
content-type: text/html
content-length: 178
location: http://mysites.safelink.dev.airfind.com

GET
H/1.1 200
OK owl.carousel.css
cdn.airfind.com/dev/genericportal/public/css/components/ 5 KB
2 KB 36ms
5ms Stylesheet
text/css 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.airfind.com/dev/genericportal/public/css/components/owl.carousel.css?cb=24a11b1
Requested by: Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/
Protocol: HTTP/1.1
Server: 23.111.11.113 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 14:55:22 GMT
Content-Encoding: gzip
Last-Modified: Sun, 10 Sep 2017 16:15:16 GMT
Server: NetDNA-cache/2.2
ETag: W/"1206-558d81d95be5b"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=1200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 01 Nov 2021 15:15:20 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
27 KB 42ms
16ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

f3468e055583e2695c1f21a35a75d7821e296a31306b99491c3e28bd93ea7538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 14:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1030 / 559 of 1000 / last-modified: 1635764759"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27378
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 01 Nov 2021 14:55:22 GMT

GET
H/1.1 200
OK home.css
cdn.airfind.com/dev/genericportal/public/css/fp1/pages/ 46 KB
9 KB 36ms
6ms Stylesheet
text/css 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.airfind.com/dev/genericportal/public/css/fp1/pages/home.css?cb=24a11b1
Requested by: Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/
Protocol: HTTP/1.1
Server: 23.111.11.113 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1ae6a6a8f2d25ebe9fde346814e39757df5c98d3f3403f53913291b8b4ecad4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 14:55:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Dec 2020 03:19:36 GMT
Server: NetDNA-cache/2.2
ETag: W/"b853-5b7050b5b90a6"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=1200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 01 Nov 2021 15:15:20 GMT

GET
H2 200 iframeResizer.contentWindow.min.js Show response
cdn.airfind.com/staging/genericportal/public/bower_components/iframe-resizer/js/ 13 KB
6 KB 44ms
6ms Script
text/javascript 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.airfind.com/staging/genericportal/public/bower_components/iframe-resizer/js/iframeResizer.contentWindow.min.js
Requested by: Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.113 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: be807849a9e29acd60b39c4a3420fc01e6cac5a4f0ad2b8cbdca248e28fd1c2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 14:55:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Oct 2019 12:41:47 GMT
server: NetDNA-cache/2.2
etag: W/"3491-594f24ebdc39d"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=1200
expires: Mon, 01 Nov 2021 14:59:19 GMT

GET
H/1.1 200
OK hotjar-285355.js Show response
static.hotjar.com/c/ 7 KB
3 KB 53ms
27ms Script
application/javascript 143.204.98.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://static.hotjar.com/c/hotjar-285355.js?sv=5

Requested by

Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/

Protocol

HTTP/1.1

Server

143.204.98.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-76.fra50.r.cloudfront.net

Software

Resource Hash

f505c1e1d8ce79da413109684f6c6f56279eadfbeb13f94913dfb08cdf94b747

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 14:54:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 58
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
ETag: W/8e244a1c45cda34ca9497f25a883c4a1
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
X-Cache-Hit: 1
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: eCOCOh1dbfMBIuZsjsOaQsfiKhJ9A2U4I2PIjMOaxpCTN6MgGXvK9A==

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
20 KB

50ms
14ms

Script
text/javascript

142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/

Protocol

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 3288
date: Mon, 01 Nov 2021 14:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 01 Nov 2021 16:00:34 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 pubads_impl_2021102801.js Show response
securepubads.g.doubleclick.net/gpt/ 350 KB
119 KB 39ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js?31063351

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 14:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120786
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 01 Nov 2021 14:55:22 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 85 B
726 B 37ms
16ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mysites.safelink.dev.airfind.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4025e2813121ae991e1e16d183f228d4af74e286931c2365280deea0eb235e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 14:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Mon, 01 Nov 2021 14:55:22 GMT

GET
H2 200 modules.d4630e91cffbd6b56a37.js Show response
script.hotjar.com/ 222 KB
59 KB 38ms
8ms Script
application/javascript 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d4630e91cffbd6b56a37.js

Requested by

Host: static.hotjar.com
URL: http://static.hotjar.com/c/hotjar-285355.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-33.fra50.r.cloudfront.net

Software

Resource Hash

dd8bce41d0be6d4e5449bef910b493bcf872a4189a361451102996bfe0082f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 10:41:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 360857
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59861
access-control-allow-origin: *
last-modified: Thu, 28 Oct 2021 10:40:59 GMT
etag: "fe2e85deda154f5a6e0e0112bec8a18c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: AZaneEhjaOL7Nt-K1hNlnOxgeqcTnKnB-TzEGKDTbHG0JRik1zxZrA==

