ngl.link Open in urlscan Pro
104.22.79.252 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://confess.ngl.link/val.dhs
Effective URL:
https://ngl.link/val.dhs/confessions
Submission: On November 12 via manual (November 12th 2024, 3:14:56 am UTC) from PE — Scanned from US

Summary HTTP 28 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 28 HTTP transactions. The main IP is 104.22.79.252, located in and belongs to CLOUDFLARENET, US. The main domain is ngl.link. The Cisco Umbrella rank of the primary domain is 112852.
TLS certificate: Issued by WE1 on September 22nd 2024. Valid for: 3 months.

This is the only time ngl.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	104.22.79.252 104.22.79.252	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:807::200a	15169 (GOOGLE) (GOOGLE)
3	13.226.34.18 13.226.34.18	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
4	13.226.34.128 13.226.34.128	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:d4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
28	12

10 104.22.79.252 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

confess.ngl.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ngl.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.34.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-18.ewr53.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::200a (United States)

ASN15169 (GOOGLE, US)

firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.34.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-128.ewr53.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:d4f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.simplelocalize.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::200a (United States)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	ngl.link 1 redirects confess.ngl.link — Cisco Umbrella Rank: 812396 ngl.link — Cisco Umbrella Rank: 112852	31 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1102	217 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412 firebasestorage.googleapis.com — Cisco Umbrella Rank: 7245 firebase.googleapis.com — Cisco Umbrella Rank: 3928 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 617	62 KB
2	gstatic.com www.gstatic.com	33 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	118 KB
1	simplelocalize.io cdn.simplelocalize.io — Cisco Umbrella Rank: 82411	10 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3511	19 KB
28	8

	Domain	Requested by
9	ngl.link	ngl.link ajax.googleapis.com
7	js.stripe.com	ngl.link js.stripe.com
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	firebase.googleapis.com	www.gstatic.com
2	www.gstatic.com	ngl.link
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.gstatic.com
1	cdn.simplelocalize.io	ajax.googleapis.com
1	cdn.mxpnl.com	ngl.link
1	firebasestorage.googleapis.com	ngl.link
1	ajax.googleapis.com	ngl.link
1	confess.ngl.link	1 redirects
28	12

This site contains links to these domains. Also see Links.

Domain
apps.apple.com

Subject Issuer	Validity	Valid
ngl.link WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-10-30` - `2025-02-06`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2024-07-15` - `2025-07-29`	a year	crt.sh
*.simplelocalize.io Cloudflare Inc ECC CA-3	`2023-12-29` - `2024-12-28`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://ngl.link/val.dhs/confessions
Frame ID: 00FE3C02F39F5F143386BC626DA1A71B
Requests: 22 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-52bb9961886364429336a5e4c538a8fe.html
Frame ID: 065230FBFD8653AC02C98DBAF31E22EF
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-6f592f61b48a627200a3027a29d39bf9.html
Frame ID: 4AB59FA8279802769367A5693F084B10
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-37d074fe4dbb3db6cd722cec79956a64.html
Frame ID: 6343BCCA65AB46AD6B09177148B972AF
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: A9B2CFA281580B6F2C3433E9C94B05DB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

@val.dhs

Page URL History Show full URLs

https://confess.ngl.link/val.dhs HTTP 302
https://ngl.link/val.dhs/confessions Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

12
Subdomains

12
IPs

2
Countries

490 kB
Transfer

1589 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/us/app/ngl-anonymous-q-a/id1596550932?ppid=543cb167-5bdc-448f-a202-e5506f5d2837
Title: ¡Obtén tus propios mensajes!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://confess.ngl.link/val.dhs HTTP 302
https://ngl.link/val.dhs/confessions Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request confessions Show response
ngl.link/val.dhs/
Redirect Chain

https://confess.ngl.link/val.dhs
https://ngl.link/val.dhs/confessions

5 KB
2 KB

263ms
250ms

Document
text/html

104.22.79.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ngl.link/val.dhs/confessions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

29f90e8e23bb0fcd8c6aa624f33b5016cd8fae3bc48dc0db7532f1f0e22aba44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=86400, s-maxage=86400
cf-cache-status: DYNAMIC
cf-ray: 8e135a9f2a090fa5-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 12 Nov 2024 03:14:49 GMT
function-execution-id: a89iruqyhquz
server: cloudflare
strict-transport-security: max-age=31556926
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: 5a2a4026d6f0999782e7e97881449055
x-country-code: US
x-orig-accept-language: en-US,en;q=0.9
x-powered-by: Express
x-served-by: cache-lga21975-LGA
x-timer: S1731381289.834785,VS0,VE234

