urlscan.io logo urlscan.io
SecurityTrails logo

auth.beta.exorlive.com Open in urlscan Pro
40.113.2.52  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://auth.beta.exorlive.com/
Effective URL: https://auth.beta.exorlive.com/signin/
Submission: On October 23 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 34 HTTP transactions. The main IP is 40.113.2.52, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is auth.beta.exorlive.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on October 23rd 2024. Valid for: 6 months.
This is the only time auth.beta.exorlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 40.113.2.52 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a03:2880:f17... 32934 (FACEBOOK)
34 13
10    40.113.2.52 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
auth.beta.exorlive.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:480:15::213:7e63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
10 exorlive.com
auth.beta.exorlive.com
253 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 321
px4.ads.linkedin.com — Cisco Umbrella Rank: 6828
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
317 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
71 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
920 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4401
1 google.de
www.google.de — Cisco Umbrella Rank: 11271
408 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 784
14 KB
1 gstatic.com
fonts.gstatic.com
47 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
3 KB
34 12
Domain Requested by
10 auth.beta.exorlive.com 1 redirects auth.beta.exorlive.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 px.ads.linkedin.com 1 redirects snap.licdn.com
3 www.googletagmanager.com auth.beta.exorlive.com
www.googletagmanager.com
www.google-analytics.com
2 www.facebook.com
2 connect.facebook.net auth.beta.exorlive.com
connect.facebook.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
1 px4.ads.linkedin.com auth.beta.exorlive.com
1 www.google.de auth.beta.exorlive.com
1 snap.licdn.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com auth.beta.exorlive.com
34 13

This site contains links to these domains. Also see Links.

Domain
support.exorlive.com
Subject Issuer Validity Valid
auth.beta.exorlive.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-10-23 -
2025-04-23		 6 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
www.google.de
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-10-14 -
2025-04-14		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-01 -
2024-10-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth.beta.exorlive.com/signin/
Frame ID: 6371A0DD62BCC7487D2EFCD843E97C64
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ExorLive single sign-on service

Page URL History Show full URLs

  1. https://auth.beta.exorlive.com/ HTTP 302
    https://auth.beta.exorlive.com/signin/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

34
Requests

97 %
HTTPS

85 %
IPv6

12
Domains

13
Subdomains

13
IPs

4
Countries

733 kB
Transfer

1822 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth.beta.exorlive.com/ HTTP 302
    https://auth.beta.exorlive.com/signin/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1682708&time=1729680002787&url=https%3A%2F%2Fauth.beta.exorlive.com%2Fsignin%2F HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1682708&time=1729680002787&url=https%3A%2F%2Fauth.beta.exorlive.com%2Fsignin%2F&e_ipv6=AQIp1JB5Wm9a0wAAAZK49lCYxGHXSDU2I5bGgtHLWGC01UiHc2_QokqMMNSVGmP-gTweRd1_MX8Ln0YLkrsRBe1X9Ksjlg

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
auth.beta.exorlive.com/signin/
Redirect Chain
  • https://auth.beta.exorlive.com/
  • https://auth.beta.exorlive.com/signin/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.beta.exorlive.com/signin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.113.2.52 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e223e236152940036eb701ef9e7af7fab84b687c222ee90005fdca110c87e27

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Lanugage
en-US
Content-Length
1972
Content-Type
text/html; charset=utf-8
Date
Wed, 23 Oct 2024 10:40:01 GMT
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store
Content-Lanugage
en-US
Content-Length
3210
Content-Type
text/html; charset=utf-8
Date
Wed, 23 Oct 2024 10:40:01 GMT
Expires
-1
Location
/signin/
Pragma
no-cache
X-XRDS-Location
https://auth.beta.exorlive.com/providers/xrds/ https://auth.beta.exorlive.com/providers/xrds/
default.css
auth.beta.exorlive.com/signin/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.beta.exorlive.com/signin/default.css
Requested by
Host: auth.beta.exorlive.com
URL: https://auth.beta.exorlive.com/signin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.113.2.52 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ef80d027a2194ed0ee6ec62e9189d963a07c701fe4acea3a875557306de79186