GET
H2

200

linkid.js Show response
www.google-analytics.com/plugins/ua/
Redirect Chain

http://www.google-analytics.com/plugins/ua/linkid.js
https://www.google-analytics.com/plugins/ua/linkid.js

2 KB
1 KB

15ms
14ms

Script
text/javascript

142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/

Protocol

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 14:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 01 Nov 2021 15:08:57 GMT

Redirect headers

Location: https://www.google-analytics.com/plugins/ua/linkid.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK warn-icon.png
mysites.safelink.dev.airfind.com/fp1/ 306 B
874 B 179ms
176ms Image
image/png 198.199.92.49
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mysites.safelink.dev.airfind.com/fp1/warn-icon.png
Requested by: Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/
Protocol: HTTP/1.1
Server: 198.199.92.49 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 / Express
Resource Hash: 91e37b74c2e405969030cdcb452d71b80acc29a048c1acddf5bbed6fdeca6c82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 14:55:22 GMT
Last-Modified: Sun, 24 Nov 2019 20:43:56 GMT
Server: nginx/1.10.3
X-Powered-By: Express
ETag: W/"132-16e9f281e73"
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 306

GET
H/1.1 200
OK my-lifeline-icon.png
cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/ 3 KB
4 KB 6ms
6ms Image
image/png 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/my-lifeline-icon.png
Requested by: Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/
Protocol: HTTP/1.1
Server: 23.111.11.113 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 7dacf071d3a8200b386bedaeaea0394334a308bb4144084f9f9ae2aa942094ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 14:55:22 GMT
Last-Modified: Wed, 30 Dec 2020 13:45:35 GMT
Server: NetDNA-cache/2.2
ETag: "d68-5b7aeb8bd2edf"
X-Cache: HIT
Content-Type: image/png
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3432
Expires: Mon, 01 Nov 2021 15:15:21 GMT

GET
H/1.1 200
OK arrow-right.svg
cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/ 1 KB
879 B 6ms
6ms Image
image/svg+xml 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/arrow-right.svg
Requested by: Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/
Protocol: HTTP/1.1
Server: 23.111.11.113 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: afb985da7ca4f4bc4b9799f2beb8225b1714e6ba3126c74685e88dff1ef0437d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 14:55:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jan 2020 14:01:45 GMT
Server: NetDNA-cache/2.2
ETag: W/"447-59d47c7e55b83"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: image/svg+xml
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Tue, 01 Nov 2022 12:57:39 GMT

GET
H/1.1 200
OK customer-care-icon.png
cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/ 7 KB
7 KB 12ms
6ms Image
image/png 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/customer-care-icon.png
Requested by: Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/
Protocol: HTTP/1.1
Server: 23.111.11.113 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2457f9123a1b534c28b5d1a850779a01ed963537268d6ce21f9a446385533b62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 14:55:22 GMT
Last-Modified: Wed, 30 Dec 2020 13:45:35 GMT
Server: NetDNA-cache/2.2
ETag: "1b99-5b7aeb8bd2edf"
X-Cache: HIT
Content-Type: image/png
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7065
Expires: Mon, 01 Nov 2021 14:59:20 GMT

GET
H/1.1 200
OK helpline-icon.png
cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/ 6 KB
7 KB 12ms
6ms Image
image/png 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/helpline-icon.png
Requested by: Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/
Protocol: HTTP/1.1
Server: 23.111.11.113 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4e444a640e0653220b37d8aefa70ba470d25e292e17eda8f71dfadf5faf8f265

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 14:55:22 GMT
Last-Modified: Wed, 30 Dec 2020 13:45:35 GMT
Server: NetDNA-cache/2.2
ETag: "1959-5b7aeb8bd2edf"
X-Cache: HIT
Content-Type: image/png
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6489
Expires: Mon, 01 Nov 2021 14:59:20 GMT

GET
H/1.1 200
OK store-locator-icon.png
cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/ 12 KB
12 KB 12ms
6ms Image
image/png 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/store-locator-icon.png
Requested by: Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/
Protocol: HTTP/1.1
Server: 23.111.11.113 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: e114a5c02d89ede8d1e200b976bcea1f62b0865afea0ad3807d0082c205cc365

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 14:55:22 GMT
Last-Modified: Wed, 30 Dec 2020 13:45:35 GMT
Server: NetDNA-cache/2.2
ETag: "305d-5b7aeb8bd2edf"
X-Cache: HIT
Content-Type: image/png
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12381
Expires: Mon, 01 Nov 2021 14:59:20 GMT

