app.itrustcapital.com Open in urlscan Pro
104.18.23.166  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

• https://shop.pe/widget/widget_async.js HTTP 301
• https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request login Show response app.itrustcapital.com/	6 KB 2 KB	741ms 675ms	Document text/html	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 056b1ee78d8b1b0e07ce97ccf794092b38d07fc0b4d696d32d1983b53b689799 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-methods POST, GET, OPTIONS, FETCH access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, must-revalidate, max-age=30 cf-cache-status DYNAMIC cf-ray 89e944945f7e2c1c-FRA content-encoding br content-type text/html cross-origin-opener-policy sameorigin date Fri, 05 Jul 2024 18:02:46 GMT expect-ct max-age=86400, enforce last-modified Thu, 04 Jul 2024 03:03:03 GMT permissions-policy interest-cohort=() referrer-policy strict-origin-when-cross-origin server cloudflare strict-transport-security max-age=10886400; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-frame-options sameorigin x-xss-protection 1; mode=block
GET H3	200	b0c48d399f00e41b.css app.itrustcapital.com/_next/static/css/	32 KB 7 KB	216ms 216ms	Stylesheet text/css	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.itrustcapital.com/_next/static/css/b0c48d399f00e41b.css Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e22d4d2b6fd5c3719670bea7bcb61eb47758c78f3a1476eedef142e4bf205baa Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Origin https://app.itrustcapital.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:46 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag W/"50796167" expect-ct max-age=86400, enforce vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, FETCH content-type text/css access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() x-frame-options sameorigin cf-ray 89e94498cd3a2c1c-FRA
GET H3	200	9c74e3d1b2ad2bd5.css app.itrustcapital.com/_next/static/css/	63 KB 12 KB	671ms 670ms	Stylesheet text/css	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.itrustcapital.com/_next/static/css/9c74e3d1b2ad2bd5.css Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7cb48760adf0bc000ed01d47aab5f3693a97cb5f61c3011f297eb6e549d08fd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Origin https://app.itrustcapital.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:47 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag W/"50796167" expect-ct max-age=86400, enforce vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, FETCH content-type text/css access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() x-frame-options sameorigin cf-ray 89e94498cd402c1c-FRA
GET H3	200	webpack-ab9ac2916a600315.js Show response app.itrustcapital.com/_next/static/chunks/	2 KB 2 KB	694ms 693ms	Script text/javascript	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.itrustcapital.com/_next/static/chunks/webpack-ab9ac2916a600315.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f93dde727c85af9508fa10ce0d56d9426717ef362140645ea71bdf0d608a165 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Origin https://app.itrustcapital.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:47 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag W/"50796167" expect-ct max-age=86400, enforce vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, FETCH content-type text/javascript access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() x-frame-options sameorigin cf-ray 89e94498cd442c1c-FRA
GET H3	200	framework-2224397ff1138491.js Show response app.itrustcapital.com/_next/static/chunks/	138 KB 45 KB	695ms 693ms	Script text/javascript	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.itrustcapital.com/_next/static/chunks/framework-2224397ff1138491.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c91c19ffccd38706c6253aa32770f0a4161d70c784c7ac9889c840b2e4cdd3af Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Origin https://app.itrustcapital.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:47 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag W/"50796167" expect-ct max-age=86400, enforce vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, FETCH content-type text/javascript access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() x-frame-options sameorigin cf-ray 89e94498cd452c1c-FRA
GET H3	200	main-189098d68d18c406.js Show response app.itrustcapital.com/_next/static/chunks/	107 KB 32 KB	695ms 693ms	Script text/javascript	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.itrustcapital.com/_next/static/chunks/main-189098d68d18c406.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 032eff660681dd8dee6bd2f9188eaadab36ec748735a7b43a60a224ccb52d46a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Origin https://app.itrustcapital.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:47 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag W/"50796167" expect-ct max-age=86400, enforce vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, FETCH content-type text/javascript access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() x-frame-options sameorigin cf-ray 89e94498cd462c1c-FRA