Redirect headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8e135a9e69540fa5-EWR
content-type: text/html; charset=utf-8
date: Tue, 12 Nov 2024 03:14:48 GMT
function-execution-id: 76ghyemqcs49
location: https://ngl.link/val.dhs/confessions
server: cloudflare
strict-transport-security: max-age=31556926
vary: Accept,cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: f4d9b7cd153a6cd87918966f268d65ea
x-country-code: US
x-orig-accept-language: en-US,en;q=0.9
x-powered-by: Express
x-served-by: cache-lga21953-LGA
x-timer: S1731381289.730069,VS0,VE74

GET
H2 200 normalize.css
ngl.link/stylesheets/ 6 KB
2 KB 32ms
12ms Stylesheet
text/css 104.22.79.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ngl.link/stylesheets/normalize.css

Requested by

Host: ngl.link
URL: https://ngl.link/val.dhs/confessions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ngl.link/val.dhs/confessions

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"fb5e5490c690f08fb6399c76828fae42eeb6195646961666ab1a98911113012d-br"
age: 828
x-cache: HIT
date: Tue, 12 Nov 2024 03:14:49 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 29 Oct 2024 22:24:17 GMT
x-served-by: cache-lga21924-LGA
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding
strict-transport-security: max-age=31556926
cache-control: max-age=14400
x-timer: S1730547660.860057,VS0,VE1
cf-ray: 8e135aa0eb710fa5-EWR
server: cloudflare

GET
H2 200 style.css
ngl.link/stylesheets/ 8 KB
2 KB 37ms
17ms Stylesheet
text/css 104.22.79.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ngl.link/stylesheets/style.css?v=34

Requested by

Host: ngl.link
URL: https://ngl.link/val.dhs/confessions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8ebec8425d9076eb36da40d6179825f47cb94ebc9f7c2c2cf5e3720744e9709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ngl.link/val.dhs/confessions

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"0c758a2c53c3356a8327e6f8196862aaf8b45a864683308bcc2ee3744758e286-br"
age: 1236
x-cache: HIT
date: Tue, 12 Nov 2024 03:14:49 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 29 Oct 2024 22:24:17 GMT
x-served-by: cache-lga21971-LGA
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding
strict-transport-security: max-age=31556926
cache-control: max-age=14400
x-timer: S1730810350.081092,VS0,VE1
cf-ray: 8e135aa0eb750fa5-EWR
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 67ms
8ms Script
text/javascript 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: ngl.link
URL: https://ngl.link/val.dhs/confessions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ngl.link/

Response headers

content-encoding: gzip
age: 29477
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Tue, 11 Nov 2025 19:03:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 19:03:32 GMT
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31017
x-xss-protection: 0
server: sffe

GET
H2 200 main.js Show response
ngl.link/scripts/ 12 KB
4 KB 31ms
12ms Script
text/javascript 104.22.79.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ngl.link/scripts/main.js?v=59

Requested by

Host: ngl.link
URL: https://ngl.link/val.dhs/confessions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cbe98b118942ca3e2b1b675f94fcc19efa7b4d869ffd60c5df2bb6545f3278a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ngl.link/val.dhs/confessions

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"75610eabe9ca7f709270abbb43727630d81d42c29fd4d7c6d478d6b98d9eaa9f-br"
age: 204
x-cache: HIT
date: Tue, 12 Nov 2024 03:14:49 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 05 Nov 2024 19:56:05 GMT
x-served-by: cache-lga21932-LGA
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding
strict-transport-security: max-age=31556926
cache-control: max-age=14400
x-timer: S1731233318.425382,VS0,VE1
cf-ray: 8e135aa0eb770fa5-EWR
server: cloudflare

GET
H2 200 mixpanel-jslib-snippet.js Show response
ngl.link/scripts/ 4 KB
2 KB 33ms
14ms Script
text/javascript 104.22.79.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ngl.link/scripts/mixpanel-jslib-snippet.js

