ngl.link Open in urlscan Pro
172.67.10.95  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request harsefeld.meme Show response ngl.link/	4 KB 2 KB	395ms 336ms	Document text/html	172.67.10.95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.10.95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 490589327ea209f946394e4da3c4f9c02809a463d4c1a1b69d7f660b8203cbda Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers cache-control public, max-age=86400, s-maxage=86400 cf-cache-status DYNAMIC cf-ray 8db65a0269289738-FRA content-encoding br content-type text/html; charset=utf-8 date Thu, 31 Oct 2024 20:21:28 GMT function-execution-id b18dsmepn7jy server cloudflare strict-transport-security max-age=31556926 vary cookie,need-authorization, x-fh-requested-host, accept-encoding x-cache MISS x-cache-hits 0 x-cloud-trace-context 12968a55bd50bb5705c65a75b9f8fe84 x-country-code DE x-orig-accept-language de-DE,de;q=0.9 x-powered-by Express x-served-by cache-fra-eddf8230135-FRA x-timer S1730406088.080088,VS0,VE286
GET H2	200	normalize.css ngl.link/stylesheets/	6 KB 2 KB	39ms 37ms	Stylesheet text/css	172.67.10.95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngl.link/stylesheets/normalize.css Requested by Host: ngl.link URL: https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.10.95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Response headers content-encoding br cf-cache-status HIT etag W/"fb5e5490c690f08fb6399c76828fae42eeb6195646961666ab1a98911113012d-br" age 1644 x-cache HIT date Thu, 31 Oct 2024 20:21:28 GMT content-type text/css; charset=utf-8 last-modified Mon, 21 Oct 2024 01:22:53 GMT x-served-by cache-fra-eddf8230159-FRA x-cache-hits 0 vary x-fh-requested-host, accept-encoding strict-transport-security max-age=31556926 cache-control max-age=14400 x-timer S1729633721.279819,VS0,VE1 cf-ray 8db65a04bc159738-FRA server cloudflare
GET H2	200	style.css ngl.link/stylesheets/	8 KB 2 KB	39ms 37ms	Stylesheet text/css	172.67.10.95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngl.link/stylesheets/style.css?v=34 Requested by Host: ngl.link URL: https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.10.95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8ebec8425d9076eb36da40d6179825f47cb94ebc9f7c2c2cf5e3720744e9709 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Response headers content-encoding br cf-cache-status HIT etag W/"0c758a2c53c3356a8327e6f8196862aaf8b45a864683308bcc2ee3744758e286-br" age 2226 x-cache HIT date Thu, 31 Oct 2024 20:21:28 GMT content-type text/css; charset=utf-8 last-modified Thu, 26 Sep 2024 23:57:27 GMT x-served-by cache-fra-eddf8230058-FRA x-cache-hits 2 vary x-fh-requested-host, accept-encoding strict-transport-security max-age=31556926 cache-control max-age=14400 x-timer S1728923569.239188,VS0,VE0 cf-ray 8db65a04bc199738-FRA server cloudflare
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 31 KB	89ms 22ms	Script text/javascript	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: ngl.link URL: https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ngl.link/ Response headers content-encoding gzip age 21043 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Fri, 31 Oct 2025 14:30:45 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 31 Oct 2024 14:30:45 GMT last-modified Wed, 10 Mar 2021 14:28:09 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 31017 x-xss-protection 0 server sffe
GET H2	200	main.js Show response ngl.link/scripts/	12 KB 4 KB	36ms 35ms	Script text/javascript	172.67.10.95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngl.link/scripts/main.js?v=59 Requested by Host: ngl.link URL: https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.10.95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9cbe98b118942ca3e2b1b675f94fcc19efa7b4d869ffd60c5df2bb6545f3278a Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Response headers content-encoding br cf-cache-status HIT etag W/"75610eabe9ca7f709270abbb43727630d81d42c29fd4d7c6d478d6b98d9eaa9f-br" age 1854 x-cache HIT date Thu, 31 Oct 2024 20:21:28 GMT content-type text/javascript; charset=utf-8 last-modified Thu, 24 Oct 2024 21:22:55 GMT x-served-by cache-fra-eddf8230073-FRA x-cache-hits 0 vary x-fh-requested-host, accept-encoding strict-transport-security max-age=31556926 cache-control max-age=14400 x-timer S1729806408.198996,VS0,VE1 cf-ray 8db65a04bc1c9738-FRA server cloudflare