GET
H/1.1 200
OK TRHC-SL-Mobile-App-icon.png
cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/ 4 KB
4 KB 12ms
6ms Image
image/png 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/TRHC-SL-Mobile-App-icon.png
Requested by: Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/
Protocol: HTTP/1.1
Server: 23.111.11.113 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1ae13b5ad45349a0671caf735640f0b7321d68769c1051ab3190c5b35e23735a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 14:55:22 GMT
Last-Modified: Fri, 14 Feb 2020 16:38:40 GMT
Server: NetDNA-cache/2.2
ETag: "104a-59e8bd684361f"
X-Cache: HIT
Content-Type: image/png
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4170
Expires: Mon, 01 Nov 2021 15:15:21 GMT

GET
H/1.1 200
OK recertify-icon.png
cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/ 6 KB
6 KB 7ms
6ms Image
image/png 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/recertify-icon.png
Requested by: Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/
Protocol: HTTP/1.1
Server: 23.111.11.113 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9f6982e666882d6d218360fe7dd0fdfaab5eb7cf0338e7a1ce55434a683015e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 14:55:22 GMT
Last-Modified: Wed, 30 Dec 2020 13:45:35 GMT
Server: NetDNA-cache/2.2
ETag: "1845-5b7aeb8bd2edf"
X-Cache: HIT
Content-Type: image/png
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6213
Expires: Mon, 01 Nov 2021 14:59:20 GMT

GET
DATA 200
OK truncated
/ 356 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4e513f096e2aa98c4c8ea0adef7c5855fcd2b77ef5fea307667a966a938cac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 21 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c43e5a58f06c9a55cf35ec48ade82d5a27f740b2310e2901663806ad7ff284b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bing-logo.svg
cdn.airfind.com/tracfone/public/img/search/ 530 B
719 B 7ms
6ms Image
image/svg+xml 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.airfind.com/tracfone/public/img/search/bing-logo.svg
Requested by: Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/
Protocol: HTTP/1.1
Server: 23.111.11.113 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 7cda5ecc7f131c0951400f9ea3aa3100cdcc8ec06cb41b97d79ae273ab898ecc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 14:55:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 May 2018 21:08:13 GMT
Server: NetDNA-cache/2.2
ETag: W/"212-56d72bfb0aefe"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: image/svg+xml
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Tue, 01 Nov 2022 11:42:36 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 39ms
16ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mysites.safelink.dev.airfind.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js?31063351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 14:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 110ms
96ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=836127804919959&correlator=3869378286207901&output=ldjh&impl=fif&eid=31063136%2C31063351%2C31063139%2C31063166&vrg=2021102801&ptt=17&sc=0&sfv=1-0-38&ecs=20211101&iu_parts=118791925%2CTracfone_Home_News_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x50&fluid=height&prev_scp=client%3D40284%26segment%3DSL%26variant%3D126%26browserTabStatus%3Dforeground&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1635778522&dt=1635778522771&dlt=1635778522582&idt=170&frm=20&biw=1600&bih=1200&oid=2&adxs=650&adys=208&adks=2123961035&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fmysites.safelink.dev.airfind.com%2F&vis=1&scr_x=0&scr_y=0&psz=1600x1200&msz=1600x0&ga_vid=974413877.1635778523&ga_sid=1635778523&ga_hid=1322025408&ga_fc=true&fws=0&ohw=0&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js?31063351

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1223d9ee58731ac5267ab4ea1e28aa8577e31d8299f2879a099e4482ebdbf0aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 14:55:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8407
x-xss-protection: 0
google-lineitem-id: 5191880593
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138289998819
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://mysites.safelink.dev.airfind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c388339a4663269d9e0d0bff5389fbb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5A17 6 KB
4 KB 63ms
15ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c388339a4663269d9e0d0bff5389fbb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js?31063351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 01 Nov 2021 14:55:22 GMT
expires: Tue, 01 Nov 2022 14:55:22 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK fp1home.min.js Show response
cdn.airfind.com/dev/genericportal/public/js/ 156 KB
61 KB 7ms
7ms Script
text/javascript 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.airfind.com/dev/genericportal/public/js/fp1home.min.js?cb=24a11b1
Requested by: Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/
Protocol: HTTP/1.1
Server: 23.111.11.113 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2e3f44cbb3413d7719bd149532506eefe8ec4023438eab207ebde91cffbe5fce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 14:55:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 11:10:37 GMT
Server: NetDNA-cache/2.2
ETag: W/"26efa-5c67278b179f0"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Cache-Control: max-age=1200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 01 Nov 2021 15:15:21 GMT

