urlscan.io logo urlscan.io
SecurityTrails logo

wp-173-update-terms-by-geo.avrora-app.com Open in urlscan Pro
143.204.228.62  Public Scan

Go To Rescan Add Verdict Report
URL: https://wp-173-update-terms-by-geo.avrora-app.com/
Submission: On September 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 15 domains to perform 65 HTTP transactions. The main IP is 143.204.228.62, located in United States and belongs to AMAZON-02, US. The main domain is wp-173-update-terms-by-geo.avrora-app.com.
TLS certificate: Issued by Amazon on September 13th 2021. Valid for: a year.
This is the only time wp-173-update-terms-by-geo.avrora-app.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    143.204.228.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-228-62.cdg3.r.cloudfront.net
wp-173-update-terms-by-geo.avrora-app.com
4    2a00:1450:4007:812::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4007:815::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f042:110:face:b00c:0:3 (Marseille, France)

ASN32934 (FACEBOOK, US)
connect.facebook.net
7    23.55.58.240 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-58-240.deploy.static.akamaitechnologies.com
analytics.tiktok.com
6    54.226.2.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-2-33.compute-1.amazonaws.com
api.panda.boosters.company
4    52.34.78.238 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-78-238.us-west-2.compute.amazonaws.com
api.amplitude.com
2    208.95.112.2 (United States)

ASN53334 (TUT-AS, US)
pro.ip-api.com
2    2a00:1450:4007:816::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4007:80d::200a (Ireland)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
3    2a03:2880:f130:83:face:b00c:0:25de (France)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4007:816::200a (Ireland)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
2    2a00:1450:4007:80b::200e (Ireland)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4007:818::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.201.162 (United States)

ASN15169 (GOOGLE, US)
PTR: par21s23-in-f2.1e100.net
www.googleadservices.com
4    2a00:1450:4007:80f::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4007:815::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4007:806::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4007:813::200a (Ireland)

ASN15169 (GOOGLE, US)
firebaseremoteconfig.googleapis.com
1    2a00:1450:4007:80f::200a (None, )

ASN- ()
firebaselogging-pa.googleapis.com
Domain Requested by
7 analytics.tiktok.com wp-173-update-terms-by-geo.avrora-app.com
analytics.tiktok.com
6 api.panda.boosters.company wp-173-update-terms-by-geo.avrora-app.com
6 wp-173-update-terms-by-geo.avrora-app.com wp-173-update-terms-by-geo.avrora-app.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 firebaseremoteconfig.googleapis.com wp-173-update-terms-by-geo.avrora-app.com
4 www.google.de wp-173-update-terms-by-geo.avrora-app.com
4 api.amplitude.com wp-173-update-terms-by-geo.avrora-app.com
4 www.googletagmanager.com wp-173-update-terms-by-geo.avrora-app.com
www.googletagmanager.com
3 www.google.com wp-173-update-terms-by-geo.avrora-app.com
3 www.facebook.com 1 redirects wp-173-update-terms-by-geo.avrora-app.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 firebaseinstallations.googleapis.com wp-173-update-terms-by-geo.avrora-app.com
2 firebase.googleapis.com wp-173-update-terms-by-geo.avrora-app.com
2 fonts.gstatic.com fonts.googleapis.com
2 pro.ip-api.com wp-173-update-terms-by-geo.avrora-app.com
2 connect.facebook.net wp-173-update-terms-by-geo.avrora-app.com
connect.facebook.net
2 fonts.googleapis.com wp-173-update-terms-by-geo.avrora-app.com
1 firebaselogging-pa.googleapis.com wp-173-update-terms-by-geo.avrora-app.com
1 www.googleadservices.com www.googletagmanager.com
65 21

This site contains no links.

Subject Issuer Validity Valid
wp-173-update-terms-by-geo.avrora-app.com
Amazon		 2021-09-13 -
2022-10-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-06-24 -
2021-09-22		 3 months crt.sh
*.tiktok.com
RapidSSL RSA CA 2018		 2019-11-14 -
2022-01-12		 2 years crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2020-02-18 -
2022-02-13		 2 years crt.sh
api.panda.boosters.company
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-05 -
2021-11-04		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://wp-173-update-terms-by-geo.avrora-app.com/
Frame ID: 21C4F44D42F0E64F319012813487B88B
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Improve Your Sleep

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

65
Requests

100 %
HTTPS

71 %
IPv6

15
Domains

21
Subdomains

22
IPs

5
Countries

1525 kB
Transfer

3901 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://www.facebook.com/tr/?id=520901359294717&ev=PageView&dl=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&rl=&if=false&ts=1631577672275&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631577672273.1647192806&it=1631577672131&coo=false&exp=p0&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&ec=0&ev=PageView&exp=p0&fbp=fb.1.1631577672273.1647192806&id=520901359294717&if=false&it=1631577672131&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1631577672275&v=2.9.45

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wp-173-update-terms-by-geo.avrora-app.com/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wp-173-update-terms-by-geo.avrora-app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.228.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-228-62.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be1de331a31f21253976ea09c0af8927d360b8d91f8686dfc695d2313f257d70

