accounts.frame.io Open in urlscan Pro
3.229.20.110 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://accounts.frame.io/welcome?email_id=19505f6d-978f-4656-a2da-aceab1bd94dc&email_type=pending-team-member&pending_tea...
Submission: On March 01 via manual (March 1st 2022, 11:34:04 pm UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 16 domains to perform 48 HTTP transactions. The main IP is 3.229.20.110, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is accounts.frame.io. The Cisco Umbrella rank of the primary domain is 476385.
TLS certificate: Issued by Amazon on September 21st 2021. Valid for: a year.

This is the only time accounts.frame.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	3.229.20.110 3.229.20.110	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.112.102 18.66.112.102	16509 (AMAZON-02) (AMAZON-02)
1	18.66.115.169 18.66.115.169	16509 (AMAZON-02) (AMAZON-02)
2	54.69.24.9 54.69.24.9	16509 (AMAZON-02) (AMAZON-02)
1	54.190.139.205 54.190.139.205	16509 (AMAZON-02) (AMAZON-02)
1 1	108.138.17.98 108.138.17.98	16509 (AMAZON-02) (AMAZON-02)
4	18.66.139.43 18.66.139.43	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	99.83.219.81 99.83.219.81	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
5	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
2	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	34.211.243.235 34.211.243.235	16509 (AMAZON-02) (AMAZON-02)
48	20

8 3.229.20.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-20-110.compute-1.amazonaws.com

accounts.frame.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-102.fra56.r.cloudfront.net

auth-stg1.services.adobe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.115.169 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-115-169.fra56.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.69.24.9 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-24-9.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.190.139.205 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-190-139-205.us-west-2.compute.amazonaws.com

profiles.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.98 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-98.fra56.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.139.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-43.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.219.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.211.243.235 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-243-235.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	frame.io accounts.frame.io — Cisco Umbrella Rank: 476385	605 KB
6	stripe.com js.stripe.com — Cisco Umbrella Rank: 854 q.stripe.com — Cisco Umbrella Rank: 5951 m.stripe.com — Cisco Umbrella Rank: 828	69 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6342	783 B
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67	4 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	61 KB
4	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 1943	132 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	474 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 913	17 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	114 KB
2	intercom.io 1 redirects widget.intercom.io — Cisco Umbrella Rank: 1922 api-iam.intercom.io — Cisco Umbrella Rank: 2489	3 KB
2	segment.io api.segment.io — Cisco Umbrella Rank: 1009	349 B
2	segment.com cdn.segment.com — Cisco Umbrella Rank: 1481 profiles.segment.com — Cisco Umbrella Rank: 167404	85 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	54 KB
1	adobe.com auth-stg1.services.adobe.com	14 KB
48	16

	Domain	Requested by
8	accounts.frame.io	accounts.frame.io
4	www.google.de	accounts.frame.io
4	www.google.com	1 redirects accounts.frame.io
4	www.google-analytics.com	cdn.segment.com www.google-analytics.com accounts.frame.io
4	js.intercomcdn.com	accounts.frame.io widget.intercom.io js.intercomcdn.com
3	js.stripe.com	accounts.frame.io js.stripe.com
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	www.facebook.com	accounts.frame.io
2	m.stripe.network	js.stripe.com m.stripe.network
2	q.stripe.com	accounts.frame.io
2	www.googleadservices.com	cdn.segment.com www.googleadservices.com
2	connect.facebook.net	cdn.segment.com connect.facebook.net
2	api.segment.io	cdn.segment.com accounts.frame.io
1	m.stripe.com	m.stripe.network
1	stats.g.doubleclick.net	www.google-analytics.com
1	api-iam.intercom.io	js.intercomcdn.com
1	www.googletagmanager.com	cdn.segment.com
1	widget.intercom.io	1 redirects
1	profiles.segment.com	cdn.segment.com
1	cdn.segment.com	accounts.frame.io
1	auth-stg1.services.adobe.com	accounts.frame.io
48	21

This site contains no links.

Subject Issuer	Validity	Valid
accounts.frame.io Amazon	`2021-09-21` - `2022-10-19`	a year	crt.sh
auth-stg1.services.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-23` - `2022-12-23`	a year	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-09` - `2022-03-09`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh
*.intercom.com Amazon	`2021-04-15` - `2022-05-14`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-01-26` - `2022-05-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-11` - `2022-05-04`	4 months	crt.sh

This page contains 4 frames:

Primary Page: https://accounts.frame.io/welcome?email_id=19505f6d-978f-4656-a2da-aceab1bd94dc&email_type=pending-team-member&pending_team_member_id=1e1edabf-87d1-4d43-94be-95c94401fecd*e=kenny.hoo*40cnbc.com
Frame ID: 4AA73C5751B9B94B2BAAD361C9CCFC84
Requests: 38 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.97c25172.js
Frame ID: 404BB22762D8DAF8A7B3908873168E63
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-ce3cdfac755a319f13136d294df99983.html
Frame ID: 5EE41E0A139EADDE9402626347DB8EDB
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 121A645B23A90687D3CB0CEA25373A2E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Frame.io