Requested by

Host: ngl.link
URL: https://ngl.link/val.dhs/confessions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a17d2bc44ac70f5abf7fae9ea64186dd6e5b9088277044781adeb9cec373ab0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ngl.link/val.dhs/confessions

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"fb4404563a9f35ff2ef69c9bd301d93044c319b3d648c831a717fcff8535773e-br"
age: 986
x-cache: HIT
date: Tue, 12 Nov 2024 03:14:49 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 05 Nov 2024 19:56:05 GMT
x-served-by: cache-lga21931-LGA
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding
strict-transport-security: max-age=31556926
cache-control: max-age=14400
x-timer: S1731052262.053326,VS0,VE2
cf-ray: 8e135aa0eb780fa5-EWR
server: cloudflare

GET
H2 200 / Show response
js.stripe.com/v3/ 684 KB
180 KB 78ms
6ms Script
text/javascript 13.226.34.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: ngl.link
URL: https://ngl.link/val.dhs/confessions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.34.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-34-18.ewr53.r.cloudfront.net

Software

Cloudfront /

Resource Hash

12c36a25e1d34c128839e6020f8bbabfc7c313852d1b6d23e5e9550fb98e9191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ngl.link/

Response headers

content-encoding: br
etag: W/"d67caab47663a660a3445da2aea34af2"
age: 49
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Z7R7AXpoyx_n9SRYD_lARC7GAlShjz4XaKrzs6qb0nV65YCrO-e4dw==
date: Tue, 12 Nov 2024 03:14:06 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 11 Nov 2024 22:15:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-C2
server: Cloudfront

GET
H2 200 images%2FNEgviE2lqOXn3k5FxDrDqQldE7n2.jpg
firebasestorage.googleapis.com/v0/b/ask-fun-d10f0.appspot.com/o/ 30 KB
30 KB 185ms
121ms Image
image/jpg 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/ask-fun-d10f0.appspot.com/o/images%2FNEgviE2lqOXn3k5FxDrDqQldE7n2.jpg?alt=media&token=a696d6aa-4cd9-4465-a646-514c2502efc6
Requested by: Host: ngl.link
URL: https://ngl.link/val.dhs/confessions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f1e05b0bcde329b4ad9069a30c173e1f1614debdf9212ae3deff8955ce83b974

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ngl.link/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=fdVx7g==, md5=IY8gQu1HtNDRL0QFc0pTcQ==
etag: "218f2042ed47b4d0d12f4405734a5371"
x-goog-stored-content-encoding: identity
expires: Tue, 12 Nov 2024 03:14:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 30234
date: Tue, 12 Nov 2024 03:14:49 GMT
last-modified: Sun, 25 Aug 2024 19:56:52 GMT
content-type: image/jpg
content-disposition: inline; filename*=utf-8''NEgviE2lqOXn3k5FxDrDqQldE7n2.jpg
x-guploader-uploadid: AHmUCY3r7VssRl2biNXNinh-2Qv0iA2J73XPMayuso3_5gNGrBCQ2m7aWTEg3RINTc6UmO7IDCyIp1cHEA
cache-control: private, max-age=0
x-goog-storage-class: STANDARD
x-goog-meta-firebasestoragedownloadtokens: a696d6aa-4cd9-4465-a646-514c2502efc6
accept-ranges: bytes
x-goog-generation: 1724615812240816
content-length: 30234
server: UploadServer

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/9.6.1/ 50 KB
11 KB 36ms
8ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.6.1/firebase-app.js

Requested by

Host: ngl.link
URL: https://ngl.link/val.dhs/confessions

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bbe7684eb6a67961ba3b5c9425ccadd5fedcb1902cdb472be693576abed78b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ngl.link
Referer: https://ngl.link/

Response headers

content-encoding: gzip
age: 471394
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 16:18:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 16:18:15 GMT
last-modified: Thu, 09 Dec 2021 21:53:39 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10807
x-xss-protection: 0
server: sffe

GET
H3 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/9.6.1/ 104 KB
22 KB 34ms
7ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.6.1/firebase-analytics.js

Requested by

Host: ngl.link
URL: https://ngl.link/val.dhs/confessions

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdf47d917624ac8cb0feaf89d010753fa26340ef309e4cc487db96c692346ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ngl.link
Referer: https://ngl.link/

Response headers

content-encoding: gzip
age: 497626
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 09:01:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 09:01:03 GMT
last-modified: Thu, 09 Dec 2021 21:53:42 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22853
x-xss-protection: 0
server: sffe