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/signin/

Response headers

Content-Encoding
gzip
ETag
"03639b46c1adb1:0"
Accept-Ranges
bytes
Content-Length
1670
Date
Wed, 23 Oct 2024 10:40:01 GMT
Content-Type
text/css
Last-Modified
Wed, 09 Oct 2024 17:00:12 GMT
Vary
Accept-Encoding
deps.js
auth.beta.exorlive.com/resources/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.beta.exorlive.com/resources/deps.js
Requested by
Host: auth.beta.exorlive.com
URL: https://auth.beta.exorlive.com/signin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.113.2.52 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
259d21b26c5cda442078405fca353b8a1711876b8ea1289ff7240c3c50bd9d01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/signin/

Response headers

Content-Encoding
gzip
ETag
"02812ad6c1adb1:0"
Accept-Ranges
bytes
Content-Length
2090
Date
Wed, 23 Oct 2024 10:40:01 GMT
Content-Type
application/x-javascript
Last-Modified
Wed, 09 Oct 2024 17:00:00 GMT
Vary
Accept-Encoding
css
fonts.googleapis.com/ 		40 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,600,600italic,700,700italic,regular&subset=latin,latin-ext
Requested by
Host: auth.beta.exorlive.com
URL: https://auth.beta.exorlive.com/signin/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0161bdbfd1f987eef480be07c6debf9c827cdbae3de679fe8d99e05db92bbcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 10:40:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 10:40:02 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 23 Oct 2024 10:40:02 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
GoogleTagManager.js
auth.beta.exorlive.com/resources/scripts/ 		345 B
670 B 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.beta.exorlive.com/resources/scripts/GoogleTagManager.js
Requested by
Host: auth.beta.exorlive.com
URL: https://auth.beta.exorlive.com/signin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.113.2.52 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
439b7cbeae7f2d2ba04ba98dfe6a4f7e3085b5b6b54ab31f8f2d41291d906f52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/signin/

Response headers

Content-Encoding
gzip
ETag
"03639b46c1adb1:0"
Accept-Ranges
bytes
Content-Length
412
Date
Wed, 23 Oct 2024 10:40:01 GMT
Content-Type
application/x-javascript
Last-Modified
Wed, 09 Oct 2024 17:00:12 GMT
Vary
Accept-Encoding
ScriptResource.axd
auth.beta.exorlive.com/ 		100 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.beta.exorlive.com/ScriptResource.axd?d=MolsiBl89HwdL7Ea_KclqmMINNEEDAWLWipWo6WaRzQgdxRmRPqwY4rhPT3JA3_nnQl74moGJV5LaZMqStOxmjpPgm58Nyej5TNX-Bb1Mk_zw2F08mpsNsGZyTuKWokMckd8rfh2ZxzVZXgZmsh7acI-g993u60QUHvwFZ6yldDDuVJr0&t=7a0cc936
Requested by
Host: auth.beta.exorlive.com
URL: https://auth.beta.exorlive.com/signin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.113.2.52 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/signin/

Response headers

Cache-Control
public
Content-Encoding
gzip
Content-Lanugage
nb-NO
Expires
Thu, 23 Oct 2025 10:32:28 GMT
Content-Length
25609
Date
Wed, 23 Oct 2024 10:40:01 GMT
Content-Type
application/x-javascript
Last-Modified
Wed, 23 Oct 2024 10:32:28 GMT
ExorLive$Auth$Web$Js$SignIn.js
auth.beta.exorlive.com/ResourceLoader.axd/js/638640900120000000/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.beta.exorlive.com/ResourceLoader.axd/js/638640900120000000/ExorLive$Auth$Web$Js$SignIn.js?culture=en-US
Requested by
Host: auth.beta.exorlive.com
URL: https://auth.beta.exorlive.com/signin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.113.2.52 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
00e445269ea2a7eb2b21b3d85bf6211f1391bd64bde80355baa32c82b93b3ce2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/signin/

Response headers

Cache-Control
private, max-age=31536000
Content-Encoding
gzip
Content-Lanugage
en-US
Expires
Thu, 23 Oct 2025 10:40:02 GMT
Content-Length
5545
Date
Wed, 23 Oct 2024 10:40:01 GMT
Content-Type
application/x-javascript; charset=utf-8
Last-Modified
Mon, 01 Jan 1601 00:00:00 GMT
Vary
Accept-Encoding
js
auth.beta.exorlive.com/webservices/AuthenticationService.svc/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.beta.exorlive.com/webservices/AuthenticationService.svc/js
Requested by
Host: auth.beta.exorlive.com
URL: https://auth.beta.exorlive.com/signin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.113.2.52 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7b3e643b647ad1172a34e4c43d2eef9326045ddb7cc60aa811e978918801f684