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

48
Requests

96 %
HTTPS

40 %
IPv6

16
Domains

21
Subdomains

20
IPs

3
Countries

1175 kB
Transfer

3829 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://widget.intercom.io/widget/mbz4oxgz HTTP 302
https://js.intercomcdn.com/shim.latest.js

Request Chain 20

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/929747318/?random=2052565624&cv=9&fst=1646177639508&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&tiba=Login%20-%20Frame.io&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Z60eYpulI7mnx_AP7uK-qAs&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/929747318/?random=2052565624&cv=9&fst=1646177639508&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&tiba=Login%20-%20Frame.io&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Z60eYpulI7mnx_AP7uK-qAs&random=3777062475&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/929747318/?random=2052565624&cv=9&fst=1646177639508&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&tiba=Login%20-%20Frame.io&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Z60eYpulI7mnx_AP7uK-qAs&random=3777062475&resp=GooglemKTybQhCsO&ipr=y&prhg=0

48 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request welcome Show response
accounts.frame.io/ 6 KB
4 KB 296ms
101ms Document
text/html 3.229.20.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.frame.io/welcome?email_id=19505f6d-978f-4656-a2da-aceab1bd94dc&email_type=pending-team-member&pending_team_member_id=1e1edabf-87d1-4d43-94be-95c94401fecd*e=kenny.hoo*40cnbc.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.20.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-20-110.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

90934af0c8ba9c0aa0b0e18e3d4e6449b0156dd686edf2208845a06c63f30b64

Security Headers

Name	Value
Content-Security-Policy	default-src https:; img-src data: https:; connect-src wss: https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 01 Mar 2022 23:33:59 GMT
content-type: text/html; charset=utf-8
content-length: 3010
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-security-policy: default-src https:; img-src data: https:; connect-src wss: https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
cross-origin-window-policy: deny
referrer-policy: no-referrer
server: Cowboy
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: Fthl10m4s9GJ8P0AR1gC
x-xss-protection: 1; mode=block

GET
H2 200 vendor-69830357ea6366c1f2ca555398bcd01f.js Show response
accounts.frame.io/assets/ 395 KB
118 KB 195ms
195ms Script
text/javascript 3.229.20.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.frame.io/assets/vendor-69830357ea6366c1f2ca555398bcd01f.js?vsn=d

Requested by

Host: accounts.frame.io
URL: https://accounts.frame.io/welcome?email_id=19505f6d-978f-4656-a2da-aceab1bd94dc&email_type=pending-team-member&pending_team_member_id=1e1edabf-87d1-4d43-94be-95c94401fecd*e=kenny.hoo*40cnbc.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.20.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-20-110.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

2782a36b32b2f5d0efdf35d8adc66db9bd7579fdcfe5f64a7ef76ae697a7e03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:33:59 GMT
content-encoding: gzip
server: Cowboy
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 120147

GET
H2 200 app-80ed43324354a4ac319e9a288233b65e.js Show response
accounts.frame.io/assets/ 1 MB
354 KB 292ms
291ms Script
text/javascript 3.229.20.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.frame.io/assets/app-80ed43324354a4ac319e9a288233b65e.js?vsn=d

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.20.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-20-110.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

6c643232cf7ceff82238f3cde67afc12f22e58f9483569c612abbc197f186491

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:33:59 GMT
content-encoding: gzip
server: Cowboy
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 361810