GET H3	200	_app-5361717041efb9f6.js Show response app.itrustcapital.com/_next/static/chunks/pages/	2 MB 692 KB	753ms 751ms	Script text/javascript	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d952ad7048aba5a21bad8f25e99267f32a65e3682da3dbdd5148bb9b59b81e6 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Origin https://app.itrustcapital.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:47 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag W/"50796167" expect-ct max-age=86400, enforce vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, FETCH content-type text/javascript access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() x-frame-options sameorigin cf-ray 89e94498cd492c1c-FRA
GET H3	200	bdf4c4e8-233f2dfadf821327.js Show response app.itrustcapital.com/_next/static/chunks/	300 KB 86 KB	695ms 693ms	Script text/javascript	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.itrustcapital.com/_next/static/chunks/bdf4c4e8-233f2dfadf821327.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57aeec10414009f606c653a9104f82fdd248aa872d2f93ea32a02f32524933f9 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Origin https://app.itrustcapital.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:47 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag W/"50796167" expect-ct max-age=86400, enforce vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, FETCH content-type text/javascript access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() x-frame-options sameorigin cf-ray 89e94498cd4b2c1c-FRA
GET H3	200	4288-e0000bfbb34d8b13.js Show response app.itrustcapital.com/_next/static/chunks/	182 KB 58 KB	695ms 694ms	Script text/javascript	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.itrustcapital.com/_next/static/chunks/4288-e0000bfbb34d8b13.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5424e53c036ac60f7b300bc7dc95cb130224e272c116a89f641dee5105788fe9 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Origin https://app.itrustcapital.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:47 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag W/"50796167" expect-ct max-age=86400, enforce vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, FETCH content-type text/javascript access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() x-frame-options sameorigin cf-ray 89e94498cd4f2c1c-FRA
GET H3	200	7705-deb9408a77f58f9a.js Show response app.itrustcapital.com/_next/static/chunks/	548 KB 114 KB	695ms 694ms	Script text/javascript	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.itrustcapital.com/_next/static/chunks/7705-deb9408a77f58f9a.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92b2124ab693d0a2ca7d6798cb0e7948e73ece1033559cbe44562d70d5dc7d15 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Origin https://app.itrustcapital.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:47 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag W/"50796167" expect-ct max-age=86400, enforce vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, FETCH content-type text/javascript access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() x-frame-options sameorigin cf-ray 89e94498cd532c1c-FRA
GET H3	200	login-237137caf8b36b8c.js Show response app.itrustcapital.com/_next/static/chunks/pages/	338 B 619 B	695ms 694ms	Script text/javascript	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.itrustcapital.com/_next/static/chunks/pages/login-237137caf8b36b8c.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44a2022541c50ff5b4d7aef9ac90c3486be51b0f6c73a4564c2b6ad19daf176a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Origin https://app.itrustcapital.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:47 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag W/"50796167" expect-ct max-age=86400, enforce vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, FETCH content-type text/javascript access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() x-frame-options sameorigin cf-ray 89e94498cd552c1c-FRA
GET H3	200	_buildManifest.js Show response app.itrustcapital.com/_next/static/07-zrU3jDPEaWaH45JApv/	10 KB 3 KB	696ms 695ms	Script text/javascript	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.itrustcapital.com/_next/static/07-zrU3jDPEaWaH45JApv/_buildManifest.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63a1c4ad5ae1d2a54538fadc4c162fe83c6c6322b18c53ad17666b652e1f94a0 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Origin https://app.itrustcapital.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:47 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag W/"50796167" expect-ct max-age=86400, enforce vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, FETCH content-type text/javascript access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() x-frame-options sameorigin cf-ray 89e94498cd562c1c-FRA
GET H3	200	_ssgManifest.js Show response app.itrustcapital.com/_next/static/07-zrU3jDPEaWaH45JApv/	77 B 453 B	714ms 713ms	Script text/javascript	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.itrustcapital.com/_next/static/07-zrU3jDPEaWaH45JApv/_ssgManifest.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Origin https://app.itrustcapital.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:47 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag W/"50796167" expect-ct max-age=86400, enforce vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, FETCH content-type text/javascript access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() x-frame-options sameorigin cf-ray 89e94498cd582c1c-FRA