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 55 KB
19 KB 28ms
4ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: ngl.link
URL: https://ngl.link/scripts/mixpanel-jslib-snippet.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bc94ac4cf8c40825ad44690336b1de510a0b5dd6428a5759b0cc5284dcdc7e08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ngl.link/

Response headers

x-goog-metageneration: 2
content-encoding: gzip
x-goog-hash: crc32c=Awfd4g==, md5=94g9eoI2/luNwM5SGIfwSw==
etag: "f7883d7a8236fe5b8dc0ce521887f04b"
age: 577
x-goog-stored-content-encoding: gzip
expires: Tue, 12 Nov 2024 03:15:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 19120
date: Tue, 12 Nov 2024 03:05:12 GMT
last-modified: Tue, 05 Nov 2024 17:21:22 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY1DpWS8lU1bVe1zBQHHNU4L6kWradySPFYyWQd_JjyxHK72QByfdS7aowTqcm8XXIMTkUw
cache-control: public,max-age=600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730827282841656
content-length: 19120
server: UploadServer

GET
H2 200 default_avatar.png
ngl.link/images/ 4 KB
4 KB 30ms
30ms Image
image/png 104.22.79.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ngl.link/images/default_avatar.png

Requested by

Host: ngl.link
URL: https://ngl.link/stylesheets/style.css?v=34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bebcc6072cfc81ab313557dd8ff1f12d18107c04a3ba1d49bf091602bfce4e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ngl.link/stylesheets/style.css?v=34

Response headers

server: cloudflare
strict-transport-security: max-age=31556926
cache-control: max-age=14400
cf-cache-status: HIT
etag: W/"5218aa28fa5915ef471d6ecd670fef309922a1c6d7252d25482ed85cd06ac788-br"
x-timer: S1730980274.869028,VS0,VE1
age: 878
cf-ray: 8e135aa20cd80fa5-EWR
x-cache: HIT
date: Tue, 12 Nov 2024 03:14:49 GMT
content-type: image/png
last-modified: Tue, 05 Nov 2024 19:56:05 GMT
x-served-by: cache-lga21976-LGA
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:214597529567:web:d49e8aeef77b9e0a039e6a/ 362 B
431 B 36ms
26ms Fetch
application/json 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:214597529567:web:d49e8aeef77b9e0a039e6a/webConfig

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.6.1/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4afb03c681843dcfad8bfa9e946d32adb8fcb706a1dd459face91823f58fe44a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-goog-api-key: AIzaSyCmL3X8pQOHhtXMIFTxJsO7KHQ2nDr_G6w
Referer: https://ngl.link/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json

Response headers

cache-control: private
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://ngl.link
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 242
date: Tue, 12 Nov 2024 03:14:49 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:214597529567:web:d49e8aeef77b9e0a039e6a/ Frame 0
0 66ms
23ms Preflight
text/html 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:214597529567:web:d49e8aeef77b9e0a039e6a/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://ngl.link
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://ngl.link
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 12 Nov 2024 03:14:49 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 controller-with-preconnect-52bb9961886364429336a5e4c538a8fe.html
js.stripe.com/v3/ Frame 0652 0
0 12ms
5ms Document
text/html 13.226.34.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-52bb9961886364429336a5e4c538a8fe.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.34.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-34-128.ewr53.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ngl.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 58
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-length: 651
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 12 Nov 2024 03:14:13 GMT
etag: "52bb9961886364429336a5e4c538a8fe"
last-modified: Mon, 11 Nov 2024 21:31:20 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-amz-cf-id: 4QTCXBhEprK4wEbv_j-_7qc0C22NclE0mbmdHe432VukPFUemX4CgA==
x-amz-cf-pop: EWR53-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-6f592f61b48a627200a3027a29d39bf9.html
js.stripe.com/v3/ Frame 4AB5 0
0 10ms
10ms Document
text/html 13.226.34.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-6f592f61b48a627200a3027a29d39bf9.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.34.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-34-128.ewr53.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ngl.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2095
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 12 Nov 2024 02:40:02 GMT
etag: "6f592f61b48a627200a3027a29d39bf9"
last-modified: Mon, 11 Nov 2024 21:31:35 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-amz-cf-id: YdUpCfLc13JGp45LVpK4RYXt2oyNVwRP8myX0UfbHsWsl6JcR_pnZw==
x-amz-cf-pop: EWR53-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-37d074fe4dbb3db6cd722cec79956a64.html
js.stripe.com/v3/ Frame 6343 0
0 28ms
8ms Document
text/html 13.226.34.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-37d074fe4dbb3db6cd722cec79956a64.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.34.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-34-128.ewr53.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ngl.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 18
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 12 Nov 2024 03:14:31 GMT
etag: "37d074fe4dbb3db6cd722cec79956a64"
last-modified: Mon, 11 Nov 2024 21:31:35 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-amz-cf-id: wJq7PJXa99VK4lVma4k_H5JSQVK0b07PiIzX271j734VmvvAeT4-Fg==
x-amz-cf-pop: EWR53-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 es_LA Show response
cdn.simplelocalize.io/57157aec81d54cb6b2a43f8b34a61d47/_production/ 26 KB
10 KB 87ms
39ms XHR
application/json 2606:4700:20::681a:d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.simplelocalize.io/57157aec81d54cb6b2a43f8b34a61d47/_production/es_LA
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 063e9462f3246242dbc099cfe44e2f6c92063b56e98665970d55fabc881afd00