GET
H2 200 imslib.min.js Show response
auth-stg1.services.adobe.com/imslib/ 49 KB
14 KB 504ms
438ms Script
application/javascript 18.66.112.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-stg1.services.adobe.com/imslib/imslib.min.js
Requested by: Host: accounts.frame.io
URL: https://accounts.frame.io/welcome?email_id=19505f6d-978f-4656-a2da-aceab1bd94dc&email_type=pending-team-member&pending_team_member_id=1e1edabf-87d1-4d43-94be-95c94401fecd*e=kenny.hoo*40cnbc.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-102.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ffc5bd2f915762fcfd80fe9d2d358b9a9014b375aafc73abb5801c8dc40bba1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:34:00 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 14:06:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: W/"7cbd0810f4fa70975e77294953533a2b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: RG8sugYD0WBhAMd8CM36Ao5rpuc1sHya
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
cache-control: public,max-age=300,must-revalidate
content-type: application/javascript
x-amz-cf-id: aiCsB2RfRUIq6PHs8WCgE6fWGqmdJkOZn2f5O6o6Yw7zamT_AHRtBA==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/JlMEiYCRWaIYGWJCYULjsuTVO7hCsVfo/ 567 KB
85 KB 60ms
8ms Script
text/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/JlMEiYCRWaIYGWJCYULjsuTVO7hCsVfo/analytics.min.js
Requested by: Host: accounts.frame.io
URL: https://accounts.frame.io/welcome?email_id=19505f6d-978f-4656-a2da-aceab1bd94dc&email_type=pending-team-member&pending_team_member_id=1e1edabf-87d1-4d43-94be-95c94401fecd*e=kenny.hoo*40cnbc.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11ff97a99a074fd7e0f39c499e460c494a6c74091bb0b7f05092cc76ec0965e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: 5dJj1vu32IXmCvhnCgUJ6tjVjdkNZtlK
content-encoding: br
etag: W/"0523908efd20c8914701cf057352843b"
age: 80
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 01 Mar 2022 23:11:41 GMT
server: AmazonS3
date: Tue, 01 Mar 2022 23:32:40 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: JOapwzCs0saAUeBE5pux8FmGaXHIuTcB1jr0-9chdhBw3FIaJaDPfg==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
175 B 531ms
176ms XHR
application/json 54.69.24.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/JlMEiYCRWaIYGWJCYULjsuTVO7hCsVfo/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.69.24.9 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-69-24-9.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://accounts.frame.io
date: Tue, 01 Mar 2022 23:33:59 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 client-audiences Show response
profiles.segment.com/v1/spaces/doqrmysgbt/collections/users/profiles/anonymous_id:b2a9bea2-18f3-49f0-a501-dad87c704a4f/ 21 B
350 B 539ms
175ms XHR
application/json 54.190.139.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://profiles.segment.com/v1/spaces/doqrmysgbt/collections/users/profiles/anonymous_id:b2a9bea2-18f3-49f0-a501-dad87c704a4f/client-audiences
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/JlMEiYCRWaIYGWJCYULjsuTVO7hCsVfo/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.190.139.205 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-190-139-205.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 2c347832d6ac4ee15a4749223a832cf2422e8524d1384da013df88f0c8a039ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:33:59 GMT
content-encoding: deflate
x-api-version: 2018-01-18
content-type: application/json
access-control-allow-origin: https://accounts.frame.io
access-control-allow-credentials: true
content-length: 27
x-request-id: fa4e26dc-76be-4404-b99e-2695dade9e0b

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/mbz4oxgz
https://js.intercomcdn.com/shim.latest.js

18 KB
6 KB

31ms
7ms

Script
application/javascript

18.66.139.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Requested by: Host: accounts.frame.io
URL: https://accounts.frame.io/welcome?email_id=19505f6d-978f-4656-a2da-aceab1bd94dc&email_type=pending-team-member&pending_team_member_id=1e1edabf-87d1-4d43-94be-95c94401fecd*e=kenny.hoo*40cnbc.com
Protocol: H2
Server: 18.66.139.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57c78e5edbc5daab0b7a1e431f06a641dedd97b850b0a9b42718583f8a9a8689

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 01 Mar 2022 23:32:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 17:07:13 GMT
server: AmazonS3
age: 92
etag: "26ab6ee7845d16d6a4c562527d2eaa7c"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 6088
x-amz-cf-id: jRtYTp6dSNkesyQOPK4DtsZmllPdE19pPO1o5k01-BZqO188n2OHcA==

Redirect headers

date: Tue, 01 Mar 2022 22:48:23 GMT
via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
server: AmazonS3
age: 2737
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: FRA56-P7
content-length: 0
x-amz-cf-id: MwY3DajEgOhXyZHXy9NhBuTEvj45vCx89X2xAq1_dVPBFoJahx69gA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 145 KB
54 KB 150ms
56ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-929747318

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/JlMEiYCRWaIYGWJCYULjsuTVO7hCsVfo/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37e5bdead3efff26b2d2f749f493f85ab47b0622214279695ad16ebc099c0ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:33:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55207
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:29:19 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Mar 2022 23:33:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 136ms
42ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/JlMEiYCRWaIYGWJCYULjsuTVO7hCsVfo/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5347
date: Tue, 01 Mar 2022 22:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 02 Mar 2022 00:04:52 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/JlMEiYCRWaIYGWJCYULjsuTVO7hCsVfo/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: WUxinYZZ1NYBYUXUYHSu9xl8mfVYGyE13TfdnAVR1t8UFKRYaiSU9cXbonTejAKOh+xh0HtuSNu8aIxBBVZTqg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 01 Mar 2022 23:33:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 151ms
56ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/JlMEiYCRWaIYGWJCYULjsuTVO7hCsVfo/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 23:33:59 GMT

GET
H2 200 921459044580052 Show response
connect.facebook.net/signals/config/ 308 KB
87 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/921459044580052?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cecfbd8ddad4f524f22fa10caba267a74628e04ed139c02eb5a42e24ed895e32