GET H2	200	mixpanel-jslib-snippet.js Show response ngl.link/scripts/	4 KB 2 KB	41ms 40ms	Script text/javascript	172.67.10.95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngl.link/scripts/mixpanel-jslib-snippet.js Requested by Host: ngl.link URL: https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.10.95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a17d2bc44ac70f5abf7fae9ea64186dd6e5b9088277044781adeb9cec373ab0f Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Response headers content-encoding br cf-cache-status HIT etag W/"fb4404563a9f35ff2ef69c9bd301d93044c319b3d648c831a717fcff8535773e-br" age 2933 x-cache HIT date Thu, 31 Oct 2024 20:21:28 GMT content-type text/javascript; charset=utf-8 last-modified Mon, 21 Oct 2024 01:22:53 GMT x-served-by cache-fra-eddf8230022-FRA x-cache-hits 0 vary x-fh-requested-host, accept-encoding strict-transport-security max-age=31556926 cache-control max-age=14400 x-timer S1729704482.724205,VS0,VE1 cf-ray 8db65a04bc209738-FRA server cloudflare
GET H2	200	/ Show response js.stripe.com/v3/	674 KB 164 KB	137ms 36ms	Script text/javascript	151.101.128.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: ngl.link URL: https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 2bea4bfdb845e2fdee34cf138bd40e7a6eb727ce4d1da92e9e415fb9a24d6870 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ngl.link/ Response headers x-request-id 143aa9c7-30e9-4cbe-b580-c49775953a80 content-encoding br etag "78aaea0b91bf05493002b40f2441bc59" age 30 x-content-type-options nosniff alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT date Thu, 31 Oct 2024 20:21:28 GMT last-modified Thu, 31 Oct 2024 19:29:05 GMT content-type text/javascript; charset=utf-8 x-served-by cache-cph2320037-CPH x-cache-hits 13 vary Accept-Encoding strict-transport-security max-age=31556926; includeSubDomains; preload cache-control max-age=60 timing-allow-origin * via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 167161 server Fastly
GET H3	200	firebase-app.js Show response www.gstatic.com/firebasejs/9.6.1/	50 KB 11 KB	109ms 55ms	Script text/javascript	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/9.6.1/firebase-app.js Requested by Host: ngl.link URL: https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7bbe7684eb6a67961ba3b5c9425ccadd5fedcb1902cdb472be693576abed78b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ngl.link Referer https://ngl.link/ Response headers content-encoding gzip age 103697 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Thu, 30 Oct 2025 15:33:11 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 15:33:11 GMT last-modified Thu, 09 Dec 2021 21:53:39 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 10807 x-xss-protection 0 server sffe
GET H3	200	firebase-analytics.js Show response www.gstatic.com/firebasejs/9.6.1/	104 KB 22 KB	93ms 40ms	Script text/javascript	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/9.6.1/firebase-analytics.js Requested by Host: ngl.link URL: https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cdf47d917624ac8cb0feaf89d010753fa26340ef309e4cc487db96c692346ac6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ngl.link Referer https://ngl.link/ Response headers content-encoding gzip age 104467 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Thu, 30 Oct 2025 15:20:21 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 15:20:21 GMT last-modified Thu, 09 Dec 2021 21:53:42 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 22853 x-xss-protection 0 server sffe
GET H2	200	mixpanel-2-latest.min.js Show response cdn.mxpnl.com/libs/	55 KB 19 KB	71ms 21ms	Script text/javascript	2600:1901:0:bc29:: GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js Requested by Host: ngl.link URL: https://ngl.link/scripts/mixpanel-jslib-snippet.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:bc29:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software UploadServer / Resource Hash 5357d3283ddf27fc4156d8c48f95dadf544139b198c43db3162c8cf18b3de996 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ngl.link/ Response headers x-goog-metageneration 2 content-encoding gzip x-goog-hash crc32c=rciEWw==, md5=Ay7nz7moeiyGH/GIFXVIQg== etag "032ee7cfb9a87a2c861ff18815754842" age 350 x-goog-stored-content-encoding gzip expires Thu, 31 Oct 2024 20:25:38 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 19057 date Thu, 31 Oct 2024 20:15:38 GMT last-modified Tue, 27 Aug 2024 18:10:17 GMT content-type text/javascript vary Accept-Encoding x-guploader-uploadid AHmUCY3vk-k3PWzSEusTD7yN6ZbmsHdnFG42zLFRJOrepobXbcsBDmkdgdbrv3VQmgiC1uwHdnY cache-control public,max-age=600 x-goog-storage-class MULTI_REGIONAL accept-ranges bytes access-control-allow-origin * x-goog-generation 1724782217794014 content-length 19057 server UploadServer