GET
H/1.1 200
OK owfont-regular.min.css
cdn.airfind.com/dev/core/public/bower_components/owfont/css/ 6 KB
2 KB 6ms
6ms Stylesheet
text/css 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.airfind.com/dev/core/public/bower_components/owfont/css/owfont-regular.min.css?cb=24a11b1
Requested by: Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/
Protocol: HTTP/1.1
Server: 23.111.11.113 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: c2b27d8ff9aaea2f76265988c7663472dec9e7483f07ef0ffab11dee104ef2f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 14:55:22 GMT
Content-Encoding: gzip
Last-Modified: Sun, 10 Sep 2017 16:15:13 GMT
Server: NetDNA-cache/2.2
ETag: W/"1917-558d81d6cf8dc"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=1200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 01 Nov 2021 15:15:21 GMT

GET
H/1.1 200
OK google-analytics-scroll-tracker.min.js Show response
cdn.airfind.com/dev/genericportal/public/js/ 2 KB
1 KB 6ms
6ms Script
text/javascript 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.airfind.com/dev/genericportal/public/js/google-analytics-scroll-tracker.min.js?cb=24a11b1
Requested by: Host: cdn.airfind.com
URL: http://cdn.airfind.com/dev/genericportal/public/js/fp1home.min.js?cb=24a11b1
Protocol: HTTP/1.1
Server: 23.111.11.113 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ae7820e14f8911a79a927a5af9f05cee5343b0b3d50d2b6628d4e813067575bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 14:55:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 11:10:37 GMT
Server: NetDNA-cache/2.2
ETag: W/"878-5c67278b18990"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Cache-Control: max-age=1200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 01 Nov 2021 15:15:21 GMT

GET
H2 200 box-d09a446edefba0dcce5d5143e1840e9a.html Show response
vars.hotjar.com/ Frame 4E96 2 KB
1 KB 51ms
7ms Document
text/html 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Requested by: Host: static.hotjar.com
URL: http://static.hotjar.com/c/hotjar-285355.js?sv=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: /
Resource Hash: 69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/

Response headers

content-type: text/html
content-length: 1044
date: Wed, 20 Oct 2021 07:15:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "63e08f928469ab67d9dac30c065ed182"
last-modified: Wed, 20 Oct 2021 07:15:01 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: bVLMdE41Lg0gVTrAaXEwMttWvO-1gv3BEVdQVF4Cdpa4B5wgWa28cw==
age: 1064417

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 31ms
30ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuiDXjkwEPjBRK_Nmglogh98RLwXRWZqJeVpWqgDBDfbQ0mMQXChIEjoQtxBTlrTewcZ-ngZne3PQ33iq4u15v2e7b-nsKWFHpAkYob3tZlgW0jZsVbAEz2HT3CvZwzznRFxh-xhBXVQFBg20_defJUcsl8TcPiUfvPhUwfoX5edAob_ViukPF1AAMH7UFCikZCj--7a2OBcsnA2zDjeni94zqd8VnBk1gtBPTR0NTEtfm2JYK1WcpxkF-GT2Uu09ehoAcJOXREyJg8j3P3QFJzGRDUvUCm6u0hvoC2D-Fj-j2GSTpiUQpVXhb2kJbmCsdJWuTcrnpFumLKyV6H-dc09VU9A&sai=AMfl-YQwm43D3dBz4v7bt8CyL646fe46f9XAbdfhiXojXTCdrCHiAJg4agBSDud4hw8d-Aig8edwPlQAe6klUmdz_r6sSssPMgDWgAkAz45cqPai_OzTJncxzekTlGJRoNwv&sig=Cg0ArKJSzG2PK-zwTKU0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 14:55:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 01 Nov 2021 14:55:22 GMT

GET
H2

200

dmedianet.js Show response
contextual.media.net/
Redirect Chain

http://contextual.media.net/dmedianet.js?cid=8CU38B48Y
https://contextual.media.net/dmedianet.js?cid=8CU38B48Y

284 KB
95 KB

80ms
41ms

Script
text/javascript

104.107.160.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU38B48Y

Requested by

Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/

Protocol

Server

104.107.160.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-107-160-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

edf79797a49de193993039d8e8a4eb744d0255b29389768453411ee838f5ce32

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-mnt-h: 8-18
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag: "15fa2e4d0e45352c5620b7d43a637967"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Mon, 01 Nov 2021 14:55:23 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-7
expires: Mon, 01 Nov 2021 15:00:23 GMT

Redirect headers

Location: https://contextual.media.net/dmedianet.js?cid=8CU38B48Y
Date: Mon, 01 Nov 2021 14:55:22 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=604800

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 119 KB
36 KB 33ms
19ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: mysites.safelink.dev.airfind.com
URL: http://mysites.safelink.dev.airfind.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

d16d61e50a6c8f915deadde160aff9a3ba942fa1eb64c058eb74a646c114e749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 14:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37252
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635368421117528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 01 Nov 2021 14:55:22 GMT