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/signin/

Response headers

Cache-Control
public
Content-Encoding
gzip
Content-Lanugage
en-US
Expires
Wed, 23 Oct 2024 10:32:30 GMT
Content-Length
1528
Date
Wed, 23 Oct 2024 10:40:01 GMT
Content-Type
application/x-javascript
Last-Modified
Wed, 23 Oct 2024 10:32:30 GMT
Vary
Accept-Encoding
logo.png
auth.beta.exorlive.com/resources/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.beta.exorlive.com/resources/images/logo.png
Requested by
Host: auth.beta.exorlive.com
URL: https://auth.beta.exorlive.com/signin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.113.2.52 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
95bc1e23e91bc277b5fd9541524d2dd20097420ce7b4acc9dbe4b9a13da0cf4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/signin/

Response headers

Accept-Ranges
bytes
Content-Length
8082
Date
Wed, 23 Oct 2024 10:40:01 GMT
ETag
"02812ad6c1adb1:0"
Content-Type
image/png
Last-Modified
Wed, 09 Oct 2024 17:00:00 GMT
gtm.js
www.googletagmanager.com/ 		301 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K5LZJS
Requested by
Host: auth.beta.exorlive.com
URL: https://auth.beta.exorlive.com/resources/scripts/GoogleTagManager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a6185b6327ee3347ac679aeebad2c5b63f468b4509bbd84c2908db0c9349028b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 23 Oct 2024 10:40:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 10:40:02 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 23 Oct 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97598
x-xss-protection
0
server
Google Tag Manager
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,600,600italic,700,700italic,regular&subset=latin,latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://auth.beta.exorlive.com
Referer
https://fonts.googleapis.com/

Response headers

age
65515
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:28:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:28:07 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		347 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S8KZP73MXM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5LZJS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd0d5fc1a31c1a1698f4c503f46c948f47c7aed85b5109eb793ddf1ded186e82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 23 Oct 2024 10:40:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 10:40:02 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
112251
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5LZJS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

content-encoding
gzip
age
4427
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 11:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 09:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
insight.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5LZJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:15::213:7e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

cache-control
max-age=13001
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Wed, 23 Oct 2024 10:40:02 GMT
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-S8KZP73MXM&gtm=45je4ah0v867573221z86248752za200zb6248752&_p=1729680002430&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685~101823848&cid=1178485409.1729680003&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1729680002&sct=1&seg=0&dl=https%3A%2F%2Fauth.beta.exorlive.com%2Fsignin%2F&dt=ExorLive%20single%20sign-on%20service&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=825
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S8KZP73MXM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://auth.beta.exorlive.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 10:40:02 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
559 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S8KZP73MXM&cid=1178485409.1729680003&gtm=45je4ah0v867573221z86248752za200zb6248752&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686685~101823848
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S8KZP73MXM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://auth.beta.exorlive.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 10:40:02 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S8KZP73MXM&cid=1178485409.1729680003&gtm=45je4ah0v867573221z86248752za200zb6248752&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686685~101823848&tag_exp=101686685~101823848&z=934226207
Requested by
Host: auth.beta.exorlive.com
URL: https://auth.beta.exorlive.com/signin/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 23 Oct 2024 10:40:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

content-encoding
br
age
1476
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 11:15:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 10:15:26 GMT
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
697
x-xss-protection
0
server
sffe
attribution_trigger
px.ads.linkedin.com/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=1682708&time=1729680002787&url=https%3A%2F%2Fauth.beta.exorlive.com%2Fsignin%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Referer
https://auth.beta.exorlive.com/