Request headers

:method
GET
:authority
wp-173-update-terms-by-geo.avrora-app.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
date
Mon, 13 Sep 2021 11:00:36 GMT
last-modified
Mon, 13 Sep 2021 10:40:01 GMT
etag
W/"2ee7d2e5fec885b284b661d90a7dc226"
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 4bcfcdbfcae1bee0825046166b05b4f2.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG3-C1
x-amz-cf-id
CmmjeVjVBTwZZjc3Eud_lJGKqJXZYHuEAQRiU-uYVOvYJCUzVOGlnA==
age
46831
js
www.googletagmanager.com/gtag/ 		104 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-145336162-1
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:812::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
456aaf93f16cb2efd474f36b7c16886250d4fec6cb367f3fa39c10bf18d3c274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 00:01:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42134
x-xss-protection
0
expires
Tue, 14 Sep 2021 00:01:12 GMT
css2
fonts.googleapis.com/ 		5 KB
697 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:815::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9c65db554d57f17a964bee80b4c94050e40f3a692852cf0ca2fdb9612c83273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 00:01:12 GMT
server
ESF
date
Tue, 14 Sep 2021 00:01:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 00:01:12 GMT
2.733a29bf.chunk.css
wp-173-update-terms-by-geo.avrora-app.com/static/css/ 		54 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wp-173-update-terms-by-geo.avrora-app.com/static/css/2.733a29bf.chunk.css
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.228.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-228-62.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06f7069474e8b942d40a92fbe4997d5d866c514c2383fd44d3258cdf79ea4c5d

Request headers

:path
/static/css/2.733a29bf.chunk.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
wp-173-update-terms-by-geo.avrora-app.com
referer
https://wp-173-update-terms-by-geo.avrora-app.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 11:48:43 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 10:40:01 GMT
server
AmazonS3
age
43944
etag
W/"b5963a7e609cedbf0231b6732a262372"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 4bcfcdbfcae1bee0825046166b05b4f2.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG3-C1
x-amz-cf-id
ZqK2yjtkPFqf86goJeaGmpD3y7fTVJjCiWkHfPvd0HY0tCMmcidA7g==
main.cdf16616.chunk.css
wp-173-update-terms-by-geo.avrora-app.com/static/css/ 		135 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wp-173-update-terms-by-geo.avrora-app.com/static/css/main.cdf16616.chunk.css
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.228.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-228-62.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d68fa23a64e0f652da77f0f82d5d87bdf73d1864a7349646a36904cf2450e3fc

Request headers

:path
/static/css/main.cdf16616.chunk.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
wp-173-update-terms-by-geo.avrora-app.com
referer
https://wp-173-update-terms-by-geo.avrora-app.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 11:48:43 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 10:40:01 GMT
server
AmazonS3
age
43944
etag
W/"c7be1f74897b5602d4cea5df539cf095"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 4bcfcdbfcae1bee0825046166b05b4f2.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG3-C1
x-amz-cf-id
rnbRhcRU3zLPuFCBAEBohr0iYcIFBUb6pS1ZtGAsat6P_5n8bA0GYw==
2.190bb646.chunk.js
wp-173-update-terms-by-geo.avrora-app.com/static/js/ 		2 MB
452 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wp-173-update-terms-by-geo.avrora-app.com/static/js/2.190bb646.chunk.js
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.228.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-228-62.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5ae0dc4beeb3fffdc8e1fac2d7e78bab1f42856c0cbca3ade7ac6a28d554ab2

Request headers

:path
/static/js/2.190bb646.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
wp-173-update-terms-by-geo.avrora-app.com
referer
https://wp-173-update-terms-by-geo.avrora-app.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 11:48:43 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 10:40:01 GMT
server
AmazonS3
age
43944
etag
W/"a853c2e288e36915cec7e8d0711dd16b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4bcfcdbfcae1bee0825046166b05b4f2.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG3-C1
x-amz-cf-id
dHmypA1U1IcRa8YnPTcxBUyH3PTdbGzCPsWxxFKXMLlojpxvqjk96Q==
main.56fdb206.chunk.js
wp-173-update-terms-by-geo.avrora-app.com/static/js/ 		459 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wp-173-update-terms-by-geo.avrora-app.com/static/js/main.56fdb206.chunk.js
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.228.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-228-62.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eec0b2b909505edad1a1c9518ebb3d71fc974d0991e166ed0766385200ff763e

Request headers

:path
/static/js/main.56fdb206.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
wp-173-update-terms-by-geo.avrora-app.com
referer
https://wp-173-update-terms-by-geo.avrora-app.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 11:48:43 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 10:40:01 GMT
server
AmazonS3
age
43944
etag
W/"ba3e7d95cf7a2b29571586742959ffff"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4bcfcdbfcae1bee0825046166b05b4f2.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG3-C1
x-amz-cf-id
RfrZ2K03tevC_E77SEvGTYp7qxclJTQYlX9u7pzk3pzrrYGAgAduuw==
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:110:face:b00c:0:3 Marseille, France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25999
x-xss-protection
0
pragma
public
x-fb-debug
scHxvJ19aNqrMqCkaU5bCW4PFX0nJhxuBGtB41e9x3Unx+gSY5ra+NfSyxBFeMRNeVHIQfzYHTRqxupMaW1BlA==
x-fb-trip-id
512678718
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 14 Sep 2021 00:01:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		113 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3MREF7B3D4L4OG4TUA0&lib=ttq
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.58.240 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-58-240.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ac28ee4c234de329ce740ef7ec8af26cec56ac1a0968eafd882b780c9d0bf036