GET
DATA 200
OK truncated
/ 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6beda2b392fdfa88cfa09425578ebbe3b1345e5b8e118b9be2e83743d4343af8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 285355 Show response
vc.hotjar.io/sessions/ 0
258 B 77ms
39ms XHR
text/plain 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/285355?s=0.25&r=0.16753479517205094
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d4630e91cffbd6b56a37.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 14:55:22 GMT
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: W9LlT_D4nL95ULuTfyi8JRqO2TfxEk8zyDsylLdozjkQEyXJJh-Afw==

GET
H2 200 dfcmdynet.js Show response
contextual.media.net/fc/1045354880/ 86 KB
26 KB 423ms
422ms Script
text/javascript 104.107.160.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/fc/1045354880/dfcmdynet.js?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU38B48Y&cpcd=C9PzVk8aMXSvBhC79bYySw%3D%3D&crid=522808538&size=300x250&cc=DE&chnm=mysites.safelink.comFeaturephoneBottomBannerSearch&https=1&vif=1&requrl=http%3A%2F%2Fmysites.safelink.dev.airfind.com%2F&nse=5&vi=1635778523455950472&lw=1&ugd=4&nb=1

Requested by

Host: contextual.media.net
URL: http://contextual.media.net/dmedianet.js?cid=8CU38B48Y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.107.160.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-107-160-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c75f93b9d07f2439e59bb6c9f18115f161603021325eb48a48e8870b4d4db345

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 8-18
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
date: Mon, 01 Nov 2021 14:55:23 GMT
x-mnt-w: 21-gbp6
content-length: 26120
expires: Mon, 01 Nov 2021 14:55:23 GMT

GET
H2 200 nrrV8478.js Show response
contextual.media.net/4a/ Frame 68C1 92 KB
30 KB 28ms
28ms Script
text/javascript 104.107.160.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV8478.js

Requested by

Host: contextual.media.net
URL: http://contextual.media.net/dmedianet.js?cid=8CU38B48Y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.107.160.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-107-160-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cdb9759596043346743671cdf793ade8c57fda225006d6da0dc813c62fbd27a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "d828725179d622a56f951e527a966ed7"
vary: Accept-Encoding
x-mnet-h: 10-9
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Mon, 01 Nov 2021 14:55:23 GMT
content-length: 30223
expires: Mon, 15 Nov 2021 14:55:23 GMT

GET
DATA 200
OK truncated
/ Frame 68C1 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 68C1 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 68C1 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 v1
api.dev.airfind.com/stats/pageviews/ 48 B
258 B 612ms
156ms Image
image/gif 198.199.92.49
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.dev.airfind.com/stats/pageviews/v1?clientId=40284&brand=SL&path=%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.199.92.49 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 14:55:24 GMT
cache-control: private, no-cache, proxy-revalidate, max-age=0
server: nginx/1.10.3
content-length: 48
content-disposition: inline
content-type: image/gif

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 64ms
28ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js?31063351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0bdb6ff8912fb553dacc03629195f2baf423e72120556a4d8c8bd24aad2678fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 14:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9164
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 57ms
36ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfDf5vc6Yd5n9aS4hbl7jnnmpM4h5-XUx4KS-ncBuCv1pAtA-0ZimmyMo4BBXWVYzMsTdGD4yGZLLRJYYSSk7vuJEcMH2z6MrnMVgwHZnljLbyXC0m6mtNiSCA-tP8s6GOdoPlhTx4FSlx8ZyxLIL2Jb3xKhYzg2yOJ1EsCUk7gJBE3f4-V9_gGTvbvFaN0OFkHOwaun04Vwc-k-lVkVoaF90P_4v7NR9QgmaLgxMa-zB5CbaYZc8VVmtasMySRWOs2S0Z8yZiIudyNg0qbCIfQR0rjX8ehMigVSOWoxK6ClmHbLaknjPEPh17h1rnDk0L7w3WTlc_Pw-ApuyxHARteIHU6g-S&sai=AMfl-YTpRkr2jywmmaprEWayUsr7bWh18b3oTVcv7-2Aez-ukUiyJ1LHB1gxx5BhUE9u88DQVtLFOoWRAblSNyCWj6LVnoaBOTo3UTlQcFfSicPVDQHkvvUNcDu3K_Pdjkwv&sig=Cg0ArKJSzJ2FPzI_Xr27EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 14:55:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 01 Nov 2021 14:55:23 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 58ms
21ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js?31063351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 14:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 01 Nov 2021 14:55:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4085 12 KB
5 KB 24ms
7ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 01 Nov 2021 14:23:49 GMT
expires: Tue, 01 Nov 2022 14:23:49 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1894
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3190 783 B
1 KB 67ms
27ms Document
text/html 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f100.1e100.net