GET H2	200	default_avatar.png ngl.link/images/	4 KB 4 KB	43ms 43ms	Image image/png	172.67.10.95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ngl.link/images/default_avatar.png Requested by Host: ngl.link URL: https://ngl.link/stylesheets/style.css?v=34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.10.95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bebcc6072cfc81ab313557dd8ff1f12d18107c04a3ba1d49bf091602bfce4e49 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ngl.link/stylesheets/style.css?v=34 Response headers server cloudflare strict-transport-security max-age=31556926 cache-control max-age=14400 cf-cache-status HIT etag W/"5218aa28fa5915ef471d6ecd670fef309922a1c6d7252d25482ed85cd06ac788-br" x-timer S1729705502.252730,VS0,VE2 age 1927 cf-ray 8db65a064e2d9738-FRA x-cache HIT date Thu, 31 Oct 2024 20:21:28 GMT content-type image/png last-modified Mon, 21 Oct 2024 01:22:53 GMT x-served-by cache-fra-eddf8230102-FRA x-cache-hits 1 vary x-fh-requested-host, accept-encoding
GET H2	200	webConfig Show response firebase.googleapis.com/v1alpha/projects/-/apps/1:214597529567:web:d49e8aeef77b9e0a039e6a/	362 B 431 B	42ms 40ms	Fetch application/json	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebase.googleapis.com/v1alpha/projects/-/apps/1:214597529567:web:d49e8aeef77b9e0a039e6a/webConfig Requested by Host: www.gstatic.com URL: https://www.gstatic.com/firebasejs/9.6.1/firebase-analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4afb03c681843dcfad8bfa9e946d32adb8fcb706a1dd459face91823f58fe44a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers x-goog-api-key AIzaSyCmL3X8pQOHhtXMIFTxJsO7KHQ2nDr_G6w Referer https://ngl.link/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 accept application/json Response headers cache-control private access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length content-encoding gzip x-content-type-options nosniff access-control-allow-origin https://ngl.link alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 242 date Thu, 31 Oct 2024 20:21:28 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 vary Origin, X-Origin, Referer server ESF x-frame-options SAMEORIGIN
OPTIONS H2	200	webConfig firebase.googleapis.com/v1alpha/projects/-/apps/1:214597529567:web:d49e8aeef77b9e0a039e6a/ Frame	0 0	87ms 34ms	Preflight text/html	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebase.googleapis.com/v1alpha/projects/-/apps/1:214597529567:web:d49e8aeef77b9e0a039e6a/webConfig Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-api-key Access-Control-Request-Method GET Origin https://ngl.link Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers x-goog-api-key access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://ngl.link access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Thu, 31 Oct 2024 20:21:28 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
GET H2	200	controller-with-preconnect-e3e7bc822c405d339de59a6bd9278e11.html js.stripe.com/v3/ Frame 2D2B	0 0	105ms 35ms	Document text/html	18.173.187.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-with-preconnect-e3e7bc822c405d339de59a6bd9278e11.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-121.muc50.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ngl.link/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-origin * age 5 alt-svc h3=":443"; ma=86400 cache-control max-age=60, stale-while-revalidate=900 content-length 651 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 31 Oct 2024 20:21:25 GMT etag "e3e7bc822c405d339de59a6bd9278e11" last-modified Wed, 30 Oct 2024 20:03:28 GMT origin-agent-cluster ?1 server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 46d62d4755f0b1a587a0581348e41608.cloudfront.net (CloudFront) x-amz-cf-id 3tjIgHrfE1ghNGlRj6KtK85aGt6j34HDT_1lAYWFhU3kH72apAVCaA== x-amz-cf-pop MUC50-P4 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	payment-request-inner-google-pay-91a3d371890c61ac2ee37e68c3f43430.html js.stripe.com/v3/ Frame C16A	0 0	106ms 37ms	Document text/html	18.173.187.