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Referer: https://ngl.link/

Response headers

x-robots-tag: noindex
access-control-max-age: 1800
content-encoding: br
cf-cache-status: HIT
etag: W/"986a3412b803effcc468c0be1a955b16"
age: 82
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u0T%2BKUQM74ILAmVKasmgrGZ3%2Fj50Lsxzf5hB%2Fo2lhB59iZfr2TLz%2F9tWTVt7EmOA1qggIzwUBqm%2FbrTQg0VRQu%2B0s4b5XDV4ebVoZFJvn2XC%2FksumKw%2BTRQKNjH%2BLwcIAz20dfsrE%2BJIjZGpjS1M%2Bko7DA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5650&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4143&recv_bytes=4378&delivery_rate=184493&cwnd=12000&unsent_bytes=0&cid=f0c494b66c380946&ts=56&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 12 Nov 2024 03:14:49 GMT
content-type: application/json; charset=utf-8
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
priority: u=1,i
x-amz-id-2: k45vDnmdwVULpqGkm3y3dE9nrawRdO307WPY5UzIFIEhxnc3P7InF6VhnxSFguOT15LAFYaDiOc=
last-modified: Mon, 28 Oct 2024 22:10:12 GMT
cache-control: public, max-age=300
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: R69SN2H6THYN4GZP
cf-ray: 8e135aa2c9518c15-EWR
access-control-allow-origin: *
server: cloudflare

POST
H2 500 pageview Show response
ngl.link/api/ 21 B
251 B 320ms
295ms XHR
text/plain 104.22.79.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngl.link/api/pageview
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62

Request headers

Referer: https://ngl.link/val.dhs/confessions
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"15-/6VXivhc2MKdLfIkLcUE47K6aH0"
x-cache: MISS
date: Tue, 12 Nov 2024 03:14:49 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-lga21975-LGA
x-cache-hits: 0
x-cloud-trace-context: 7008efe1fa05a8caeaf87c244a24cac5
vary: x-fh-requested-host, accept-encoding
cache-control: private
x-timer: S1731381289.393388,VS0,VE270
cf-ray: 8e135aa29db10fa5-EWR
accept-ranges: bytes
function-execution-id: uhqyk4ao7ho3
x-powered-by: Express
server: cloudflare

POST
H2 200 web Show response
ngl.link/api/fingerprint/ 16 B
222 B 130ms
105ms XHR
application/json 104.22.79.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ngl.link/api/fingerprint/web

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ngl.link/val.dhs/confessions
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
x-orig-accept-language: en-US,en;q=0.9
x-country-code: US
x-cache: MISS
date: Tue, 12 Nov 2024 03:14:49 GMT
content-type: application/json; charset=utf-8
x-cloud-trace-context: c1928c48836971750502effc90ce3adf
x-cache-hits: 0
x-served-by: cache-lga21975-LGA
strict-transport-security: max-age=31556926
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
cache-control: private
x-timer: S1731381289.386919,VS0,VE93
cf-ray: 8e135aa29db30fa5-EWR
accept-ranges: bytes
function-execution-id: adys28aw5n1y
x-powered-by: Express
server: cloudflare