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-akamai-request-id
5bb6f614.d907fcd
date
Tue, 14 Sep 2021 00:01:12 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-61-205-44.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-55-58-236.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
164,23.55.58.236
server-timing
cdn-cache; desc=MISS, edge; dur=160, origin; dur=4, inner; dur=4
pragma
no-cache
server
nginx
x-tt-logid
2021091400011201024502415833CCD60B
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
4,23.61.205.44
x-tt-trace-host
013e08d49e97bc9a5e48eea53862f88d3eb1c96a140e7ff73d8bbb6bb98918536d6bd654758548dd920adf5ea0fe925aeabebdc9753d7a70f0e9275f16da27324908a899270c608b3bd350e96c7312c8da4a34e19ae4a87b93e5fc906df8db550ce8b9584385cf463d372ebe9dca5a93c3
expires
Tue, 14 Sep 2021 00:01:12 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/static/css/2.733a29bf.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:815::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d58a30fcfbffc91a5f721e1fdca35bf56a59d26ddc9a809e6f8b1c031fc65c57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 22:55:18 GMT
server
ESF
date
Tue, 14 Sep 2021 00:01:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 00:01:12 GMT
520901359294717
connect.facebook.net/signals/config/ 		306 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/520901359294717?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:110:face:b00c:0:3 Marseille, France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1818a9401200aaeab5b895daa9086f616c4ceced9c48409d52229dc74f369d15
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
iZB37urLQhcH6QgV98Waa8Z066aqbLlS+eGRJPu7HJSjBDo/bv6nqPosPb2rF5Ep9PlieOo2Hyh0ES7S6keg9w==
x-fb-trip-id
512678718
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 14 Sep 2021 00:01:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
users
api.panda.boosters.company/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.panda.boosters.company/v1/users
Protocol
H2
Server
54.226.2.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-226-2-33.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,content-type
Origin
https://wp-173-update-terms-by-geo.avrora-app.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Sep 2021 00:01:17 GMT
x-amzn-requestid
b845ea88-b26e-47a0-a71b-ec569043801f
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id
FoDsJHiEoAMFt6w=
access-control-allow-methods
OPTIONS,GET,PUT,POST,DELETE,PATCH,HEAD
/
api.amplitude.com/ 		7 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/static/js/2.190bb646.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.78.238 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-78-238.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 14 Sep 2021 00:01:17 GMT
content-length
7
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
users
api.panda.boosters.company/v1/ 		45 B
369 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.panda.boosters.company/v1/users
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/static/js/main.56fdb206.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.226.2.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-226-2-33.compute-1.amazonaws.com
Software
/
Resource Hash
d071abaacd14d4691b5725e5ea3e1909b3c862c8d78e5258db312a27fb3d4000
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
Authorization
kw2qAZKuRRKPNDot1A8IfTpmpwbX1x7w
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:17 GMT
x-content-type-options
nosniff
x-amzn-requestid
0d93ef4e-6883-40b7-bb8f-aae994584dd4
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
x-amzn-trace-id
Root=1-613fe64d-0b7b800d52cfa63a09b42098;Sampled=0
access-control-allow-credentials
true
x-amz-apigw-id
FoDsKGkHIAMF9uw=
content-length
45
x-xss-protection
1; mode=block
json
pro.ip-api.com/ 		271 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?key=sYULDPdGKmVy5BO
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/static/js/main.56fdb206.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
208.95.112.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
01417645e08811b3d4746ddb1597e298101fa810ca9a91b9e01157762b5a81f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Sep 2021 00:01:17 GMT
Content-Length
271
Content-Type
application/json; charset=utf-8
json
pro.ip-api.com/ 		271 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?key=sYULDPdGKmVy5BO
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/static/js/main.56fdb206.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
208.95.112.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
01417645e08811b3d4746ddb1597e298101fa810ca9a91b9e01157762b5a81f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Sep 2021 00:01:17 GMT
Content-Length
271
Content-Type
application/json; charset=utf-8
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1dc73fe23c003bdc931370944c0a1bf81399e2083664c94d2b7600e66f111f27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
groupPhones.af75038e.png
wp-173-update-terms-by-geo.avrora-app.com/static/media/ 		434 KB
435 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wp-173-update-terms-by-geo.avrora-app.com/static/media/groupPhones.af75038e.png
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/static/css/main.cdf16616.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.228.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-228-62.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46765b3018017e486b03dedd783c975ebf94c9209bac77cbb4b92ab2fd2ec6b9