Response headers

content-encoding
gzip
x-li-fabric
prod-lor1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
access-control-allow-methods
GET, OPTIONS
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
date
Wed, 23 Oct 2024 10:40:03 GMT
content-type
application/json
access-control-allow-headers
*
x-li-pop
afd-prod-ltx1-x
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-fs-uuid
0006252282262383e65f9fa10f2d7d7b
x-msedge-ref
Ref A: 5AC1D847B4A0481BBB804254A1913FC2 Ref B: DUS30EDGE0922 Ref C: 2024-10-23T10:40:02Z
x-restli-protocol-version
1.0.0
x-li-uuid
AAYlIoImI4PmX5+hDy19ew==
access-control-allow-origin
*
x-li-source-fabric
prod-ltx1
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1682708&time=1729680002787&url=https%3A%2F%2Fauth.beta.exorlive.com%2Fsignin%2F
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1682708&time=1729680002787&url=https%3A%2F%2Fauth.beta.exorlive.com%2Fsignin%2F&e_ipv6=AQIp1JB5Wm9a0wAAAZK49lCYxGHXSDU2I5bGgtHLWGC01UiHc2_QokqMMN...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1682708&time=1729680002787&url=https%3A%2F%2Fauth.beta.exorlive.com%2Fsignin%2F&e_ipv6=AQIp1JB5Wm9a0wAAAZK49lCYxGHXSDU2I5bGgtHLWGC01UiHc2_QokqMMNSVGmP-gTweRd1_MX8Ln0YLkrsRBe1X9Ksjlg
Requested by
Host: auth.beta.exorlive.com
URL: https://auth.beta.exorlive.com/signin/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E6EFA545DC8E4800AF9C26FE4846E681 Ref B: FRAEDGE1708 Ref C: 2024-10-23T10:40:03Z
x-li-fabric
prod-lor1
x-li-uuid
AAYlIoIuxBvDdOF6zhUbLw==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Wed, 23 Oct 2024 10:40:02 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1682708&time=1729680002787&url=https%3A%2F%2Fauth.beta.exorlive.com%2Fsignin%2F&e_ipv6=AQIp1JB5Wm9a0wAAAZK49lCYxGHXSDU2I5bGgtHLWGC01UiHc2_QokqMMNSVGmP-gTweRd1_MX8Ln0YLkrsRBe1X9Ksjlg
x-msedge-ref
Ref A: DAC97655C86947D2BBA2AF227E9C8654 Ref B: DUS30EDGE0706 Ref C: 2024-10-23T10:40:02Z
x-li-fabric
prod-lor1
x-li-uuid
AAYlIoIqQsP+tBBfEuRH7w==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
x-li-source-fabric
prod-ltx1
date
Wed, 23 Oct 2024 10:40:02 GMT
collect
www.google-analytics.com/j/ 		15 B
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=207078378&t=pageview&_s=1&dl=https%3A%2F%2Fauth.beta.exorlive.com%2Fsignin%2F&ul=de-de&de=UTF-8&dt=ExorLive%20single%20sign-on%20service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgAAjAAAAAC~&jid=1015336169&gjid=1963064504&cid=1178485409.1729680003&tid=UA-2637216-1&_gid=1183383152.1729680003&_slc=1&gtm=45He4ah0n71K5LZJSv6248752za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794736~101823847&npa=1&z=1247596655
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c0935607cbf6fcaad8a71f17607868dc86bc8c786530548c0a705e731dd08979
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://auth.beta.exorlive.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 10:40:02 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://auth.beta.exorlive.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2637216-1&cid=1178485409.1729680003&jid=1015336169&gjid=1963064504&_gid=1183383152.1729680003&npa=1&_u=aCDAgAAjAAAAAG~&z=455454373
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://auth.beta.exorlive.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 10:40:02 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://auth.beta.exorlive.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
js
www.googletagmanager.com/gtag/ 		351 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S8KZP73MXM&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85e2de5ddd4d0543484807b268e13bac3a1cbda40971dc2b9ffaccc8ecc722f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 23 Oct 2024 10:40:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 10:40:02 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
114099
x-xss-protection
0
server
Google Tag Manager
/
px.ads.linkedin.com/wa/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://auth.beta.exorlive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 8F4806B0AB5D4EAC8977CCAD5A4D137E Ref B: DUS30EDGE0706 Ref C: 2024-10-23T10:40:03Z
x-li-fabric
prod-lor1
access-control-allow-credentials
true
x-li-uuid
AAYlIoIxsWJ/hIqH/UfEQg==
x-li-proto
http/2
access-control-allow-origin
https://auth.beta.exorlive.com
x-cache
CONFIG_NOCACHE
date
Wed, 23 Oct 2024 10:40:03 GMT
vary
Origin
fbevents.js
connect.facebook.net/en_US/ 		228 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: auth.beta.exorlive.com
URL: https://auth.beta.exorlive.com/signin/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 10:40:03 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4459, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
5R6r97sNAWgvXNX6vVRDKd3bi2pTYCCsTLbfzRP9BOeA7u+hgBXvU4QLtB3hxGTNk4iKbE0M4GPpczMy5+39wQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59508
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=207078378&t=event&ni=1&_s=1&dl=https%3A%2F%2Fauth.beta.exorlive.com%2Fsignin%2F&ul=de-de&de=UTF-8&dt=ExorLive%20single%20sign-on%20service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25&el=vertical&_u=aCHAgEAjAAAAAGAAI~&jid=&gjid=&cid=1178485409.1729680003&tid=UA-2637216-1&_gid=1183383152.1729680003&gtm=45He4ah0n71K5LZJSv6248752za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794736~101823847&npa=1&z=1461747474
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