GET H2	200	7f85a56ba4.css use.fontawesome.com/	1 KB 870 B	117ms 49ms	Stylesheet text/css	2606:4700:3037::ac43:8ef5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/7f85a56ba4.css Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:48 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Sep 2023 00:57:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1489 etag W/"8360eb270b919a1fb4776bc448d9ed14" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h9qxqKgGvKVR76aVzRENwHdsj0PyXWA6HR0%2BuQtmiVyF5xZ8mxbMRMW0jni2dktGPvMKvACJ6zjXCVfc1cM7Ns5Kmd%2B%2FPl8tRw6TXiBzN%2BbGmX2D2diDSZInaAfH2rghR86tc214COSth8TMkAMU809g"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=1800 cf-ray 89e944a39fcd9b28-FRA alt-svc h3=":443"; ma=86400
GET H2	200	embed2.js Show response static.ada.support/	6 KB 3 KB	85ms 24ms	Script text/javascript	18.66.147.113 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.ada.support/embed2.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.113 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-113.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 9191f967ad46d21548319754d2c5357d32dd3d2061bfade9f4d8ef77edfdc476 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id KgI4hTVIBNEibXglVR3UV3ob0dZnvBrZ content-encoding gzip via 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront) date Fri, 05 Jul 2024 04:43:51 GMT strict-transport-security max-age=63072000; includeSubdomains; preload age 47938 x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 07 Nov 2023 14:05:46 GMT server AmazonS3 etag W/"2d160b64ffb01229b42a64129e51af9d" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type text/javascript access-control-allow-origin * access-control-expose-headers ETag cache-control max-age: 300 vary Accept-Encoding x-amz-cf-id Kfu9llXBsPsARx0pZHYeVRceoKR-DBVHTJI2bj5zgHCyNZ1xBoytEg==
GET H2	200	font-awesome-css.min.css use.fontawesome.com/releases/v4.7.0/css/	30 KB 7 KB	43ms 43ms	Stylesheet text/css	2606:4700:3037::ac43:8ef5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/7f85a56ba4.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://use.fontawesome.com/7f85a56ba4.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:48 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Sep 2023 01:44:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1024790 etag W/"36082410df2ef7f83932219089dc1443" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jdIo3VAvQsJFMk7UeOKbUpWpFoQT5dDoUkBL9W65splZR64KWsg3AOzqlV2pcp%2FDL63TilZugJ%2FK7zyaAvpEzpxKwOZLpHO%2FkmQyfmFlwRdzYD1rVV8SWZnbRSjmXpT%2BWddkVOTMuoe3NdNimVMbDfCx"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 89e944a3f8679b28-FRA alt-svc h3=":443"; ma=86400
OPTIONS H2	204	init docv-prod-api.alloy.co/auth/ Frame	0 0	945ms 636ms	Preflight	52.21.185.113 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://docv-prod-api.alloy.co/auth/init Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.21.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-21-185-113.compute-1.amazonaws.com Software envoy / Express Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type,x-alloy-sdk-platform,x-alloy-sdk-version,x-parent-domain Access-Control-Request-Method POST Origin https://app.itrustcapital.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type,x-alloy-sdk-platform,x-alloy-sdk-version,x-parent-domain access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * date Fri, 05 Jul 2024 18:02:48 GMT server envoy strict-transport-security max-age=63072000; preload vary Access-Control-Request-Headers x-content-type-options nosniff x-envoy-upstream-service-time 0 x-frame-options sameorigin x-powered-by Express x-xss-protection 1; mode=block
POST H2	201	init Show response docv-prod-api.alloy.co/auth/	278 B 585 B	156ms 156ms	Fetch application/json	52.21.185.113 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://docv-prod-api.alloy.co/auth/init Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.21.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-21-185-113.compute-1.amazonaws.com Software envoy / Express Resource Hash 2b234fe28caf3c64a9266b58d077f1d3e3d510a1c826b1d1004ec433c6e95d57 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 X-Alloy-Sdk-Version 1 X-Parent-Domain User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-mobile ?0 Content-Type application/json X-Alloy-Sdk-Platform Web Referer https://app.itrustcapital.com/ sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:49 GMT strict-transport-security max-age=63072000; preload x-content-type-options nosniff server envoy x-powered-by Express etag W/"116-6L2H5F56isMkZ76DZ8DWAFiSe6A" x-frame-options sameorigin content-type application/json; charset=utf-8 access-control-allow-origin * x-envoy-upstream-service-time 27 content-length 278 x-xss-protection 1; mode=block
GET H3	200	live Show response app.itrustcapital.com/health/	5 KB 2 KB	202ms 201ms	Fetch text/html	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.itrustcapital.com/health/live Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 656cec56623af05b4724338cf77f8cd662496a975ecf60ebf977a1c7b64766c3 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:48 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin expect-ct max-age=86400, enforce vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, FETCH content-type text/html access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() x-frame-options sameorigin cf-ray 89e944a43d422c1c-FRA