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89282
x-xss-protection: 0
pragma: public
x-fb-debug: 9Bd+jIMC/J2SG/5kuNxiMLcedUYksBxfQXPyMGqc6cRZtxJbkyiOjyKzwGEE4b1LdQC6Kijc4UQCqFoZBzWtuw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 01 Mar 2022 23:33:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 24ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=921459044580052&ev=PageView&dl=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&rl=&if=false&ts=1646177639415&sw=1600&sh=1200&v=2.9.52&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1646177639414.657555852&it=1646177639375&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:33:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 01 Mar 2022 23:33:59 GMT

GET
H2 200 frame-modern.97c25172.js Show response
js.intercomcdn.com/ Frame 404B 298 KB
80 KB 8ms
7ms Script
application/javascript 18.66.139.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.97c25172.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/mbz4oxgz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b47a98672a0beb5d10fe9db199f34375978c687312821c198e6d376acd6afda6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 01 Mar 2022 23:07:24 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 17:05:56 GMT
server: AmazonS3
age: 1596
etag: "81b19744c82f2895b40e73f96225dbcc"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 81455
x-amz-cf-id: FSzeNTVA8Wah5E9xswW6IVj-afgsKDgNUHu7w3qcavTocUOY1pfU2Q==

GET
H2 200 vendor-modern.45b68407.js Show response
js.intercomcdn.com/ Frame 404B 127 KB
39 KB 15ms
15ms Script
application/javascript 18.66.139.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.45b68407.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/mbz4oxgz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1a7110337a5dfa1d73bec1caab0531b52ca29b79a32b128c4f62954a1725adf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 01 Mar 2022 23:07:25 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 17:05:56 GMT
server: AmazonS3
age: 1595
etag: "9eff99c053907fddcd637acecf42738c"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 39552
x-amz-cf-id: fArNWoFHkr55T01CC_n--DEoz-eKkH-kxEnejCCZPShAz0FygBGj4Q==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 404B 7 KB
3 KB 1186ms
989ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.97c25172.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

5142fdbeaf38eb7ad5f927caae0d1786d1e0c6e91fe70b4b0f05d01ed647974d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 01 Mar 2022 23:34:00 GMT
content-encoding: gzip
x-ami-version: ami-0f35f6992487260ba
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept,Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 000855lubluolhoaqcpg
x-runtime: 0.883918
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5142fdbeaf38eb7ad5f927caae0d1786"
x-ratelimit-remaining: 13021
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.frame.io
x-intercom-version: 7f7f496b5d3bf264bdecac0f4ba79e26dde62c17
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1646177640
x-ratelimit-limit: 13333
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 108 KB
41 KB 100ms
51ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MDG4KXP&cid=1080304344.1646177640

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15698b69e6f46bc10c47bb48a471f1c2cdd287c9eef01be111c2fedbdccceaa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:33:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41498
x-xss-protection: 0
expires: Tue, 01 Mar 2022 23:33:59 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/929747318/ 2 KB
1 KB 104ms
52ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/929747318/?random=1646177639508&cv=9&fst=1646177639508&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&tiba=Login%20-%20Frame.io&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a9f1491923705688e33b4f27725ec274366707c68cd8682fa5188d02de0ef7c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 23:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1167
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/929747318/ 3 KB
1 KB 148ms
55ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/929747318/?random=1646177639512&cv=9&fst=1646177639512&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=path%3D%2Fwelcome%3Breferrer%3D%3Bsearch%3D%3Femail_id%5C%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%5C%3Dpending-team-member%26pending_team_member_id%5C%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%5C%3Dkenny.hoo*40cnbc.com%3Btitle%3DLogin%20-%20Frame.io%3Burl%3Dhttps%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%5C%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%5C%3Dpending-team-member%26pending_team_member_id%5C%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%5C%3Dkenny.hoo*40cnbc.com&frm=0&url=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&tiba=Login%20-%20Frame.io&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d35db8eafaaee642978aeb3dcf3ae1a360194a2c9a48450500846f6853545f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 23:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1187
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/929747318/ 3 KB
2 KB 87ms
55ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/929747318/?random=1646177639573&cv=9&fst=1646177639573&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&tiba=Login%20-%20Frame.io&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a993e7236e078781d3151db666f22265eeaf81c6147ea5392df3754ba4920b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 23:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1147
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/929747318/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/929747318/?random=2052565624&cv=9&fst=1646177639508&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=2...
https://www.google.com/pagead/1p-conversion/929747318/?random=2052565624&cv=9&fst=1646177639508&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_ja...
https://www.google.de/pagead/1p-conversion/929747318/?random=2052565624&cv=9&fst=1646177639508&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_jav...