Request headers

:path
/static/media/groupPhones.af75038e.png
pragma
no-cache
cookie
amp_4f3405=dAr_3UQ9YZLqlhSt0vMIgR...1ffgpn2gl.1ffgpn2gs.1.0.1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
wp-173-update-terms-by-geo.avrora-app.com
referer
https://wp-173-update-terms-by-geo.avrora-app.com/static/css/main.cdf16616.chunk.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/static/css/main.cdf16616.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 11:48:46 GMT
via
1.1 4bcfcdbfcae1bee0825046166b05b4f2.cloudfront.net (CloudFront)
last-modified
Mon, 13 Sep 2021 10:40:01 GMT
server
AmazonS3
age
43947
etag
"af75038e5ba94826067cef3becddfd41"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
CDG3-C1
accept-ranges
bytes
content-length
444266
x-amz-cf-id
CCOzg2NuKSi5JYBS-oOTxjfoCkvCrIX2Q28Ip7mfag1H2XVWaiW1Fw==
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:816::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wp-173-update-terms-by-geo.avrora-app.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 01:42:02 GMT
x-content-type-options
nosniff
age
598755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Sep 2022 01:42:02 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:816::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wp-173-update-terms-by-geo.avrora-app.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 00:26:23 GMT
x-content-type-options
nosniff
age
257694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 00:26:23 GMT
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:923256167078:web:f7c283ae25beab80497267/ 		349 B
424 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:923256167078:web:f7c283ae25beab80497267/webConfig
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/static/js/2.190bb646.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
154259ec722ef647e8edcbfc346beb3c4b44907f162278a5654c2888550b837a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
x-goog-api-key
AIzaSyBPc3NjgdzdVOa2DfOsLUWAmZjuPK8lRNw
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 00:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wp-173-update-terms-by-geo.avrora-app.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
234
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:923256167078:web:f7c283ae25beab80497267/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:923256167078:web:f7c283ae25beab80497267/webConfig
Protocol
H2
Server
2a00:1450:4007:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-goog-api-key
Origin
https://wp-173-update-terms-by-geo.avrora-app.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://wp-173-update-terms-by-geo.avrora-app.com
vary
origin referer x-origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
x-goog-api-key
access-control-max-age
3600
date
Tue, 14 Sep 2021 00:01:17 GMT
content-type
text/html
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
js
www.googletagmanager.com/gtag/ 		130 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3LBV0FN8R4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145336162-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:812::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
51aac45d16f2194ad3b0ea40fca7605b3fbcfb04f8d6d70b92ee2485576b0544
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 00:01:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51856
x-xss-protection
0
expires
Tue, 14 Sep 2021 00:01:12 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-689496631&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145336162-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:812::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f088c4fdb70adc4f11d4d7fff13ee97192e20a4e2cb6260050acf9ee3c18bf7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 00:01:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39330
x-xss-protection
0
expires
Tue, 14 Sep 2021 00:01:12 GMT
/
www.facebook.com/tr/
Redirect Chain
  • https://www.facebook.com/tr/?id=520901359294717&ev=PageView&dl=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&rl=&if=false&ts=1631577672275&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0...
  • https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&ec=0&ev=PageView&exp=p0&fbp=fb.1.1631577672273.1647192806&id=520901359294717&if=false&it=...
44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&ec=0&ev=PageView&exp=p0&fbp=fb.1.1631577672273.1647192806&id=520901359294717&if=false&it=1631577672131&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1631577672275&v=2.9.45
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/o/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 00:01:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 14 Sep 2021 00:01:17 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:17 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/plain
location
/tr/?coo=false&dl=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&ec=0&ev=PageView&exp=p0&fbp=fb.1.1631577672273.1647192806&id=520901359294717&if=false&it=1631577672131&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1631577672275&v=2.9.45
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
expires
0
installations
firebaseinstallations.googleapis.com/v1/projects/sleep-booster/ 		578 B
642 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/sleep-booster/installations
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/static/js/2.190bb646.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:816::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb01e1766d35581a15db5231d1ea24bc6791cfc702123c3b698c5a40fd48ea3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
x-goog-api-key
AIzaSyBPc3NjgdzdVOa2DfOsLUWAmZjuPK8lRNw
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 14 Sep 2021 00:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wp-173-update-terms-by-geo.avrora-app.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
452
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/sleep-booster/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/sleep-booster/installations
Protocol
H2
Server
2a00:1450:4007:816::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-goog-api-key
Origin
https://wp-173-update-terms-by-geo.avrora-app.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://wp-173-update-terms-by-geo.avrora-app.com
vary
origin referer x-origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
content-type,x-goog-api-key
access-control-max-age
3600
date
Tue, 14 Sep 2021 00:01:17 GMT
content-type
text/html
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3MREF7B3D4L4OG4TUA0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.58.240 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-58-240.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-akamai-request-id
57b6c769.d90804f
date
Tue, 14 Sep 2021 00:01:12 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-61-205-31.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-55-58-236.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
167,23.55.58.236
server-timing
cdn-cache; desc=MISS, edge; dur=162, origin; dur=5, inner; dur=0
pragma
no-cache
server
nginx
x-tt-logid
2021091400011201024504918340EB026B
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.61.205.31
x-tt-trace-host
013e08d49e97bc9a5e48eea53862f88d3eb1c96a140e7ff73d8bbb6bb98918536df6416387a0b2620c7dded55afef58cd89893259d81f0698b8aafe73f5b9ca6669d277f4b8915aad34d6cfce04a83817fcd06036b526132acc97c6475dbf6cac2b10257ad3fe6b04209340d51747f0ccb
expires
Tue, 14 Sep 2021 00:01:12 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		691 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C3MREF7B3D4L4OG4TUA0&hostname=wp-173-update-terms-by-geo.avrora-app.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3MREF7B3D4L4OG4TUA0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.58.240 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-58-240.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
15e5fdc62d6e54ce7f4fbb5b956ed352843d63f6ed1654af72bc126e02212753