POST H3	200	graphql Show response dataschema-gateway.itrustcapital.com/	182 B 586 B	210ms 210ms	Fetch application/graphql-response+json	104.18.22.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dataschema-gateway.itrustcapital.com/graphql Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.22.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 416d2b98f45ec80632c8a0d78248e67de3891bac09c019a55fa3260268b4bf58 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" x-correlation-id a9e3537d-8e0a-4ea2-b706-dbca7188f29a x-client-version 20240703.5 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 content-type application/json accept */* Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://app.itrustcapital.com/ x-session-id 8ece2a79-700c-4c28-bb1d-d01725755e34 x-client portfolio sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:49 GMT strict-transport-security max-age=2592000 x-correlation-id a9e3537d-8e0a-4ea2-b706-dbca7188f29a cf-cache-status DYNAMIC x-content-type-options nosniff x-session-id 8ece2a79-700c-4c28-bb1d-d01725755e34 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block request-context appId=cid-v1:f91b720c-9ffe-440d-893d-0345c8cc7453 referrer-policy strict-origin-when-cross-origin server cloudflare cross-origin-opener-policy sameorigin expect-ct max-age=86400, enforce x-frame-options sameorigin content-type application/graphql-response+json; charset=utf-8 access-control-allow-origin * permissions-policy interest-cohort=() cf-ray 89e944a9db343a8a-FRA
OPTIONS H3	204	graphql dataschema-gateway.itrustcapital.com/ Frame	0 0	883ms 807ms	Preflight	104.18.22.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dataschema-gateway.itrustcapital.com/graphql Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.22.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type,x-client,x-client-version,x-correlation-id,x-session-id Access-Control-Request-Method POST Origin https://app.itrustcapital.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type,x-client,x-client-version,x-correlation-id,x-session-id access-control-allow-methods POST access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 89e944a4cc323a8a-FRA cross-origin-opener-policy sameorigin date Fri, 05 Jul 2024 18:02:49 GMT expect-ct max-age=86400, enforce permissions-policy interest-cohort=() referrer-policy strict-origin-when-cross-origin request-context appId=cid-v1:f91b720c-9ffe-440d-893d-0345c8cc7453 server cloudflare x-content-type-options nosniff x-frame-options sameorigin x-xss-protection 1; mode=block
GET H2	200	gtm.js Show response www.googletagmanager.com/	343 KB 107 KB	102ms 45ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WJSPK6Q Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a87621150136e64376644cfa276cf0aab63886f2511303a63ad2db0424d891f2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:48 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 109565 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 05 Jul 2024 18:02:48 GMT
GET H2	200	fortress-elements-js.min.js Show response elements.fortressapi.com/libs/	1 MB 463 KB	556ms 400ms	Script application/javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://elements.fortressapi.com/libs/fortress-elements-js.min.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/main-189098d68d18c406.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5ac4b0860edddc1afdc4a30efff8834fa18bbc5218283ec74abb95f9dae93e9f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:48 GMT content-encoding br last-modified Mon, 09 Oct 2023 13:43:44 GMT etag W/"0x8DBC8CDC1DDBBE1" vary Accept-Encoding x-azure-ref 20240705T180248Z-r195c4c79d9pv4v8ynec0b5q9n0000000410000000016res content-type application/javascript x-ms-request-id f9edeec8-101e-0050-69e8-cc805d000000 cache-control public, max-age=300 x-cache TCP_HIT x-ms-version 2018-03-28 x-fd-int-roxy-purgeid 0 x-cache-info L1_T2
GET H2	200	alloy_sdk_bundle.js Show response scripts.alloy.com/2/1/	249 KB 57 KB	498ms 365ms	Script text/javascript	18.165.227.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://scripts.alloy.com/2/1/alloy_sdk_bundle.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/main-189098d68d18c406.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.227.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-227-97.lhr61.r.cloudfront.net Software AmazonS3 / Resource Hash a86cdeb287023eead418469bc46cbf7ff508300d44fbc15b249ff62c56372b6d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:49 GMT content-encoding gzip via 1.1 ba381fd8a09812137895a0eea1f07744.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 21:14:47 GMT server AmazonS3 x-amz-cf-pop LHR61-P5 x-amz-server-side-encryption AES256 etag W/"7d62e5faa158d13580f8221fdaa54e58" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type text/javascript x-amz-cf-id E-7dQXg0GKUHzmAZB_yI5dlAkq1soJ4TFjoEZJ3DXtPzEwBN-dDI6Q==
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 983 B	84ms 33ms	Script text/javascript	2a00:1450:4001:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 2657935e468a24a6a7c5e62921feb0d59d6453f8d142be8a86a9521b6c7b654e Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:48 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 05 Jul 2024 18:02:48 GMT