Software

GSE /

Resource Hash

83e7a69b26700cf720fc1fa423d0810d5105a46e53414dff0e489dc4290e7994

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6ln55QspqBbzpipPoLS0bQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 01 Nov 2021 14:55:23 GMT
date: Mon, 01 Nov 2021 14:55:23 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-6ln55QspqBbzpipPoLS0bQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js Show response
pagead2.googlesyndication.com/bg/ Frame 4085 35 KB
13 KB 21ms
7ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

b0a97fbcf8b3d0e7211e62f855f6eb8f75a8cdcdc2b0afc9ab9de40f3c77fe80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 14:22:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13525
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 14:22:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3190 0
0 60ms
60ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102801&jk=836127804919959&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102801&jk=836127804919959&bg=!v7ylvPjNAAZzbWp4c207ACkAdvg8WgumL0Kyk7piJIrhpYl74_3EUGl7U9bYMYCFTvieoxQZWKFWrQIAAABcUgAAAApoAQcKACDzB4dRjS8Ok64gIp43mUjG1Mfl1JjLMh4BqkJqVTZuqZkCtVrQEk2VoP_qemqvE5oo1IrCrR2synSkJNiGnscOse6m3SyJV3xd-pg-P_96Sg5rJys-e15p9W6C-5t4YjrtUDWg0u2kcmOtCczlMrsBeL0oIKXV_f2pHMQYSRJqXLtdEXRZy_RsUXjtQhVPhumJSDMfkMcMT2SA7IFcVVqU_E6HHjuSEdXl8Oqw347q_Exn0iX6TTopUhE4WTsFZ00gMpla0pILNls83CInfvUTHSmWsNWkILSDD8URPErVqxWwhrPlgOhSpc6BOXnQ_CME_xfslhHlnzoPnfvZbowHc-Hyjoap1FUhit35EYDRgAyrafu1zKi0KyZh3R5IgIkeinFXLmopmnjOjhWUXhIJaR15dYpZcL9KBot8q5vnfIbIXNlLMNPjsOpbLqCPMDZIB4aemdm9cWFRui9_cXeCsoCVTRhh1HaEoxBva0nxO4p6McIyGdasn8gRruDslbUD92TMcoZmWqfmooGRdqujmu1ndt6WaND8rc-QR6-BDONa4wXFf02SjrfGZpzuruWivNk-yC4WtVkGD9XNuSNi-GKturhmagftpLG3C54sXpprg3QKNBpJGQtDjpCCqyVovQxKp9sOey171yRR-8mJ3JBFikB5XP2_qBon9GkotyoO3s93moPMql7wYS3YVhVjh_udY3kcN0Q7zliq6fsd2Lab-AMRxPmPfahbnqyIi3rhVYaQFYifpKcWxCvBKrJ98_fGrEsZ05dKU6NcEU32AeLrUQDptk3-Q4nqY9V0-qKtPiTrzvLtISrjI1WTXbv8SWscnTWzuhbU4ftzpDVA2r8jA2Icbz4M8_WZ0fj6nkGwIbwqZvIg148WPFykS9-ZFZYtjbJ0k_gDLsxjLUvSnT4Merjt8FhmlKDgk0XpBmmjrkCO9r5VTrB1cm1nMex-WmeKKMwBDQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 14:55:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bqi.php
lg3.media.net/ 15 B
15 B 69ms
7ms Image
text/javascript 2.21.140.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8PO39M0FG&cme=JblaK3ZSxLU1o7rwIS_O6XtlC6f-TxG0zkW7Wmf0gfv-vVJKWGMExJ0b4cVGRkWqtQh8c3XISIMLnMpq6tFASfXzbN4q422NQDo4gqps9VZl1SstxqZjLs9FHhEej5hwLI66MpeFXZm7fi_3RafcWNXeCBLhn5WVoYZ-EDW4YPVtbXUnliMlb9blZ2Kjvs1wtQLApLWVoskNxk9MpIzpCA==||NDHRnZ9Gz3KXlI-i9OnZqQ==|jjOxSydaJ7kGPNLYpkAG7ahKdSk1XYgTDZ1QYswcjv0on_6xgEHN7EIRTvZT0NlQL2Ff40SYaDiNlZQqKfpI8g==|sRBSg3CPSiQ=|Fcl4VLL-IaK5LvrG_7qyVtWdXucl5s0y4x3NU3gCw_n4zcTER4CdTcpoZTrymOIC0DA_gvRJzahIlBMupak2-w==|N7fu2vKt8_s=|URZDVwwG-9rty5cPHxUsPcUjK1Xt1yygBjdPaRmm7EVAFH7T-2dH7WWg-YxQ2onFReow5aTO0hxR2epv_zCYtFFKZ91W6x6AqFzn-Yk-vBUqIOT52IA61uBNGL8W_9VbS7ROZnVOgQIxlYHcxPmYQyzCkUO2tXVrEz7f0hDzqFe_w1Z2Uge-WROkEsJG9XA1QlwkxxQUzU2GXmycme45AgSOo0xiLBEU|&vgd_pbcm=1&gdpr=1&prid=7PRFT79UO&cid=8CU38B48Y&crid=522808538&requrl=http%3A%2F%2Fmysites.safelink.dev.airfind.com%2F&vi=1635778523455950472&ugd=4&cc=DE&sc=HE&startTime=1635778523131&l2type=setting&vgd_l1rakh=1635778523111343946&l1ch=1&sttm=1635778523136&upk=1635778523.28461&hvsid=00001635778523136036324930565987&verid=3121199&vgd_sc=HE&vgd_hbReqId=T1635493045C8S16U461&l1hcsd=l1!A18|7170&vgd_l1rhst=contextual.media.net&vgd_uspa=0&tdAdd[]=%7C%40%7Cfsap%3D0&vgd_isiolc=1&clp=%7B%7D&cl=%7B%7D&rtbsd=6&l2ch=0&l2wsip=170721623&sethcsd=set!A18%7C7245&vgd_pgid=p01638961329t202111011455&vgd_pgids=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.21.140.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-140-74.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Server: Apache