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/ask-fun-d10f0/ 626 B
681 B 123ms
98ms Fetch
application/json 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/ask-fun-d10f0/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.6.1/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f50b7aca474a78bab4ad2c52acc1d7069b0db128b8b3afc6fc1dda6e6383027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-goog-api-key: AIzaSyCmL3X8pQOHhtXMIFTxJsO7KHQ2nDr_G6w
Referer: https://ngl.link/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
content-type: application/json

Response headers

cache-control: private
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://ngl.link
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 491
date: Tue, 12 Nov 2024 03:14:49 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/ask-fun-d10f0/ Frame 0
0 61ms
18ms Preflight
text/html 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/ask-fun-d10f0/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://ngl.link
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://ngl.link
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 12 Nov 2024 03:14:49 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 350 KB
118 KB 67ms
20ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5DV1ZR5ZHG

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.6.1/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f16e20b1fa991f0de0d9030470a0e784dea94c5699a9398d4f87d928fb396b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ngl.link/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 12 Nov 2024 03:14:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 03:14:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 120071
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 43ms
18ms Fetch
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5DV1ZR5ZHG&gtm=45je4bb0v873466073za200&_p=1731381289407&gcd=13l3l3l3l1l1&npa=0&dma=0&_fid=c8Sm9eWChWtHHyK03MPfm0&cid=920295900.1731381290&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731381289&sct=1&seg=0&dl=https%3A%2F%2Fngl.link%2Fval.dhs%2Fconfessions&dt=%40val.dhs&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&ep.origin=firebase&tfd=978
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5DV1ZR5ZHG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ngl.link/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ngl.link
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 03:14:49 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 phone-numbers-lib-83d27e42ca1e315a3645d261b1fa8bae.js Show response
js.stripe.com/v3/fingerprinted/js/ 148 KB
37 KB 7ms
6ms Script
text/javascript 13.226.34.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-83d27e42ca1e315a3645d261b1fa8bae.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.34.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-34-18.ewr53.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7c871ac22da030c8700eeb06ea407294892b75299cf07fb29a1f5b900e45401a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ngl.link/

Response headers

content-encoding: gzip
etag: W/"cb56b5378e094a41f5f71dbea0291836"
age: 2736
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: vxrKpSA5-bYv7WsM9Q0JuQ1aMu99Y9nNmfSVEDewTw1pgeieTdLCwg==
date: Tue, 12 Nov 2024 02:29:14 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 08 Nov 2024 21:02:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-C2
server: Cloudfront

GET
H2 200 ngl.png
ngl.link/images/ 14 KB
14 KB 15ms
14ms Other
image/png 104.22.79.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ngl.link/images/ngl.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.79.252 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99b1edb0bd36fd3adeb5c98704073231b73fffe3dc78e835dbdc97b347cfac25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ngl.link/val.dhs/confessions

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "25d119447808fdc0a3724387d9486ab0aa5e87df3d4539cf663fda5b3d62f9c4"
age: 2925
x-cache: HIT
date: Tue, 12 Nov 2024 03:14:50 GMT
content-type: image/png
last-modified: Mon, 21 Oct 2024 01:22:53 GMT
x-served-by: cache-lga21921-LGA
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding
strict-transport-security: max-age=31556926
cache-control: max-age=14400
x-timer: S1729712592.432829,VS0,VE1
cf-ray: 8e135aa82b3e0fa5-EWR
accept-ranges: bytes
content-length: 14212
server: cloudflare

GET
H3 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame A9B2 0
0 7ms
6ms Document
text/html 13.226.34.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_128_GCM

Server

13.226.34.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-34-128.ewr53.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ngl.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2124
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 12 Nov 2024 02:39:31 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 08 Nov 2024 21:02:59 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2ef71b29bcfbfc8755cad5f92a3c329a.cloudfront.net (CloudFront)
x-amz-cf-id: 2zvlLY82C0MeLn6lRT3FpPvSbtedNHHWVuyYsSpkN_xhwRqGhoAGUg==
x-amz-cf-pop: EWR53-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response
js.stripe.com/v3/fingerprinted/js/ 176 B
545 B 15ms
15ms Script
text/javascript 13.226.34.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_128_GCM

Server

13.226.34.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-34-18.ewr53.r.cloudfront.net