GET H3	200	signInBackground.69988e06.png app.itrustcapital.com/_next/static/media/	886 KB 886 KB	361ms 360ms	Image image/png	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://app.itrustcapital.com/_next/static/media/signInBackground.69988e06.png Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5949c34d54b73370332290a4a4734e90e32b1c42da56dcb28ea3f5d7f97dee95 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:48 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 content-length 907047 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag "50796167" expect-ct max-age=86400, enforce x-frame-options sameorigin access-control-allow-methods POST, GET, OPTIONS, FETCH content-type image/png access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() cf-ray 89e944a48dd42c1c-FRA
GET H3	200	9c74e3d1b2ad2bd5.css Show response app.itrustcapital.com/_next/static/css/	63 KB 0	0ms 0ms	Fetch text/css	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.itrustcapital.com/_next/static/css/9c74e3d1b2ad2bd5.css Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7cb48760adf0bc000ed01d47aab5f3693a97cb5f61c3011f297eb6e549d08fd Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:47 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag W/"50796167" expect-ct max-age=86400, enforce vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, FETCH content-type text/css access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() x-frame-options sameorigin cf-ray 89e94498cd402c1c-FRA
GET H3	200	signInImg1.7f615498.png app.itrustcapital.com/_next/static/media/	165 KB 166 KB	351ms 350ms	Image image/png	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://app.itrustcapital.com/_next/static/media/signInImg1.7f615498.png Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50db7ed8a6381246ca1b847eac8d53a793930c9cd76672bd680e8d5a934589d1 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:48 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 content-length 169271 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag "50796167" expect-ct max-age=86400, enforce x-frame-options sameorigin access-control-allow-methods POST, GET, OPTIONS, FETCH content-type image/png access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() cf-ray 89e944a49df22c1c-FRA
GET H3	200	signInImg2.169cac3d.png app.itrustcapital.com/_next/static/media/	296 KB 297 KB	356ms 356ms	Image image/png	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://app.itrustcapital.com/_next/static/media/signInImg2.169cac3d.png Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd9341370ae546e51b10ea0e6896c43106b193886afb544632055766ff72130d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:48 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 content-length 303507 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag "50796167" expect-ct max-age=86400, enforce x-frame-options sameorigin access-control-allow-methods POST, GET, OPTIONS, FETCH content-type image/png access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() cf-ray 89e944a49df42c1c-FRA
GET H2	200	embed-manifest.json Show response static.ada.support/	136 B 697 B	76ms 26ms	Fetch application/json	18.66.147.113 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.ada.support/embed-manifest.json Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.113 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-113.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 28b9f7662884a25cd4f08e4df4090f417683187bf0d8b630f2d9dfa2ee66eb0d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id jWgM3eePR9nBHkC9lUwUNJlh9bb12.5c date Fri, 05 Jul 2024 13:08:24 GMT via 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront) strict-transport-security max-age=63072000; includeSubdomains; preload age 17665 x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 136 last-modified Tue, 25 Jun 2024 20:10:52 GMT server AmazonS3 etag "1ae9bf2b0da5a221a8269bd31b816305" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * access-control-expose-headers ETag vary Accept-Encoding accept-ranges bytes x-amz-cf-id zqG0GjdmL2aPZULkiN3fDPePx7RDch3SysbZNsWN_KQs-sosVTy0Rw==
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/	536 KB 213 KB	87ms 26ms	Script text/javascript	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Origin https://app.itrustcapital.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 11:04:54 GMT content-encoding gzip x-content-type-options nosniff age 25074 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 217833 x-xss-protection 0 last-modified Sun, 23 Jun 2024 08:01:07 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 05 Jul 2025 11:04:54 GMT
GET H2	200	embed2.1ccd0e0.js Show response static.ada.support/	184 KB 55 KB	28ms 28ms	Script text/javascript	18.66.147.113 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.ada.support/embed2.1ccd0e0.js Requested by Host: static.ada.support URL: https://static.ada.support/embed2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.113 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-113.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash dd5fa2b888f78a405af5608733377fae819db28ce1af372326059530be0036f9 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id Iid5q2eodKMR06HT2rssOcsmfKpXLIJG content-encoding gzip via 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront) date Fri, 05 Jul 2024 11:18:20 GMT strict-transport-security max-age=63072000; includeSubdomains; preload age 24269 x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 25 Jun 2024 20:01:05 GMT server AmazonS3 etag W/"aaa7c87c930c3e0db39f73c665e2c2a9" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type text/javascript access-control-allow-origin * access-control-expose-headers ETag cache-control 172800 vary Accept-Encoding x-amz-cf-id mFbgG06aqFno4TGeZ1CMI_Gwzy_iwNgjc-WMlkMKVhcx_h9kw6OS3Q==