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/payment-request-inner-google-pay-91a3d371890c61ac2ee37e68c3f43430.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-121.muc50.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ngl.link/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-origin * age 1055 alt-svc h3=":443"; ma=86400 cache-control max-age=31536000 content-length 408 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 31 Oct 2024 20:03:56 GMT etag "91a3d371890c61ac2ee37e68c3f43430" last-modified Wed, 30 Oct 2024 20:03:45 GMT origin-agent-cluster ?1 server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 46d62d4755f0b1a587a0581348e41608.cloudfront.net (CloudFront) x-amz-cf-id u4CRARf54bCYHhDfo_XtI1rpW3UTKYAgH5FR4irCEbVQZVHIphhVug== x-amz-cf-pop MUC50-P4 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	payment-request-inner-browser-c68dfe8d1d6f72cc8778b5ed911c815e.html js.stripe.com/v3/ Frame 97EB	0 0	103ms 36ms	Document text/html	18.173.187.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/payment-request-inner-browser-c68dfe8d1d6f72cc8778b5ed911c815e.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-121.muc50.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ngl.link/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-origin * age 59 alt-svc h3=":443"; ma=86400 cache-control max-age=60, stale-while-revalidate=900 content-length 344 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 31 Oct 2024 20:20:31 GMT etag "c68dfe8d1d6f72cc8778b5ed911c815e" last-modified Wed, 30 Oct 2024 20:03:45 GMT origin-agent-cluster ?1 server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 46d62d4755f0b1a587a0581348e41608.cloudfront.net (CloudFront) x-amz-cf-id 8SN0dplIyXytcU59s7zVHkNUnWcZJTtFH63zMm03XIZjTWOTc_rceQ== x-amz-cf-pop MUC50-P4 x-cache Hit from cloudfront x-content-type-options nosniff
GET H3	200	de Show response cdn.simplelocalize.io/57157aec81d54cb6b2a43f8b34a61d47/_production/	26 KB 10 KB	77ms 38ms	XHR application/json	2606:4700:20::681a:d4f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.simplelocalize.io/57157aec81d54cb6b2a43f8b34a61d47/_production/de Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:d4f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a77038569507aaf7361b90c33d4bf5d6739eba5a0d99e09ce3d66f1e5fa5cc2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept */* Referer https://ngl.link/ Response headers x-robots-tag noindex access-control-max-age 1800 content-encoding br cf-cache-status HIT etag W/"285d6c65c7dcd10c09a02d865b272d4b" age 32 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bYduCEp%2BzrRgmH%2FHdNrg2qKnyBSurWbZiIoc882RIvScrQuYIQ7QKqS9x6YkFmG5I2MRoXnSzSqEpCPvSUytNX1srTuh5oHrNNIczvzTo5vf7p8BsMaJcHYNfhYApqhuXE4MqNh3x%2BuoJTWgLTCqgwQtdw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 31 Oct 2024 20:21:28 GMT content-type application/json; charset=utf-8 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding priority u=1,i x-amz-id-2 dfowW2KKR1tTk2CO2vAOioHao9F5++ezoiomMahlFpSV8mdKiQjGwoCU1KoZDTmpDxvvk4jK9dE= last-modified Mon, 28 Oct 2024 22:10:12 GMT cache-control public, max-age=300 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id XJNEWNGY806SD1QV cf-ray 8db65a06bfb692a1-FRA access-control-allow-origin * server cloudflare
POST H2	500	pageview Show response ngl.link/api/	21 B 252 B	1271ms 1269ms	XHR text/plain	172.67.10.95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngl.link/api/pageview Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.10.95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62 Request headers Referer https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept */* Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"15-/6VXivhc2MKdLfIkLcUE47K6aH0" x-cache MISS date Thu, 31 Oct 2024 20:21:29 GMT content-type text/plain; charset=utf-8 x-served-by cache-fra-eddf8230120-FRA x-cache-hits 0 x-cloud-trace-context e6ced2e0b45ad51fe1bcff12122fd5b9 vary x-fh-requested-host, accept-encoding cache-control private x-timer S1730406089.726658,VS0,VE1233 cf-ray 8db65a067e799738-FRA accept-ranges bytes function-execution-id i6p7xe02drah x-powered-by Express server cloudflare