age
24177
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 03:57:06 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=207078378&t=event&ni=1&_s=1&dl=https%3A%2F%2Fauth.beta.exorlive.com%2Fsignin%2F&ul=de-de&de=UTF-8&dt=ExorLive%20single%20sign-on%20service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=50&el=vertical&_u=aCHAgEAjAAAAAGAAI~&jid=&gjid=&cid=1178485409.1729680003&tid=UA-2637216-1&_gid=1183383152.1729680003&gtm=45He4ah0n71K5LZJSv6248752za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794736~101823847&npa=1&z=1032939642
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

age
24177
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 03:57:06 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=207078378&t=event&ni=1&_s=1&dl=https%3A%2F%2Fauth.beta.exorlive.com%2Fsignin%2F&ul=de-de&de=UTF-8&dt=ExorLive%20single%20sign-on%20service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=75&el=vertical&_u=aCHAgEAjAAAAAGAAI~&jid=&gjid=&cid=1178485409.1729680003&tid=UA-2637216-1&_gid=1183383152.1729680003&gtm=45He4ah0n71K5LZJSv6248752za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794736~101823847&npa=1&z=1637964882
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

age
24177
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 03:57:06 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=207078378&t=event&ni=1&_s=1&dl=https%3A%2F%2Fauth.beta.exorlive.com%2Fsignin%2F&ul=de-de&de=UTF-8&dt=ExorLive%20single%20sign-on%20service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=100&el=vertical&_u=aCHAgEAjAAAAAGAAI~&jid=&gjid=&cid=1178485409.1729680003&tid=UA-2637216-1&_gid=1183383152.1729680003&gtm=45He4ah0n71K5LZJSv6248752za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794736~101823847&npa=1&z=1861671318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

age
24177
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 03:57:06 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
favicon.ico
auth.beta.exorlive.com/ 		204 KB
204 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://auth.beta.exorlive.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.113.2.52 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63ec5e8e56eff72623b1b2efd61a17dc334d1b7ad7ebfa79f2cdbd3e107a914c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/signin/

Response headers

Accept-Ranges
bytes
Content-Length
208677
Date
Wed, 23 Oct 2024 10:40:03 GMT
ETag
"0471ca76c1adb1:0"
Content-Type
image/x-icon
Last-Modified
Wed, 09 Oct 2024 16:59:50 GMT
517013645114217
connect.facebook.net/signals/config/ 		66 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/517013645114217?v=2.9.173&r=stable&domain=auth.beta.exorlive.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1ac054ed047262236f5c87133bc14bf7860c4d769454142f38550c092906238d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 10:40:03 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=73, mss=1232, tbw=68102, tp=66, tpl=0, uplat=123, ullat=1
pragma
public
x-fb-debug
n/RWangfxQxNP86ni+QvqsJL3Z4yAwPfGEj0zRhrLH/C6gKOHVPdmw6ZLWoQHyL2u8iRvvlJXRo/NFUIIclNQw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=517013645114217&ev=PageView&dl=https%3A%2F%2Fauth.beta.exorlive.com%2Fsignin%2F&rl=&if=false&ts=1729680003837&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=12318&fbp=fb.1.1729680003834.823786572642589658&ler=empty&cdl=API_unavailable&it=1729680003674&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1328, tbw=2958, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 23 Oct 2024 10:40:03 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=517013645114217&ev=PageView&dl=https%3A%2F%2Fauth.beta.exorlive.com%2Fsignin%2F&rl=&if=false&ts=1729680003837&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=12318&fbp=fb.1.1729680003834.823786572642589658&ler=empty&cdl=API_unavailable&it=1729680003674&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428919046903739261"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 10:40:03 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428919046903739261", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
2ZKKpWE1JnoLAEH22PgtRPcC6claHvLNh0oXLfHrFq6UxPzSXvMtZKd3ODlRSosccExIgwYGfKLIP2oBs+u/hw==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=15, mss=1328, tbw=3275, tp=-1, tpl=-1, uplat=145, ullat=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-S8KZP73MXM&gtm=45je4ah0v867573221za200zb6248752&_p=1729680002430&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685~101823848&cid=1178485409.1729680003&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1729680002&sct=1&seg=0&dl=https%3A%2F%2Fauth.beta.exorlive.com%2Fsignin%2F&dt=ExorLive%20single%20sign-on%20service&en=scroll&epn.percent_scrolled=90&_et=11&tfd=5847
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S8KZP73MXM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://auth.beta.exorlive.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://auth.beta.exorlive.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 10:40:07 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| SHA1 object| dataLayer object| CONFIG function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events function| pageLoad object| ExorLive object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| lintrk boolean| _already_called_lintrk object| ORIBILI function| fbq function| _fbq