42 B
64 B

104ms
55ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/929747318/?random=2052565624&cv=9&fst=1646177639508&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&tiba=Login%20-%20Frame.io&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Z60eYpulI7mnx_AP7uK-qAs&random=3777062475&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 23:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Mar 2022 23:33:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/929747318/?random=2052565624&cv=9&fst=1646177639508&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&tiba=Login%20-%20Frame.io&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Z60eYpulI7mnx_AP7uK-qAs&random=3777062475&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 121ms
40ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52047101-2&cid=1080304344.1646177640&jid=723350692&gjid=531301102&_gid=1562890876.1646177640&_u=aGBAgEADQAAAAE~&z=414151768

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 01 Mar 2022 23:33:59 GMT
content-type: text/plain
access-control-allow-origin: https://accounts.frame.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1941104093&t=pageview&_s=1&dl=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&dp=%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&ul=en-us&de=UTF-8&dt=Login%20-%20Frame.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEADQ~&jid=723350692&gjid=531301102&cid=1080304344.1646177640&tid=UA-52047101-2&_gid=1562890876.1646177640&z=1894813753

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:20:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25995
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/929747318/ 42 B
108 B 159ms
64ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/929747318/?random=1646177639573&cv=9&fst=1646175600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&tiba=Login%20-%20Frame.io&async=1&fmt=3&is_vtc=1&random=3761228522&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 23:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/929747318/ 42 B
108 B 147ms
56ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/929747318/?random=1646177639573&cv=9&fst=1646175600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&tiba=Login%20-%20Frame.io&async=1&fmt=3&is_vtc=1&random=3761228522&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 23:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/929747318/ 42 B
548 B 148ms
54ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/929747318/?random=1646177639512&cv=9&fst=1646175600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=path%3D%2Fwelcome%3Breferrer%3D%3Bsearch%3D%3Femail_id%5C%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%5C%3Dpending-team-member%26pending_team_member_id%5C%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%5C%3Dkenny.hoo*40cnbc.com%3Btitle%3DLogin%20-%20Frame.io%3Burl%3Dhttps%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%5C%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%5C%3Dpending-team-member%26pending_team_member_id%5C%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%5C%3Dkenny.hoo*40cnbc.com&frm=0&url=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&tiba=Login%20-%20Frame.io&async=1&fmt=3&is_vtc=1&random=2046077425&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 23:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/929747318/ 42 B
548 B 145ms
56ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/929747318/?random=1646177639512&cv=9&fst=1646175600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=path%3D%2Fwelcome%3Breferrer%3D%3Bsearch%3D%3Femail_id%5C%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%5C%3Dpending-team-member%26pending_team_member_id%5C%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%5C%3Dkenny.hoo*40cnbc.com%3Btitle%3DLogin%20-%20Frame.io%3Burl%3Dhttps%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%5C%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%5C%3Dpending-team-member%26pending_team_member_id%5C%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%5C%3Dkenny.hoo*40cnbc.com&frm=0&url=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&tiba=Login%20-%20Frame.io&async=1&fmt=3&is_vtc=1&random=2046077425&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 23:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5.js Show response
accounts.frame.io/assets/ 4 KB
2 KB 100ms
100ms Script
text/javascript 3.229.20.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.frame.io/assets/5.js

Requested by

Host: accounts.frame.io
URL: https://accounts.frame.io/assets/vendor-69830357ea6366c1f2ca555398bcd01f.js?vsn=d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.20.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-20-110.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

02a9c05dcb15c3bcecb8f296ec9997febe481a426e2c9e80b0d42ffc3bcc47c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:33:59 GMT
content-encoding: gzip
server: Cowboy
etag: "4F75B8C"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1702

GET
H2 200 4.js Show response
accounts.frame.io/assets/ 3 KB
2 KB 99ms
99ms Script
text/javascript 3.229.20.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.frame.io/assets/4.js

Requested by

Host: accounts.frame.io
URL: https://accounts.frame.io/assets/vendor-69830357ea6366c1f2ca555398bcd01f.js?vsn=d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.20.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-20-110.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

b8adc9c80b5f165bca2aae2ccd50614b16986d8035f55eda34d6218eb9893f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:33:59 GMT
content-encoding: gzip
server: Cowboy
etag: "1806611"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1364

GET
H2 200 3.js Show response
accounts.frame.io/assets/ 8 KB
3 KB 100ms
100ms Script
text/javascript 3.229.20.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.frame.io/assets/3.js

Requested by

Host: accounts.frame.io
URL: https://accounts.frame.io/assets/vendor-69830357ea6366c1f2ca555398bcd01f.js?vsn=d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.20.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-20-110.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

079d7a1c823dfc118cf373c0eb3443f9e0d1bc93a7a14e6f8417ff8483fd40ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:33:59 GMT
content-encoding: gzip
server: Cowboy
etag: "131158"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2802