POST H2	200	web Show response ngl.link/api/fingerprint/	16 B 240 B	743ms 740ms	XHR application/json	172.67.10.95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngl.link/api/fingerprint/web Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.10.95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept */* Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA" x-orig-accept-language de-DE,de;q=0.9 x-country-code DE x-cache MISS date Thu, 31 Oct 2024 20:21:29 GMT content-type application/json; charset=utf-8 x-cloud-trace-context 6ae04dc794ec863099e241e16eab63ef x-cache-hits 0 x-served-by cache-fra-eddf8230120-FRA strict-transport-security max-age=31556926 vary cookie,need-authorization, x-fh-requested-host, accept-encoding cache-control private x-timer S1730406089.726772,VS0,VE708 cf-ray 8db65a067e7f9738-FRA accept-ranges bytes function-execution-id go6c88ks8739 x-powered-by Express server cloudflare
OPTIONS H2	200	installations firebaseinstallations.googleapis.com/v1/projects/ask-fun-d10f0/ Frame	0 0	95ms 36ms	Preflight text/html	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebaseinstallations.googleapis.com/v1/projects/ask-fun-d10f0/installations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key Access-Control-Request-Method POST Origin https://ngl.link Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type,x-goog-api-key access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://ngl.link access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Thu, 31 Oct 2024 20:21:28 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	installations Show response firebaseinstallations.googleapis.com/v1/projects/ask-fun-d10f0/	624 B 680 B	387ms 385ms	Fetch application/json	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebaseinstallations.googleapis.com/v1/projects/ask-fun-d10f0/installations Requested by Host: www.gstatic.com URL: https://www.gstatic.com/firebasejs/9.6.1/firebase-analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4ed669ddcb4c5827492d61f9c50496990624d8dcdea53405ce0ddad04b522374 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers x-goog-api-key AIzaSyCmL3X8pQOHhtXMIFTxJsO7KHQ2nDr_G6w Referer https://ngl.link/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 accept application/json content-type application/json Response headers cache-control private access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length content-encoding gzip x-content-type-options nosniff access-control-allow-origin https://ngl.link alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 490 date Thu, 31 Oct 2024 20:21:29 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 vary Origin, X-Origin, Referer server ESF x-frame-options SAMEORIGIN
GET H2	200	js Show response www.googletagmanager.com/gtag/	348 KB 117 KB	78ms 29ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5DV1ZR5ZHG Requested by Host: www.gstatic.com URL: https://www.gstatic.com/firebasejs/9.6.1/firebase-analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 599ed9fb4b8ae029261a253e3673c876c05f60006d5ab5e4f0f249aa1ebdfa36 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ngl.link/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Thu, 31 Oct 2024 20:21:28 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 31 Oct 2024 20:21:28 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 119126 x-xss-protection 0 server Google Tag Manager
POST H2	204	collect region1.google-analytics.com/g/	0 0	88ms 29ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-5DV1ZR5ZHG&gtm=45je4au0v873466073za200&_p=1730406088815&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&_fid=f-uzLyLgHQgybrzGbGB-Jb&cid=2049467928.1730406089&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730406088&sct=1&seg=0&dl=https%3A%2F%2Fngl.link%2Fharsefeld.meme%3Ffbclid%3DPAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA&dt=%40harsefeld.meme&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&ep.origin=firebase&tfd=983 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5DV1ZR5ZHG Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ngl.link/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://ngl.link cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 31 Oct 2024 20:21:29 GMT content-type text/plain server Golfe2
GET H2	200	ngl.png ngl.link/images/	14 KB 14 KB	40ms 39ms	Other image/png	172.67.10.95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngl.link/images/ngl.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.10.95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99b1edb0bd36fd3adeb5c98704073231b73fffe3dc78e835dbdc97b347cfac25 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Response headers content-encoding gzip cf-cache-status HIT etag "25d119447808fdc0a3724387d9486ab0aa5e87df3d4539cf663fda5b3d62f9c4" age 707 x-cache HIT date Thu, 31 Oct 2024 20:21:29 GMT content-type image/png last-modified Mon, 21 Oct 2024 01:22:53 GMT x-served-by cache-fra-eddf8230095-FRA x-cache-hits 1 vary x-fh-requested-host, accept-encoding strict-transport-security max-age=31556926 cache-control max-age=14400 x-timer S1729710081.696775,VS0,VE2 cf-ray 8db65a0a2b219738-FRA accept-ranges bytes content-length 14212 server cloudflare