Date: Mon, 01 Nov 2021 14:55:24 GMT
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 15
Expires: Mon, 01 Nov 2021 14:55:24 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
64 B 55ms
34ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvC7u9OGj3DobfM31kdxTNF0XyL4AR1GqqEUWeBS_kFoMKPup9nspekHTQMWaNk7v0LAF74GS1qRJq2vpNcnDCGSgoBkQy9xL3Kf9nmWTE3jQ-r8Vwu&sig=Cg0ArKJSzB0xcNznjJs8EAE&id=lidar2&mcvt=1000&p=1290,650,1543,2250&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&v=20211027&bin=7&avms=nio&bs=1600,1200&mc=0.47&app=0&itpl=19&adk=2123961035&rs=4&la=1&cr=0&osd=1&vs=4&r=v&rst=1635778521416&rpt=2221&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mysites.safelink.dev.airfind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 14:55:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mysites.safelink.dev.airfind.com/	1970-01-20 07:08:34	Name: Feature Phone v1-variantNo Value: 126
mysites.safelink.dev.airfind.com/	1970-01-20 07:08:34	Name: Feature Phone v1-testDate Value: 2020-02-01T19%3A27%3A00Z
mysites.safelink.dev.airfind.com/	1970-01-20 07:08:34	Name: Feature Phone v1-testVersion Value: 1
mysites.safelink.dev.airfind.com/	1970-01-20 07:08:34	Name: mdn Value:
mysites.safelink.dev.airfind.com/	1969-12-31 23:59:59	Name: connect.sid Value: s%3AhzscsaJdYjv6xARI3A7IOX2vvtxt37qu.nUioIor%2B8tU3Fy2GX6ojj5%2BHgH4yiWvNWjTF2aE%2FWCo
.airfind.com/	1970-01-20 15:54:10	Name: _ga Value: GA1.2.974413877.1635778523
.airfind.com/	1970-01-19 22:24:24	Name: _gid Value: GA1.2.350713182.1635778523
.airfind.com/	1970-01-20 07:08:34	Name: _hjid Value: 2441f788-1b28-49d2-a6cb-634e71a9d7e5
.airfind.com/	1970-01-19 22:23:00	Name: _hjFirstSeen Value: 1
.airfind.com/	1970-01-20 07:44:34	Name: __gads Value: ID=bb07a46d6f08e1b1-22ecaccd05cb009b:T=1635778522:S=ALNI_MY_DfsoAZ2dGWvKxefu1bOXewKccQ
mysites.safelink.dev.airfind.com/	1970-01-19 22:22:58	Name: _hjIncludedInSessionSample Value: 1
.airfind.com/	1970-01-19 22:23:00	Name: _hjAbsoluteSessionInProgress Value: 1
.doubleclick.net/	1970-01-20 15:54:10	Name: IDE Value: AHWqTUltMTHrUZ2mSraaC7-IMFa79l_CRvgBFVH8iszu-KuhSJZ4cU82FYbyyHC8Ntc
.media.net/	1970-01-20 02:49:22	Name: gdpr_status Value: 1
mysites.safelink.dev.airfind.com/	1970-01-20 07:08:34	Name: balanceData Value:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
api.dev.airfind.com
c388339a4663269d9e0d0bff5389fbb3.safeframe.googlesyndication.com
cdn.airfind.com
contextual.media.net
lg3.media.net
mysite.safelink.dev.airfind.com
mysites.safelink.dev.airfind.com
pagead2.googlesyndication.com
script.hotjar.com
securepubads.g.doubleclick.net
static.hotjar.com
tpc.googlesyndication.com
vars.hotjar.com
vc.hotjar.io
www.google-analytics.com
www.google.com
www.googletagservices.com
104.107.160.24
142.250.184.226
142.250.185.110
142.250.185.162
142.250.185.225
142.250.186.130