GET
H2 200 v3 Show response
js.stripe.com/ 279 KB
67 KB 51ms
6ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: accounts.frame.io
URL: https://accounts.frame.io/assets/app-80ed43324354a4ac319e9a288233b65e.js?vsn=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4ff561e39e8169bb42d5431839780390b82e95c851dd1c6be195f9339eab64f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 51
x-cache: HIT
content-length: 68196
etag: "614b359080026f88501a3d5de6f9a2cb"
x-request-id: 7b1185a9-5045-4b78-95b9-4d7377743203
x-served-by: cache-hhn4036-HHN
access-control-allow-origin: *
last-modified: Tue, 01 Mar 2022 20:04:03 GMT
server: Fastly
date: Tue, 01 Mar 2022 23:33:59 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79fab92e4274641c0d0c0e811c0d67e92c04a08e3e027fb33c748f1ca6f67b5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 107ms
54ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52047101-2&cid=1080304344.1646177640&jid=723350692&_u=aGBAgEADQAAAAE~&z=352753444

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 23:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 102ms
52ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52047101-2&cid=1080304344.1646177640&jid=723350692&_u=aGBAgEADQAAAAE~&z=352753444

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 23:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
174 B 174ms
174ms XHR
application/json 54.69.24.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: accounts.frame.io
URL: https://accounts.frame.io/assets/app-80ed43324354a4ac319e9a288233b65e.js?vsn=d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.69.24.9 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-69-24-9.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://accounts.frame.io
date: Tue, 01 Mar 2022 23:33:59 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1941104093&t=event&ni=0&_s=2&dl=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&dp=%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&ul=en-us&de=UTF-8&dt=Login%20-%20Frame.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=page-viewed-welcome&ev=0&_u=aGBAgEADQAAAAE~&jid=&gjid=&cid=1080304344.1646177640&tid=UA-52047101-2&_gid=1562890876.1646177640&z=2094421175

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:20:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25995
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=921459044580052&ev=page-viewed-welcome&dl=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&rl=&if=false&ts=1646177639881&cd[client]=web&cd[page]=welcome&sw=1600&sh=1200&v=2.9.52&r=stable&a=seg&ec=1&o=30&fbp=fb.1.1646177639414.657555852&it=1646177639375&coo=false&eid=ajs-68e7897040f9043a6cb39e57b4906ee9&tm=2&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:33:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 01 Mar 2022 23:33:59 GMT

GET
H2 200 m-outer-ce3cdfac755a319f13136d294df99983.html Show response
js.stripe.com/v3/ Frame 5EE4 240 B
533 B 7ms
6ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-ce3cdfac755a319f13136d294df99983.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

39274d16fe03d66d8a425007eeb00f2d51496db71e847a0940a1b3ae12c42fed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Mon, 28 Feb 2022 20:02:46 GMT
etag: "ce3cdfac755a319f13136d294df99983"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Tue, 01 Mar 2022 23:33:59 GMT
via: 1.1 varnish
age: 98957
x-request-id: d59c666d-e5c3-4f33-a465-5c5a3ac632af
x-served-by: cache-hhn4036-HHN
x-cache: HIT
x-cache-hits: 9253
vary: Accept-Encoding
timing-allow-origin: *
content-length: 142

POST
H2 200 csp-report
q.stripe.com/ Frame 5EE4 0
356 B 566ms
181ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: accounts.frame.io
URL: https://accounts.frame.io/welcome?email_id=19505f6d-978f-4656-a2da-aceab1bd94dc&email_type=pending-team-member&pending_team_member_id=1e1edabf-87d1-4d43-94be-95c94401fecd*e=kenny.hoo*40cnbc.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 01 Mar 2022 23:34:00 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 1
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 m-outer-67740208de0918bdf73920776d3deaed.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5EE4 1 KB
773 B 7ms
6ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-67740208de0918bdf73920776d3deaed.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-ce3cdfac755a319f13136d294df99983.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-ce3cdfac755a319f13136d294df99983.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 31
x-cache: HIT
content-length: 645
etag: "d0c7e21ec457b6a134a496f107c3ca93"
x-request-id: a71a960d-a46a-4e44-b7de-973ebdabb2e6
x-served-by: cache-hhn4036-HHN
access-control-allow-origin: *
last-modified: Mon, 28 Feb 2022 20:03:13 GMT
server: Fastly
date: Tue, 01 Mar 2022 23:33:59 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 121A 932 B
1 KB 23ms
7ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-67740208de0918bdf73920776d3deaed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: max-age=300, public
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Tue, 01 Mar 2022 23:34:00 GMT
via: 1.1 varnish
age: 13
x-request-id: 81ac2466-00ff-45ea-963d-445e1e292cbd
x-served-by: cache-hhn4036-HHN
x-cache: HIT
x-cache-hits: 7
x-timer: S1646177640.030175,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 528