13 Cookies

Domain/Path Name / Value
.exorlive.com/ Name: ASP.NET_SessionId
Value: qpqw1evtx1w5ddsj50p0vplt
.auth.beta.exorlive.com/ Name: ARRAffinity
Value: e048e466320c7618058aeee43fbcf3d5dc60a6f744d99dae10a8b4da662b84cb
.auth.beta.exorlive.com/ Name: ARRAffinitySameSite
Value: e048e466320c7618058aeee43fbcf3d5dc60a6f744d99dae10a8b4da662b84cb
.exorlive.com/ Name: _ga_S8KZP73MXM
Value: GS1.1.1729680002.1.0.1729680002.60.0.0
.auth.beta.exorlive.com/ Name: _ga
Value: GA1.4.1178485409.1729680003
.auth.beta.exorlive.com/ Name: _gid
Value: GA1.4.1183383152.1729680003
.auth.beta.exorlive.com/ Name: _dc_gtm_UA-2637216-1
Value: 1
.linkedin.com/ Name: bcookie
Value: "v=2&abbd2365-8b17-45d8-8d65-70c085c01e42"
.linkedin.com/ Name: li_gc
Value: MTswOzE3Mjk2ODAwMDM7MjswMjFDYQMAju0tv9gxHX1N/4HrUu9M6KybUVkw1bGNToPEWw==
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=3007:u=1:x=1:i=1729680003:t=1729766403:v=2:sig=AQFLI1TgtPhfjaacs_BBBSJd2a5gzXul"
.exorlive.com/ Name: _ga
Value: GA1.2.1178485409.1729680003
.exorlive.com/ Name: _gid
Value: GA1.2.1183383152.1729680003
.exorlive.com/ Name: _fbp
Value: fb.1.1729680003834.823786572642589658

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.beta.exorlive.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
13.107.42.14
2001:4860:4802:32::36
2620:1ec:21::14
2a00:1450:4001:801::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9c
2a02:26f0:480:15::213:7e63
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
40.113.2.52
00e445269ea2a7eb2b21b3d85bf6211f1391bd64bde80355baa32c82b93b3ce2
0e223e236152940036eb701ef9e7af7fab84b687c222ee90005fdca110c87e27
1ac054ed047262236f5c87133bc14bf7860c4d769454142f38550c092906238d
259d21b26c5cda442078405fca353b8a1711876b8ea1289ff7240c3c50bd9d01
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
439b7cbeae7f2d2ba04ba98dfe6a4f7e3085b5b6b54ab31f8f2d41291d906f52
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
63ec5e8e56eff72623b1b2efd61a17dc334d1b7ad7ebfa79f2cdbd3e107a914c
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b3e643b647ad1172a34e4c43d2eef9326045ddb7cc60aa811e978918801f684
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85e2de5ddd4d0543484807b268e13bac3a1cbda40971dc2b9ffaccc8ecc722f9
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95bc1e23e91bc277b5fd9541524d2dd20097420ce7b4acc9dbe4b9a13da0cf4f
a6185b6327ee3347ac679aeebad2c5b63f468b4509bbd84c2908db0c9349028b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
c0935607cbf6fcaad8a71f17607868dc86bc8c786530548c0a705e731dd08979
cd0d5fc1a31c1a1698f4c503f46c948f47c7aed85b5109eb793ddf1ded186e82
d0161bdbfd1f987eef480be07c6debf9c827cdbae3de679fe8d99e05db92bbcb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef80d027a2194ed0ee6ec62e9189d963a07c701fe4acea3a875557306de79186