Software

Cloudfront /

Resource Hash

07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ngl.link/

Response headers

etag: "96f5b26d366f47393b3ff36fe7471474"
age: 767
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: F4lGItExJIahE28zTsz-cX4Om_gJyDZ2qP6o8haPJbYGQWS5nNfsuA==
date: Tue, 12 Nov 2024 03:02:11 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 08 Nov 2024 21:02:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 1f4c9bd672bb89060a69b305de06ad0e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 176
x-amz-cf-pop: EWR53-C2
server: Cloudfront

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ngl.link/	1970-01-21 09:41:57	Name: mp_e8e1a30fe6d7dacfa1353b45d6093a00_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A1931e5de15b2af-0607d9f1b37e52-17462c6e-1d4c00-1931e5de15b2af%22%2C%22%24device_id%22%3A%20%221931e5de15b2af-0607d9f1b37e52-17462c6e-1d4c00-1931e5de15b2af%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.ngl.link/	1970-01-21 10:32:21	Name: _ga_5DV1ZR5ZHG Value: GS1.1.1731381289.1.0.1731381289.0.0.0
.ngl.link/	1970-01-21 10:32:21	Name: _ga Value: GA1.1.920295900.1731381290

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ngl.link/api/pageview Message: Failed to load resource: the server responded with a status of 500 ()
other	warning	URL: https://ngl.link/val.dhs/confessions Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://ngl.link/val.dhs/confessions Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other	warning	URL: https://ngl.link/val.dhs/confessions Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://ngl.link/val.dhs/confessions Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.mxpnl.com
cdn.simplelocalize.io
confess.ngl.link
firebase.googleapis.com
firebaseinstallations.googleapis.com
firebasestorage.googleapis.com
js.stripe.com
ngl.link
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
104.22.79.252
13.226.34.128
13.226.34.18
2600:1901:0:498c::
2606:4700:20::681a:d4f
2607:f8b0:4006:807::200a
2607:f8b0:4006:80a::2008
2607:f8b0:4006:816::200a
2607:f8b0:4006:81f::200e
2607:f8b0:4006:821::200a
2607:f8b0:4006:823::2003
2607:f8b0:4006:823::200a
063e9462f3246242dbc099cfe44e2f6c92063b56e98665970d55fabc881afd00
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
12c36a25e1d34c128839e6020f8bbabfc7c313852d1b6d23e5e9550fb98e9191
1f50b7aca474a78bab4ad2c52acc1d7069b0db128b8b3afc6fc1dda6e6383027
29f90e8e23bb0fcd8c6aa624f33b5016cd8fae3bc48dc0db7532f1f0e22aba44
4afb03c681843dcfad8bfa9e946d32adb8fcb706a1dd459face91823f58fe44a
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
7bbe7684eb6a67961ba3b5c9425ccadd5fedcb1902cdb472be693576abed78b8
7c871ac22da030c8700eeb06ea407294892b75299cf07fb29a1f5b900e45401a
99b1edb0bd36fd3adeb5c98704073231b73fffe3dc78e835dbdc97b347cfac25
9cbe98b118942ca3e2b1b675f94fcc19efa7b4d869ffd60c5df2bb6545f3278a
a17d2bc44ac70f5abf7fae9ea64186dd6e5b9088277044781adeb9cec373ab0f
bc94ac4cf8c40825ad44690336b1de510a0b5dd6428a5759b0cc5284dcdc7e08
bebcc6072cfc81ab313557dd8ff1f12d18107c04a3ba1d49bf091602bfce4e49
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cdf47d917624ac8cb0feaf89d010753fa26340ef309e4cc487db96c692346ac6
d8ebec8425d9076eb36da40d6179825f47cb94ebc9f7c2c2cf5e3720744e9709
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62
f16e20b1fa991f0de0d9030470a0e784dea94c5699a9398d4f87d928fb396b30
f1e05b0bcde329b4ad9069a30c173e1f1614debdf9212ae3deff8955ce83b974
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

ngl.link Open in urlscan Pro 104.22.79.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

75 %IPv6

8 Domains

12 Subdomains

12 IPs

2 Countries

490 kBTransfer

1589 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ngl.link Open in urlscan Pro
104.22.79.252 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

12
Subdomains

12
IPs

2
Countries

490 kB
Transfer

1589 kB
Size

3
Cookies

28 HTTP transactions
0 data transactions