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-akamai-request-id
800a9695.d908068
date
Tue, 14 Sep 2021 00:01:12 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-44-4-71.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-55-58-236.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
170,23.55.58.236
server-timing
cdn-cache; desc=MISS, edge; dur=160, origin; dur=10, inner; dur=4
content-length
310
pragma
no-cache
server
nginx
x-tt-logid
2021091400011201024506219235D54BA7
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
10,23.44.4.71
x-tt-trace-host
013e08d49e97bc9a5e48eea53862f88d3eb1c96a140e7ff73d8bbb6bb98918536dfdfdfbef67cdb14072b9487df050259a73ede213c451c06a9dd233ba3502b0e60e349b7416cc2a805b6ca5737d8fe458064e9f268e329d9e8effcf30849857fc32c7976c6019c1448abf9aeaee888867
expires
Tue, 14 Sep 2021 00:01:12 GMT
collect
analytics.google.com/g/ 		0
386 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-3LBV0FN8R4&gtm=2oe9d0&_p=2081404125&sr=1600x1200&_gaz=1&ul=en-us&cid=988423901.1631577672&_s=1&dl=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&dt=Improve%20Your%20Sleep&sid=1631577672&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3LBV0FN8R4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wp-173-update-terms-by-geo.avrora-app.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
357 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3LBV0FN8R4&cid=988423901.1631577672&gtm=2oe9d0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3LBV0FN8R4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wp-173-update-terms-by-geo.avrora-app.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145336162-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:818::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4917
date
Mon, 13 Sep 2021 22:39:20 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 14 Sep 2021 00:39:20 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-689496631&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
par21s23-in-f2.1e100.net
Software
cafe /
Resource Hash
88c499036f299aafbdcdef6835746230e563a1800997b1c2695e6a3c96a9d3d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 00:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
server
cafe
etag
8182713160943572198
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 00:01:17 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3LBV0FN8R4&cid=988423901.1631577672&gtm=2oe9d0&aip=1&z=1014843125
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/o/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
710 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3MREF7B3D4L4OG4TUA0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.58.240 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-58-240.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
57b6cbc5.d9080c0
date
Tue, 14 Sep 2021 00:01:12 GMT
x-cache-remote
TCP_MISS from a23-61-205-31.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-55-58-236.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
175,23.55.58.236
server-timing
cdn-cache; desc=MISS, edge; dur=162, origin; dur=13, inner; dur=8
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2021091400011201024506219247C99BC3
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
13,23.61.205.31
x-tt-trace-host
013e08d49e97bc9a5e48eea53862f88d3eb1c96a140e7ff73d8bbb6bb98918536df6416387a0b2620c7dded55afef58cd89893259d81f0698b8aafe73f5b9ca6666d34c79372617580c6a159120e45ce454b251cf143e4346b86c462f52869765f7fd3242aa9feb0f954f608a28c3ef399
expires
Tue, 14 Sep 2021 00:01:12 GMT
/
www.facebook.com/tr/ 		44 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=520901359294717&ev=Microdata&dl=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&rl=&if=false&ts=1631577672777&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Improve%20Your%20Sleep%22%2C%22meta%3Adescription%22%3A%22Best%20App%20to%20Improve%20Your%20Sleep%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Improve%20Your%20Sleep%22%2C%22og%3Adescription%22%3A%22Best%20App%20to%20Improve%20Your%20Sleep%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22%2Fimages%2FgroupPhones.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Favrora-app.com%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1631577672273.1647192806&it=1631577672131&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/o/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 00:01:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 14 Sep 2021 00:01:17 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EZKLCQYKL1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145336162-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:812::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc282706120027e2b94ae36cd90f116ca334f9019a08a4e327aa73bfec26387f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 00:01:17 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44550
x-xss-protection
0
expires
Tue, 14 Sep 2021 00:01:17 GMT
collect
www.google-analytics.com/g/ 		0
189 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-EZKLCQYKL1&gtm=2oe9d0&_p=2081404125&sr=1600x1200&ul=en-us&_fid=eTo8ak89y4nZ6_eBesYNcq&cid=988423901.1631577672&_s=1&dl=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&dt=Improve%20Your%20Sleep&sid=1631577677&sct=1&seg=0&en=page_view&_fv=1&_ss=2&ep.origin=firebase
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EZKLCQYKL1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:818::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wp-173-update-terms-by-geo.avrora-app.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/689496631/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/689496631/?random=1631577677510&cv=9&fst=1631577677510&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&tiba=Improve%20Your%20Sleep&tc=x&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:815::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34cc25b1d74d20636dfbae391a35c2fe1db7cb75e6800bae32b12a9af59fe027
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1039
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2081404125&t=pageview&_s=1&dl=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&ul=en-us&de=UTF-8&dt=Improve%20Your%20Sleep&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1054328237&gjid=2123760433&cid=988423901.1631577672&tid=UA-145336162-1&_gid=1421013347.1631577678&_r=1&gtm=2ou9d0&z=1514055499
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:818::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wp-173-update-terms-by-geo.avrora-app.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-145336162-1&cid=988423901.1631577672&jid=1054328237&gjid=2123760433&_gid=1421013347.1631577678&_u=YADAAUAAAAAAAC~&z=1051657725
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 14 Sep 2021 00:01:17 GMT
content-type
text/plain
access-control-allow-origin
https://wp-173-update-terms-by-geo.avrora-app.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-145336162-1&cid=988423901.1631577672&jid=1054328237&_u=YADAAUAAAAAAAC~&z=164195220
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/o/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-145336162-1&cid=988423901.1631577672&jid=1054328237&_u=YADAAUAAAAAAAC~&z=164195220
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/o/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/sleep-booster/namespaces/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/sleep-booster/namespaces/firebase:fetch?key=AIzaSyBPc3NjgdzdVOa2DfOsLUWAmZjuPK8lRNw
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/static/js/2.190bb646.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:813::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f50435b77d72b561e397d440a687bf28edcf15f9988f7af5621f4d9a12cb0915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Content-Encoding
gzip
If-None-Match
*