GET H2	200	phone-numbers-lib-83d27e42ca1e315a3645d261b1fa8bae.js Show response js.stripe.com/v3/fingerprinted/js/	148 KB 35 KB	38ms 38ms	Script text/javascript	151.101.128.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-83d27e42ca1e315a3645d261b1fa8bae.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 7c871ac22da030c8700eeb06ea407294892b75299cf07fb29a1f5b900e45401a Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ngl.link/ Response headers x-request-id fb2d00b5-72ea-4b8f-86db-c4ef268f7b34 content-encoding br etag "cb56b5378e094a41f5f71dbea0291836" age 1361092 x-content-type-options nosniff alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT date Thu, 31 Oct 2024 20:21:29 GMT last-modified Mon, 30 Sep 2024 17:05:51 GMT content-type text/javascript; charset=utf-8 x-served-by cache-cph2320037-CPH x-cache-hits 6337 vary Accept-Encoding strict-transport-security max-age=31556926; includeSubDomains; preload cache-control max-age=31536000 timing-allow-origin * via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 35177 server Fastly

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery string| MIXPANEL_LIB_URL object| mixpanel object| webpackChunkStripeJSouter function| noop function| Stripe object| translations string| username string| uid string| gameId string| ig_username object| dataLayer function| gtag object| analytics function| logEvent object| google_tag_manager object| google_tag_data object| gaGlobal

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ngl.link/	1970-01-21 09:25:42	Name: mp_e8e1a30fe6d7dacfa1353b45d6093a00_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A192e43d7fee2b9-079f75b899e389-17462c6e-1d4c00-192e43d7fee2b9%22%2C%22%24device_id%22%3A%20%22192e43d7fee2b9-079f75b899e389-17462c6e-1d4c00-192e43d7fee2b9%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
			.ngl.link/	1970-01-21 10:16:06	Name: _ga_5DV1ZR5ZHG Value: GS1.1.1730406088.1.0.1730406088.0.0.0
			.ngl.link/	1970-01-21 10:16:06	Name: _ga Value: GA1.1.2049467928.1730406089

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other	warning	URL: https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://ngl.link/harsefeld.meme?fbclid=PAY2xjawGQxUVleHRuA2FlbQIxMQABppbcfnk6RqHaVGOgexftajeURgeiHOGlSapWcz6uhdh044AWc1Lm2NBipA_aem_aw21l3R2wLTF2eiF4-hVBA Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
network	error	URL: https://ngl.link/api/pageview Message: Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.mxpnl.com
cdn.simplelocalize.io
firebase.googleapis.com
firebaseinstallations.googleapis.com
js.stripe.com
ngl.link
region1.google-analytics.com
www.googletagmanager.com
www.gstatic.com
151.101.128.176
172.67.10.95
18.173.187.121
2001:4860:4802:32::36
2600:1901:0:bc29::
2606:4700:20::681a:d4f
2a00:1450:4001:80b::200a
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2008
2bea4bfdb845e2fdee34cf138bd40e7a6eb727ce4d1da92e9e415fb9a24d6870
490589327ea209f946394e4da3c4f9c02809a463d4c1a1b69d7f660b8203cbda
4afb03c681843dcfad8bfa9e946d32adb8fcb706a1dd459face91823f58fe44a
4ed669ddcb4c5827492d61f9c50496990624d8dcdea53405ce0ddad04b522374
5357d3283ddf27fc4156d8c48f95dadf544139b198c43db3162c8cf18b3de996
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
599ed9fb4b8ae029261a253e3673c876c05f60006d5ab5e4f0f249aa1ebdfa36
7bbe7684eb6a67961ba3b5c9425ccadd5fedcb1902cdb472be693576abed78b8
7c871ac22da030c8700eeb06ea407294892b75299cf07fb29a1f5b900e45401a
99b1edb0bd36fd3adeb5c98704073231b73fffe3dc78e835dbdc97b347cfac25
9a77038569507aaf7361b90c33d4bf5d6739eba5a0d99e09ce3d66f1e5fa5cc2
9cbe98b118942ca3e2b1b675f94fcc19efa7b4d869ffd60c5df2bb6545f3278a
a17d2bc44ac70f5abf7fae9ea64186dd6e5b9088277044781adeb9cec373ab0f
bebcc6072cfc81ab313557dd8ff1f12d18107c04a3ba1d49bf091602bfce4e49
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cdf47d917624ac8cb0feaf89d010753fa26340ef309e4cc487db96c692346ac6
d8ebec8425d9076eb36da40d6179825f47cb94ebc9f7c2c2cf5e3720744e9709
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e