POST
H2 200 csp-report
q.stripe.com/ Frame 121A 0
131 B 517ms
181ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 01 Mar 2022 23:34:00 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame 121A 85 KB
16 KB 6ms
6ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 113
x-cache: HIT
content-length: 15786
x-request-id: 9eb391a0-8726-4178-91ca-686fe250380d
x-served-by: cache-hhn4036-HHN
server: Fastly
x-timer: S1646177640.044956,VS0,VE0
date: Tue, 01 Mar 2022 23:34:00 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 40

POST
H2 200 6 Show response
m.stripe.com/ Frame 121A 156 B
523 B 535ms
178ms XHR
application/json 34.211.243.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-243-235.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4494a469b612f35d115dafde5d839af2b54804a1935cc9ff530db94d5bbbd483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 01 Mar 2022 23:34:00 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 AvenirNext-Medium-9ab29c0a.woff2
accounts.frame.io/assets/ 58 KB
59 KB 101ms
100ms Font
font/woff2 3.229.20.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.frame.io/assets/AvenirNext-Medium-9ab29c0a.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.20.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-20-110.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

dd773eaa177a0129f198ec5ed31b47b61f855253ada01bf2a970ae87f2a4384d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://accounts.frame.io/welcome?email_id=19505f6d-978f-4656-a2da-aceab1bd94dc&email_type=pending-team-member&pending_team_member_id=1e1edabf-87d1-4d43-94be-95c94401fecd*e=kenny.hoo*40cnbc.com
Origin: https://accounts.frame.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:34:00 GMT
server: Cowboy
etag: "15B0972"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 59820

GET
H2 200 AvenirNext-Regular-da92ca69.woff2
accounts.frame.io/assets/ 65 KB
65 KB 100ms
100ms Font
font/woff2 3.229.20.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.frame.io/assets/AvenirNext-Regular-da92ca69.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.20.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-20-110.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

ca026df678f72d1a36097fd148b50272406681fc65c4215a5acae115b4a2005f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://accounts.frame.io/welcome?email_id=19505f6d-978f-4656-a2da-aceab1bd94dc&email_type=pending-team-member&pending_team_member_id=1e1edabf-87d1-4d43-94be-95c94401fecd*e=kenny.hoo*40cnbc.com
Origin: https://accounts.frame.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:34:00 GMT
server: Cowboy
etag: "3FC6733"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 66348

GET
H2 200 locale-de-json-modern.5ad6d255.js Show response
js.intercomcdn.com/ Frame 404B 20 KB
6 KB 7ms
6ms Script
application/javascript 18.66.139.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/locale-de-json-modern.5ad6d255.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.97c25172.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccfcd5a01e36f83534211900b500cd1545dcc9c2010a314bd5c19cd936796ddb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 01 Mar 2022 21:54:09 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 15:10:26 GMT
server: AmazonS3
age: 5992
etag: "0b75c3a44e83794ed34b138e40bf364b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 5924
x-amz-cf-id: RodclYFf03ll2cUdQPtS5bqOUDhQw8jqk3Y5XwK7ty2CD-OU-WwedQ==