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Sep 2021 00:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
etag
etag-sleep-booster-firebase-fetch-100961702
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wp-173-update-terms-by-geo.avrora-app.com
access-control-expose-headers
etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
1494
x-xss-protection
0
firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/sleep-booster/namespaces/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/sleep-booster/namespaces/firebase:fetch?key=AIzaSyBPc3NjgdzdVOa2DfOsLUWAmZjuPK8lRNw
Protocol
H2
Server
2a00:1450:4007:813::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-encoding,content-type,if-none-match
Origin
https://wp-173-update-terms-by-geo.avrora-app.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://wp-173-update-terms-by-geo.avrora-app.com
vary
origin referer x-origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
content-encoding,content-type,if-none-match
access-control-max-age
3600
date
Tue, 14 Sep 2021 00:01:22 GMT
content-type
text/html
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fd98a0c0-18ca-4b30-b993-1e451e47d569
api.panda.boosters.company/v1/users/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.panda.boosters.company/v1/users/fd98a0c0-18ca-4b30-b993-1e451e47d569
Protocol
H2
Server
54.226.2.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-226-2-33.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type
Origin
https://wp-173-update-terms-by-geo.avrora-app.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Sep 2021 00:01:17 GMT
x-amzn-requestid
a2a355b2-b116-4664-ba2b-7c7ddfbd587a
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id
FoDsMF2OoAMFy9g=
access-control-allow-methods
OPTIONS,GET,PUT,POST,DELETE,PATCH,HEAD
fd98a0c0-18ca-4b30-b993-1e451e47d569
api.panda.boosters.company/v1/users/ 		500 B
820 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.panda.boosters.company/v1/users/fd98a0c0-18ca-4b30-b993-1e451e47d569
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/static/js/main.56fdb206.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.226.2.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-226-2-33.compute-1.amazonaws.com
Software
/
Resource Hash
76ad238843988e26ae9b3fd8e0c8756d6794c1340ad8d9a90a9e31928f415d12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
Authorization
kw2qAZKuRRKPNDot1A8IfTpmpwbX1x7w
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:17 GMT
x-content-type-options
nosniff
x-amzn-requestid
ac3c8d50-0c19-41e2-949d-bb12b5634de3
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
x-amzn-trace-id
Root=1-613fe64d-3faf0abb15e60f8b0a06fcc1;Sampled=0
access-control-allow-credentials
true
x-amz-apigw-id
FoDsNGS-oAMFu_A=
content-length
500
x-xss-protection
1; mode=block
/
api.amplitude.com/ 		7 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/static/js/2.190bb646.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.78.238 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-78-238.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 14 Sep 2021 00:01:17 GMT
content-length
7
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
fd98a0c0-18ca-4b30-b993-1e451e47d569
api.panda.boosters.company/v1/users/ 		45 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.panda.boosters.company/v1/users/fd98a0c0-18ca-4b30-b993-1e451e47d569
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/static/js/main.56fdb206.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.226.2.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-226-2-33.compute-1.amazonaws.com
Software
/
Resource Hash
d071abaacd14d4691b5725e5ea3e1909b3c862c8d78e5258db312a27fb3d4000
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
Authorization
kw2qAZKuRRKPNDot1A8IfTpmpwbX1x7w
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:18 GMT
x-content-type-options
nosniff
x-amzn-requestid
1072c4e2-7909-4309-b401-1ee3ac1866a4
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
x-amzn-trace-id
Root=1-613fe64e-4a42d4a9152469157b3352eb;Sampled=0
access-control-allow-credentials
true
x-amz-apigw-id
FoDsQG-NoAMF4dQ=
content-length
45
x-xss-protection
1; mode=block
fd98a0c0-18ca-4b30-b993-1e451e47d569
api.panda.boosters.company/v1/users/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.panda.boosters.company/v1/users/fd98a0c0-18ca-4b30-b993-1e451e47d569
Protocol
H2
Server
54.226.2.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-226-2-33.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Access-Control-Request-Headers
authorization,content-type
Origin
https://wp-173-update-terms-by-geo.avrora-app.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Sep 2021 00:01:18 GMT
x-amzn-requestid
28e26d28-0d60-4e8d-87c0-eb3f314ac6b9
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id
FoDsPFhoIAMFibg=
access-control-allow-methods
OPTIONS,GET,PUT,POST,DELETE,PATCH,HEAD
/
www.google.com/pagead/1p-user-list/689496631/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/689496631/?random=1631577677510&cv=9&fst=1631577600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&tiba=Improve%20Your%20Sleep&async=1&fmt=3&is_vtc=1&random=1457938731&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/o/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/689496631/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/689496631/?random=1631577677510&cv=9&fst=1631577600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&tiba=Improve%20Your%20Sleep&async=1&fmt=3&is_vtc=1&random=1457938731&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/o/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/sleep-booster/namespaces/ 		1 KB
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/sleep-booster/namespaces/fireperf:fetch?key=AIzaSyBPc3NjgdzdVOa2DfOsLUWAmZjuPK8lRNw
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/static/js/2.190bb646.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:813::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0aedb71f50127566ef38ed55c13d309b966ad614207ca41a323e6953d9caf13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
Authorization
FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6OTIzMjU2MTY3MDc4OndlYjpmN2MyODNhZTI1YmVhYjgwNDk3MjY3IiwiZXhwIjoxNjMyMTgyNDc3LCJmaWQiOiJlVG84YWs4OXk0blo2X2VCZXNZTmNxIiwicHJvamVjdE51bWJlciI6OTIzMjU2MTY3MDc4fQ.AB2LPV8wRQIhAJreTryl47v-yPP-cRF5U3cWgo5csTZQbPV8Rty38sVdAiAfhGra16jIDNl3hS-yvQlY-_s15Ij730lu6S2qEyZwmQ
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Sep 2021 00:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
etag
etag-sleep-booster-fireperf-fetch--169787801
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wp-173-update-terms-by-geo.avrora-app.com
access-control-expose-headers
etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
420
x-xss-protection
0
fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/sleep-booster/namespaces/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/sleep-booster/namespaces/fireperf:fetch?key=AIzaSyBPc3NjgdzdVOa2DfOsLUWAmZjuPK8lRNw
Protocol
H2
Server
2a00:1450:4007:813::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization
Origin
https://wp-173-update-terms-by-geo.avrora-app.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://wp-173-update-terms-by-geo.avrora-app.com
vary
origin referer x-origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
authorization
access-control-max-age
3600
date
Tue, 14 Sep 2021 00:01:22 GMT
content-type
text/html
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
api.amplitude.com/ 		7 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/static/js/2.190bb646.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.78.238 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-78-238.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 14 Sep 2021 00:01:23 GMT
content-length
7