POST H2	202	rum Show response rum.browser-intake-us3-datadoghq.com/api/v2/	53 B 334 B	801ms 427ms	Fetch application/json	20.69.148.154 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rum.browser-intake-us3-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cservice%3Aportfolioweb&dd-api-key=pub883c3a3891ad7708fe11e87d24d4d40f&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=b06e1a43-935f-4348-ae76-840c85fb8d0e&batch_time=1720202568537 Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.69.148.154 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 07878030f07a41a66a156159b646a3ae83f43b4004e73e56b809a0c1d2ce589e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 05 Jul 2024 18:02:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff accept-encoding identity,gzip,x-gzip,deflate,x-deflate,zstd content-type application/json access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 53 dd-request-id b06e1a43-935f-4348-ae76-840c85fb8d0e
GET H2	200	js Show response www.googletagmanager.com/gtag/	352 KB 110 KB	48ms 47ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-ST60YTNLZS&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJSPK6Q Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d2919808ac65fc8f09766e194c1d0c7ad7a02e2bdb26ee6708e5650b38a8d9fc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:48 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 112745 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 05 Jul 2024 18:02:48 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	266 KB 92 KB	40ms 40ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-743367249&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJSPK6Q Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8ae2799e3bf40a65b0c0e2ff66deb052d87c005f8a731720e4f3fcc963306bbf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:48 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93941 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 05 Jul 2024 18:02:48 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	153ms 47ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJSPK6Q Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Fri, 05 Jul 2024 18:02:47 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 201756A8B51644739CE587F92F8A22CF Ref B: FRAEDGE1313 Ref C: 2024-07-05T18:02:48Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	121ms 33ms	Script application/javascript	146.75.120.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJSPK6Q Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:48 GMT content-encoding gzip last-modified Fri, 22 Mar 2024 21:07:24 GMT x-amz-server-side-encryption AES256 etag "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip" vary Accept-Encoding,Host x-cache HIT, HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15412 x-served-by cache-iad-kiad7000168-IAD, cache-fra-etou8220119-FRA
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	222 KB 59 KB	77ms 23ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 05 Jul 2024 18:02:48 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58293 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=22, rtx=0, c=12, mss=1328, tbw=2811, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug eCA6yhC5LNCu7tMjrmiI80XSXvP4DcROgay7Py8Aio1AmAZpLqqe8/xqVDuUNhbgsQOl2SAKFG9RV+Y8pbC2Og== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	widget_async.js Show response d2mjzob2nc713b.cloudfront.net/widget/ Redirect Chain https://shop.pe/widget/widget_async.js https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js	3 KB 2 KB	89ms 22ms	Script application/javascript	2600:9000:26e8:0:d:370a:51c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H2 Server 2600:9000:26e8:0:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8f235d19f5cf10061b266c784723b2829a7acab9b88ac8924b5aac3d0be0b438 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://app.itrustcapital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 05 Jul 2024 17:27:21 GMT content-encoding gzip via 1.1 950827d16996e598fc854bddb58b3ff0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P10 age 2128 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 1192 last-modified Mon, 20 May 2024 15:33:23 GMT server AmazonS3 etag "5bcfe272ba6cc455636cdb5e7f6bce0c" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=3600, public accept-ranges bytes x-amz-cf-id SFgQVBN2WJqmdmjnikS-Rar2MJWJhPqqLjcsjCYuDnGBDh7TJrvFoQ== x-amz-meta-mtime 1716219202.04 Redirect headers date Fri, 05 Jul 2024 18:02:48 GMT content-security-policy frame-ancestors none; referrer-policy no-referrer-when-downgrade strict-transport-security max-age=31536000; includeSubDomains via 1.1 google server nginx x-frame-options deny content-type text/html location https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 162
GET H2	200	events.js Show response tags.srv.stackadapt.com/	22 KB 8 KB	191ms 117ms	Script text/javascript	18.195.151.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/events.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.195.151.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-151-101.eu-central-1.compute.amazonaws.com Software / Resource Hash 8865c556e35168f27a758bf1ceb9e74394783b3a1c0acc6226074f1741e4849f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Fri, 05 Jul 2024 18:02:48 GMT cache-control max-age=5 content-encoding gzip content-type text/javascript