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=921459044580052&ev=Microdata&dl=https%3A%2F%2Faccounts.frame.io%2Fwelcome%3Femail_id%3D19505f6d-978f-4656-a2da-aceab1bd94dc%26email_type%3Dpending-team-member%26pending_team_member_id%3D1e1edabf-87d1-4d43-94be-95c94401fecd*e%3Dkenny.hoo*40cnbc.com&rl=&if=false&ts=1646177640926&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%20-%20Frame.io%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&a=seg&ec=2&o=30&fbp=fb.1.1646177639414.657555852&it=1646177639375&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:34:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 01 Mar 2022 23:34:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
accounts.frame.io/	1969-12-31 23:59:59	Name: _auth_key Value: SFMyNTY.g3QAAAABbQAAAAtfY3NyZl90b2tlbm0AAAAYT25XY3ZNVC1iRFp6TmEzNHNfeHEyU0JU.JIzaPNjKzmLjrpmvtobqdwe0yLRFy9vpuiidmX6JSEY
.frame.io/	1970-01-20 10:01:53	Name: ajs_user_id Value: null
.frame.io/	1970-01-20 10:01:53	Name: ajs_group_id Value: null
.frame.io/	1970-01-20 10:01:53	Name: ajs_anonymous_id Value: %22b2a9bea2-18f3-49f0-a501-dad87c704a4f%22
.frame.io/	1970-01-20 03:25:53	Name: _fbp Value: fb.1.1646177639414.657555852
.frame.io/	1970-01-20 18:47:29	Name: _ga Value: GA1.2.1080304344.1646177640
.frame.io/	1970-01-20 01:17:44	Name: _gid Value: GA1.2.1562890876.1646177640
.frame.io/	1970-01-20 03:25:53	Name: _gcl_au Value: 1.1.2117655560.1646177640
.frame.io/	1970-01-20 01:16:17	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 01:16:18	Name: test_cookie Value: CheckForPermission
.frame.io/	1970-01-20 07:45:07	Name: intercom-id-mbz4oxgz Value: 796c3152-7545-4fdc-b91b-39819af5c049
.frame.io/	1970-01-20 01:26:22	Name: intercom-session-mbz4oxgz Value:
m.stripe.com/	1970-01-20 18:47:29	Name: m Value: 26574300-f284-4c74-bfe8-1dc1ecb8472b376160
.accounts.frame.io/	1970-01-20 10:01:53	Name: __stripe_mid Value: 714ff479-7fc4-4670-b0a9-bf0b4d339206aa14f6
.accounts.frame.io/	1970-01-20 01:16:19	Name: __stripe_sid Value: 87828033-2880-472f-bb45-e106b7af9073e4650c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https:; img-src data: https:; connect-src wss: https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.frame.io
api-iam.intercom.io
api.segment.io
auth-stg1.services.adobe.com
cdn.segment.com
connect.facebook.net
googleads.g.doubleclick.net
js.intercomcdn.com
js.stripe.com
m.stripe.com
m.stripe.network
profiles.segment.com
q.stripe.com
stats.g.doubleclick.net
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
108.138.17.98
142.250.184.226
151.101.0.176
18.66.112.102
18.66.115.169
18.66.139.43
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:829::2003
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c0a::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.229.20.110
34.211.243.235
54.187.119.242
54.190.139.205
54.69.24.9
99.83.219.81
02a9c05dcb15c3bcecb8f296ec9997febe481a426e2c9e80b0d42ffc3bcc47c8
079d7a1c823dfc118cf373c0eb3443f9e0d1bc93a7a14e6f8417ff8483fd40ec
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11ff97a99a074fd7e0f39c499e460c494a6c74091bb0b7f05092cc76ec0965e8
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
15698b69e6f46bc10c47bb48a471f1c2cdd287c9eef01be111c2fedbdccceaa0
1a7110337a5dfa1d73bec1caab0531b52ca29b79a32b128c4f62954a1725adf1
2782a36b32b2f5d0efdf35d8adc66db9bd7579fdcfe5f64a7ef76ae697a7e03e
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2c347832d6ac4ee15a4749223a832cf2422e8524d1384da013df88f0c8a039ab
37e5bdead3efff26b2d2f749f493f85ab47b0622214279695ad16ebc099c0ba2
39274d16fe03d66d8a425007eeb00f2d51496db71e847a0940a1b3ae12c42fed
4494a469b612f35d115dafde5d839af2b54804a1935cc9ff530db94d5bbbd483
4ff561e39e8169bb42d5431839780390b82e95c851dd1c6be195f9339eab64f8
5142fdbeaf38eb7ad5f927caae0d1786d1e0c6e91fe70b4b0f05d01ed647974d
57c78e5edbc5daab0b7a1e431f06a641dedd97b850b0a9b42718583f8a9a8689
6c643232cf7ceff82238f3cde67afc12f22e58f9483569c612abbc197f186491
79fab92e4274641c0d0c0e811c0d67e92c04a08e3e027fb33c748f1ca6f67b5c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
90934af0c8ba9c0aa0b0e18e3d4e6449b0156dd686edf2208845a06c63f30b64
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a993e7236e078781d3151db666f22265eeaf81c6147ea5392df3754ba4920b1a
a9f1491923705688e33b4f27725ec274366707c68cd8682fa5188d02de0ef7c0
b47a98672a0beb5d10fe9db199f34375978c687312821c198e6d376acd6afda6
b8adc9c80b5f165bca2aae2ccd50614b16986d8035f55eda34d6218eb9893f78
ca026df678f72d1a36097fd148b50272406681fc65c4215a5acae115b4a2005f
ccfcd5a01e36f83534211900b500cd1545dcc9c2010a314bd5c19cd936796ddb
cecfbd8ddad4f524f22fa10caba267a74628e04ed139c02eb5a42e24ed895e32
d35db8eafaaee642978aeb3dcf3ae1a360194a2c9a48450500846f6853545f8e
dd773eaa177a0129f198ec5ed31b47b61f855253ada01bf2a970ae87f2a4384d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffc5bd2f915762fcfd80fe9d2d358b9a9014b375aafc73abb5801c8dc40bba1b

accounts.frame.io Open in urlscan Pro 3.229.20.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

96 %HTTPS

40 %IPv6

16 Domains

21 Subdomains

20 IPs

3 Countries

1175 kBTransfer

3829 kBSize

15 Cookies

0 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

accounts.frame.io Open in urlscan Pro
3.229.20.110 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

96 %
HTTPS

40 %
IPv6

16
Domains

21
Subdomains

20
IPs

3
Countries

1175 kB
Transfer

3829 kB
Size

15
Cookies

48 HTTP transactions
1 data transactions