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/689496631/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/689496631/?random=1631577682934&cv=9&fst=1631577682934&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgen_ab_test%3Bparam_name%3Dweb_pricing_split%3Bparam_values%3D19&frm=0&url=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&tiba=Improve%20Your%20Sleep&tc=x&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:815::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e1a521781127305ad1f14d64b3e7e0c7ef8f714d61e10a4d634a7d3ca89d9d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1074
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=2081404125&t=event&_s=2&dl=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&ul=en-us&de=UTF-8&dt=Improve%20Your%20Sleep&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=gen_ab_test&_u=aADAAUABAAAAAC~&jid=&gjid=&cid=988423901.1631577672&tid=UA-145336162-1&_gid=1421013347.1631577678&gtm=2ou9d0&z=1940951880
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:818::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 21:24:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
9402
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
711 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3MREF7B3D4L4OG4TUA0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.58.240 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-58-240.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
57b73384.d90929d
date
Tue, 14 Sep 2021 00:01:23 GMT
x-cache-remote
TCP_MISS from a23-61-205-31.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-55-58-236.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
176,23.55.58.236
server-timing
cdn-cache; desc=MISS, edge; dur=163, origin; dur=13, inner; dur=8
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2021091400012301024504922923D3AB05
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
13,23.61.205.31
x-tt-trace-host
013e08d49e97bc9a5e48eea53862f88d3eb1c96a140e7ff73d8bbb6bb98918536df6416387a0b2620c7dded55afef58cd89893259d81f0698b8aafe73f5b9ca6669d277f4b8915aad34d6cfce04a83817f6aafddf8b2ff7f88c35df96efc2ce2b3c842d1f4fdc9ac61e12d98b02febc935
expires
Tue, 14 Sep 2021 00:01:23 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
707 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3MREF7B3D4L4OG4TUA0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.58.240 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-58-240.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
800adeb5.d90929f
date
Tue, 14 Sep 2021 00:01:23 GMT
x-cache-remote
TCP_MISS from a23-44-4-71.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-55-58-236.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
173,23.55.58.236
server-timing
cdn-cache; desc=MISS, edge; dur=163, origin; dur=11, inner; dur=8
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2021091400012301024502415859D9058E
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,23.44.4.71
x-tt-trace-host
013e08d49e97bc9a5e48eea53862f88d3eb1c96a140e7ff73d8bbb6bb98918536dfdfdfbef67cdb14072b9487df050259a73ede213c451c06a9dd233ba3502b0e6962535da91df42ec7ae90c977d657832abda9f4ca8924e83455b0aa4ce483081813c4894e313d8bbb61f3104a0f1a076
expires
Tue, 14 Sep 2021 00:01:23 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
567 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3MREF7B3D4L4OG4TUA0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.58.240 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-58-240.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:23 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
2021091400012301024502201553E1A120
x-cache
TCP_MISS from a23-55-58-236.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
169,23.55.58.236
x-tt-trace-host
013e08d49e97bc9a5e48eea53862f88d3e79209c5f3b9d98cb090fe1d290804cee6dd897e81d67a9858c7c20093f446eefec21e3d6f40a445f2ac3fe95b595a85ae57300049c749e08c6317a9fbb82f82ca6bcbc9cf9e86085cc36429745d2d34e
server-timing
inner; dur=8, cdn-cache; desc=MISS, edge; dur=0, origin; dur=169
x-akamai-request-id
d9092a1
content-length
0
expires
Tue, 14 Sep 2021 00:01:23 GMT
/
www.google.com/pagead/1p-user-list/689496631/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/689496631/?random=1631577682934&cv=9&fst=1631577600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgen_ab_test%3Bparam_name%3Dweb_pricing_split%3Bparam_values%3D19&frm=0&url=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&tiba=Improve%20Your%20Sleep&async=1&fmt=3&is_vtc=1&random=303992679&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/689496631/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/689496631/?random=1631577682934&cv=9&fst=1631577600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgen_ab_test%3Bparam_name%3Dweb_pricing_split%3Bparam_values%3D19&frm=0&url=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&tiba=Improve%20Your%20Sleep&async=1&fmt=3&is_vtc=1&random=303992679&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api.amplitude.com/ 		7 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/static/js/2.190bb646.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.78.238 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-78-238.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 14 Sep 2021 00:01:23 GMT
content-length
7
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-3LBV0FN8R4&gtm=2oe9d0&_p=2081404125&sr=1600x1200&ul=en-us&cid=988423901.1631577672&dl=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&dt=Improve%20Your%20Sleep&sid=1631577672&sct=1&seg=1&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3LBV0FN8R4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wp-173-update-terms-by-geo.avrora-app.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
firebaselogging-pa.googleapis.com/v1/firelog/legacy/ 		123 B
569 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaselogging-pa.googleapis.com/v1/firelog/legacy/log?key=AIzaSyCx80ru6-RXeTi3GvqkFsMVyMf-vpgIoVw
Requested by
Host: wp-173-update-terms-by-geo.avrora-app.com
URL: https://wp-173-update-terms-by-geo.avrora-app.com/static/js/2.190bb646.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80f::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
b99f88e652026d4d811f3eeba9411584440f3d735a3d79ea76cbefd25eb595a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Sep 2021 00:01:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wp-173-update-terms-by-geo.avrora-app.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
120
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-EZKLCQYKL1&gtm=2oe9d0&_p=2081404125&sr=1600x1200&ul=en-us&_fid=eTo8ak89y4nZ6_eBesYNcq&cid=988423901.1631577672&_s=2&dl=https%3A%2F%2Fwp-173-update-terms-by-geo.avrora-app.com%2Fo%2Fapp&dt=Improve%20Your%20Sleep&sid=1631577677&sct=1&seg=0&en=gen_ab_test&_et=5435&ep.origin=firebase&ep.param_name=web_pricing_split&ep.param_values=19
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EZKLCQYKL1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:818::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wp-173-update-terms-by-geo.avrora-app.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 00:01:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wp-173-update-terms-by-geo.avrora-app.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster function| gtag object| dataLayer function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq object| webpackJsonpavrora_app_onboarding object| regeneratorRuntime function| _ object| componentHandler function| MaterialButton function| MaterialProgress function| MaterialSpinner function| MaterialTextfield object| firebaseui object| dialogPolyfill object| google_tag_manager object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| google_tag_data object| gaGlobal string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaData boolean| userIdLoading