142.250.186.34
142.250.186.65
143.204.98.123
143.204.98.32
143.204.98.33
143.204.98.76
172.217.18.100
198.199.92.49
2.21.140.74
23.111.11.113
0bdb6ff8912fb553dacc03629195f2baf423e72120556a4d8c8bd24aad2678fb
1223d9ee58731ac5267ab4ea1e28aa8577e31d8299f2879a099e4482ebdbf0aa
1ae13b5ad45349a0671caf735640f0b7321d68769c1051ab3190c5b35e23735a
1ae6a6a8f2d25ebe9fde346814e39757df5c98d3f3403f53913291b8b4ecad4b
2457f9123a1b534c28b5d1a850779a01ed963537268d6ce21f9a446385533b62
2e3f44cbb3413d7719bd149532506eefe8ec4023438eab207ebde91cffbe5fce
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
4025e2813121ae991e1e16d183f228d4af74e286931c2365280deea0eb235e71
47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e
4e444a640e0653220b37d8aefa70ba470d25e292e17eda8f71dfadf5faf8f265
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac
6beda2b392fdfa88cfa09425578ebbe3b1345e5b8e118b9be2e83743d4343af8
7cda5ecc7f131c0951400f9ea3aa3100cdcc8ec06cb41b97d79ae273ab898ecc
7dacf071d3a8200b386bedaeaea0394334a308bb4144084f9f9ae2aa942094ae
83e7a69b26700cf720fc1fa423d0810d5105a46e53414dff0e489dc4290e7994
91e37b74c2e405969030cdcb452d71b80acc29a048c1acddf5bbed6fdeca6c82
92e6a4dde139522f7366304fa41d979a11f214422e900bbc554da960d4254ebe
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9c43e5a58f06c9a55cf35ec48ade82d5a27f740b2310e2901663806ad7ff284b
9f6982e666882d6d218360fe7dd0fdfaab5eb7cf0338e7a1ce55434a683015e0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e513f096e2aa98c4c8ea0adef7c5855fcd2b77ef5fea307667a966a938cac5
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ae7820e14f8911a79a927a5af9f05cee5343b0b3d50d2b6628d4e813067575bf
afb985da7ca4f4bc4b9799f2beb8225b1714e6ba3126c74685e88dff1ef0437d
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b0a97fbcf8b3d0e7211e62f855f6eb8f75a8cdcdc2b0afc9ab9de40f3c77fe80
be807849a9e29acd60b39c4a3420fc01e6cac5a4f0ad2b8cbdca248e28fd1c2c
c2b27d8ff9aaea2f76265988c7663472dec9e7483f07ef0ffab11dee104ef2f8
c75f93b9d07f2439e59bb6c9f18115f161603021325eb48a48e8870b4d4db345
cdb9759596043346743671cdf793ade8c57fda225006d6da0dc813c62fbd27a2
d16d61e50a6c8f915deadde160aff9a3ba942fa1eb64c058eb74a646c114e749
d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277
dd8bce41d0be6d4e5449bef910b493bcf872a4189a361451102996bfe0082f3a
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e114a5c02d89ede8d1e200b976bcea1f62b0865afea0ad3807d0082c205cc365
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edf79797a49de193993039d8e8a4eb744d0255b29389768453411ee838f5ce32
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3468e055583e2695c1f21a35a75d7821e296a31306b99491c3e28bd93ea7538
f505c1e1d8ce79da413109684f6c6f56279eadfbeb13f94913dfb08cdf94b747
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

mysites.safelink.dev.airfind.com Open in urlscan Pro 198.199.92.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

44 Requests

57 %HTTPS

0 %IPv6

9 Domains

18 Subdomains

17 IPs

2 Countries

624 kBTransfer

1766 kBSize

15 Cookies

6 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mysites.safelink.dev.airfind.com Open in urlscan Pro
198.199.92.49 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

57 %
HTTPS

0 %
IPv6

9
Domains

18
Subdomains

17
IPs

2
Countries

624 kB
Transfer

1766 kB
Size

15
Cookies

44 HTTP transactions
6 data transactions