GET H3	200	tag.js Show response www.itrustcapital.com/proxydirectory/tags/811210196090/	47 KB 15 KB	194ms 176ms	Script application/javascript	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.itrustcapital.com/proxydirectory/tags/811210196090/tag.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92ab501b21cbe8214e43e1df2a6e86afe748dd6e6793e9a63d71fdc88c5c9d85 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:48 GMT via 1.1 2e727a8c78efdc43baa0571190ea0f4a.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-amz-cf-pop AMS58-P2 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id c9fff5d2-3af8-11ef-ba27-11c376a90f2b referrer-policy strict-origin-when-cross-origin server cloudflare cross-origin-opener-policy sameorigin expect-ct max-age=86400, enforce vary Accept-Encoding x-frame-options sameorigin content-type application/javascript; charset=UTF-8 cache-control max-age=1800 permissions-policy interest-cohort=() cf-ray 89e944a5bf4a2c1c-FRA x-robots-tag noindex, nofollow x-amz-cf-id pomRqPBHHH02WvWT6ZUEVaTKoi3QnNmDWy4kB4vVR1DXIP15q4PY6Q==
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	5 KB 3 KB	239ms 144ms	Script application/javascript	104.126.37.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=COG4FC3C77U0UU2BSGGG&lib=ttq Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 72ae2eaf5cc5747f3aac2c6e7da5ac64ceeeba5e63483e4cdef021390a3f370f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 4c2aa300 date Fri, 05 Jul 2024 18:02:48 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240705180248C4E6E79D407D39F50448-179907E02C5118A8-00 x-cache TCP_MISS from a104-126-37-159.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) server-timing inner; dur=4, cdn-cache; desc=MISS, edge; dur=4, origin; dur=108 content-length 1932 pragma no-cache server nginx x-tt-logid 20240705180248C4E6E79D407D39F50448 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 108,104.126.37.159 x-tt-trace-host 013de2ff59b67152c9e07fa2f4ad3e36603d42b42ed8033e86534cd02e2e6a45cddba8bb3860351de5884f1c679ed432b2de89760342843f983318d52a58f722ea6db2ebf404881c5ad2abf0ab313833dfb200103887fe063ee6e8137d8edacb08 expires Fri, 05 Jul 2024 18:02:48 GMT
POST H2	204	collect Show response region1.analytics.google.com/g/	0 248 B	102ms 35ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-ST60YTNLZS&gtm=45je4730v892984232z8812818833za200zb812818833&_p=1720202568368&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1497375416.1720202569&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1720202568&sct=1&seg=0&dl=https%3A%2F%2Fapp.itrustcapital.com%2Flogin&dt=iTrustCapital%20Log%20In&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2951&_z=fetch Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 05 Jul 2024 18:02:48 GMT server Golfe2 content-type text/plain access-control-allow-origin https://app.itrustcapital.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 257 B	105ms 37ms	Ping text/plain	2a00:1450:400c:c07::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ST60YTNLZS&cid=1497375416.1720202569&gtm=45je4730v892984232z8812818833za200zb812818833&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1&npa=1&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ST60YTNLZS&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 05 Jul 2024 18:02:48 GMT server Golfe2 content-type text/plain access-control-allow-origin https://app.itrustcapital.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	87ms 54ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ST60YTNLZS&cid=1497375416.1720202569&gtm=45je4730v892984232z8812818833za200zb812818833&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1&npa=1&frm=0&z=1953987740 Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 05 Jul 2024 18:02:48 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	anchor www.google.com/recaptcha/api2/ Frame 7A13	0 0	117ms 55ms	Document text/html	2a00:1450:4001:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcAzR8pAAAAADyFcBAUckaQsDKddejlodVRRsOF&co=aHR0cHM6Ly9hcHAuaXRydXN0Y2FwaXRhbC5jb206NDQz&hl=de&type=image&v=rKbTvxTxwcw5VqzrtN-ICwWt&theme=light&size=invisible&badge=bottomright&cb=p7wkc0ymhsws Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-EUsD-TxxQnE8RAAXQpxGZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://app.itrustcapital.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-EUsD-TxxQnE8RAAXQpxGZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 05 Jul 2024 18:02:48 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	532305200903080 Show response connect.facebook.net/signals/config/	58 KB 12 KB	87ms 85ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/532305200903080?v=2.9.160&r=stable&domain=app.itrustcapital.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d6cbd85f252970b83bcff349f8de73f764539669e335b36b52570684e19aee96 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 05 Jul 2024 18:02:48 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=22, rtx=0, c=65, mss=1328, tbw=63839, tp=-1, tpl=-1, uplat=62, ullat=0 pragma public x-fb-debug bXTbmOHrzb7Ch1VBZXgjqkZWJVPYITntA4RkCGYnlFRNnafJKYvRzI2YpxGX8A5OegWRn3jWCWQHLcguvpaM/A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	adsct t.co/1/i/	43 B 377 B	363ms 238ms	Image image/gif	93.184.221.165 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=2f719708-e4b6-4269-af52-63de163853cf&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=567adb47-3e82-44c2-822a-b4998bae1904&tw_document_href=https%3A%2F%2Fapp.itrustcapital.com%2Flogin&tw_iframe_status=0&txn_id=oi0qa&type=javascript&version=2.3.30 Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-response-time 198 date Fri, 05 Jul 2024 18:02:48 GMT strict-transport-security max-age=0 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 734e17a57cab9208 cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash c00a04f2decde9a18d03cc9b60f75f5a85a2a83c6570810865dbc09b0bd4fcbe content-length 43