10 Cookies

Domain/Path Name / Value
.avrora-app.com/ Name: _fbp
Value: fb.1.1631577672273.1647192806
.avrora-app.com/ Name: _gcl_au
Value: 1.1.344411306.1631577672
.facebook.com/ Name: fr
Value: 0gK547sxKEA92mv7W..BhP-ZN...1.0.BhP-ZN.
.avrora-app.com/ Name: _ga
Value: GA1.2.988423901.1631577672
.avrora-app.com/ Name: _gid
Value: GA1.2.1421013347.1631577678
.avrora-app.com/ Name: _gat_gtag_UA_145336162_1
Value: 1
.avrora-app.com/ Name: _ga_3LBV0FN8R4
Value: GS1.1.1631577672.1.1.1631577682.50
.avrora-app.com/ Name: amp_4f3405
Value: dAr_3UQ9YZLqlhSt0vMIgR.ZmQ5OGEwYzAtMThjYS00YjMwLWI5OTMtMWU0NTFlNDdkNTY5..1ffgpn2gl.1ffgpncvh.5.1.6
.avrora-app.com/ Name: _ga_EZKLCQYKL1
Value: GS1.1.1631577677.1.0.1631577682.0
.doubleclick.net/ Name: IDE
Value: AHWqTUnDY5sqzExDpa1E2Q89Hpn93jXuzpGQezI24Si_XgpeC9Cl8BFu2oCcWYo8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.tiktok.com
api.amplitude.com
api.panda.boosters.company
connect.facebook.net
firebase.googleapis.com
firebaseinstallations.googleapis.com
firebaselogging-pa.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pro.ip-api.com
stats.g.doubleclick.net
wp-173-update-terms-by-geo.avrora-app.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.201.162
143.204.228.62
208.95.112.2
23.55.58.240
2a00:1450:4007:806::2004
2a00:1450:4007:80b::200e
2a00:1450:4007:80d::200a
2a00:1450:4007:80f::2003
2a00:1450:4007:80f::200a
2a00:1450:4007:812::2008
2a00:1450:4007:813::200a
2a00:1450:4007:815::2002
2a00:1450:4007:815::200a
2a00:1450:4007:816::2003
2a00:1450:4007:816::200a
2a00:1450:4007:818::200e
2a00:1450:400c:c04::9c
2a03:2880:f042:110:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
52.34.78.238
54.226.2.33
01417645e08811b3d4746ddb1597e298101fa810ca9a91b9e01157762b5a81f3
06f7069474e8b942d40a92fbe4997d5d866c514c2383fd44d3258cdf79ea4c5d
0aedb71f50127566ef38ed55c13d309b966ad614207ca41a323e6953d9caf13f
0e1a521781127305ad1f14d64b3e7e0c7ef8f714d61e10a4d634a7d3ca89d9d3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
154259ec722ef647e8edcbfc346beb3c4b44907f162278a5654c2888550b837a
15e5fdc62d6e54ce7f4fbb5b956ed352843d63f6ed1654af72bc126e02212753
1818a9401200aaeab5b895daa9086f616c4ceced9c48409d52229dc74f369d15
1dc73fe23c003bdc931370944c0a1bf81399e2083664c94d2b7600e66f111f27
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
34cc25b1d74d20636dfbae391a35c2fe1db7cb75e6800bae32b12a9af59fe027
456aaf93f16cb2efd474f36b7c16886250d4fec6cb367f3fa39c10bf18d3c274
46765b3018017e486b03dedd783c975ebf94c9209bac77cbb4b92ab2fd2ec6b9
51aac45d16f2194ad3b0ea40fca7605b3fbcfb04f8d6d70b92ee2485576b0544
76ad238843988e26ae9b3fd8e0c8756d6794c1340ad8d9a90a9e31928f415d12
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88c499036f299aafbdcdef6835746230e563a1800997b1c2695e6a3c96a9d3d4
a5ae0dc4beeb3fffdc8e1fac2d7e78bab1f42856c0cbca3ade7ac6a28d554ab2
ac28ee4c234de329ce740ef7ec8af26cec56ac1a0968eafd882b780c9d0bf036
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b99f88e652026d4d811f3eeba9411584440f3d735a3d79ea76cbefd25eb595a1
bc282706120027e2b94ae36cd90f116ca334f9019a08a4e327aa73bfec26387f
be1de331a31f21253976ea09c0af8927d360b8d91f8686dfc695d2313f257d70
d071abaacd14d4691b5725e5ea3e1909b3c862c8d78e5258db312a27fb3d4000
d58a30fcfbffc91a5f721e1fdca35bf56a59d26ddc9a809e6f8b1c031fc65c57
d68fa23a64e0f652da77f0f82d5d87bdf73d1864a7349646a36904cf2450e3fc
d9c65db554d57f17a964bee80b4c94050e40f3a692852cf0ca2fdb9612c83273
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
eec0b2b909505edad1a1c9518ebb3d71fc974d0991e166ed0766385200ff763e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f088c4fdb70adc4f11d4d7fff13ee97192e20a4e2cb6260050acf9ee3c18bf7a
f50435b77d72b561e397d440a687bf28edcf15f9988f7af5621f4d9a12cb0915
fb01e1766d35581a15db5231d1ea24bc6791cfc702123c3b698c5a40fd48ea3c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62