GET H2	200	adsct analytics.twitter.com/1/i/	43 B 724 B	291ms 216ms	Image image/gif	104.244.42.195 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=2f719708-e4b6-4269-af52-63de163853cf&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=567adb47-3e82-44c2-822a-b4998bae1904&tw_document_href=https%3A%2F%2Fapp.itrustcapital.com%2Flogin&tw_iframe_status=0&txn_id=oi0qa&type=javascript&version=2.3.30 Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.195 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-response-time 192 date Fri, 05 Jul 2024 18:02:48 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id c4fc328a546e3ed9 cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash 30139b728ddbd6cd38e6a3f3d35ca8bf6bd364cc26dc4ebed76feb2cae73246c content-length 43
GET H2	204	134632242.js Show response bat.bing.com/p/action/	0 116 B	53ms 51ms	Script text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/134632242.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Fri, 05 Jul 2024 18:02:47 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: F5CC184A83644997A20EF9626A903562 Ref B: FRAEDGE1313 Ref C: 2024-07-05T18:02:48Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 286 B	114ms 114ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=134632242&tm=gtm002&Ver=2&mid=267ef64f-7b0f-47de-ae81-13819f630eed&sid=ca0729903af811ef93129d2ad85c511e&vid=ca075ce03af811ef92b26b5bb90f60a2&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=iTrustCapital%20Log%20In&p=https%3A%2F%2Fapp.itrustcapital.com%2Flogin&r=&lt=2520&evt=pageLoad&sv=1&rn=849328 Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 05 Jul 2024 18:02:47 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: E9FD9A19BBE9419D8AF315CC37ADF0A2 Ref B: FRAEDGE1313 Ref C: 2024-07-05T18:02:48Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sa.css tags.srv.stackadapt.com/	65 B 203 B	119ms 118ms	Stylesheet text/css	18.195.151.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/sa.css Requested by Host: tags.srv.stackadapt.com URL: https://tags.srv.stackadapt.com/events.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.195.151.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-151-101.eu-central-1.compute.amazonaws.com Software / Resource Hash cb9871f2ff76bca5a6d90a0dd0e21b7a670dc20654a3de8e6fa56fae887cd940 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Fri, 05 Jul 2024 18:02:48 GMT cache-control only-if-cached, no-transform, private, max-age=7776000 content-length 65 content-type text/css
GET H2	200	sa.jpeg Show response tags.srv.stackadapt.com/	651 B 2 KB	165ms 112ms	Fetch image/jpeg	18.195.151.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/sa.jpeg Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.195.151.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-151-101.eu-central-1.compute.amazonaws.com Software / Resource Hash 598dd222cde20dd6eac212705b918410f043aa277c6671ae3f34e5a02fb41f4e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Fri, 05 Jul 2024 18:02:48 GMT cache-control only-if-cached, no-transform, private, max-age=7776000 content-length 651 content-type image/jpeg
POST		pageInfo www.itrustcapital.com/proxydirectory/811210196090/	0 0
GET H2	200	main.MWU2NDEzYzJiMQ.js Show response analytics.tiktok.com/i18n/pixel/static/	344 KB 99 KB	28ms 28ms	Script application/javascript	104.126.37.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMQ.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=COG4FC3C77U0UU2BSGGG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 8b5eaf40218075cea5deeb7f5b1f281030c970a307707acb1a2057518c64a902 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 4c2aa49d date Fri, 05 Jul 2024 18:02:48 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202407021144244262C3681013B57575A4 x-tt-trace-id 00-2407021144244262C3681013B57575A4-5D68583136918CD8-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a104-126-37-159.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01baafe28d948399e1b4f93a621530cab6c5584cbd8e4ede4a20ced471555c12765d5f8ba26b4f00cd11e80307ae46eae3a4cecb051993b342ecf0efee7ef34bafe410c84d5b16bfa7bc7698293a66ee5c994f125da33712945d1aa4b6d5d532f2 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3 content-length 100295
GET H2	200	/ www.facebook.com/tr/	0 274 B	80ms 23ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=532305200903080&ev=PageView&dl=https%3A%2F%2Fapp.itrustcapital.com%2Flogin&rl=&if=false&ts=1720202568853&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720202568851.12351943431809063&ler=empty&cdl=API_unavailable&it=1720202568738&coo=false&rqm=GET Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1328, tbw=2816, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 05 Jul 2024 18:02:48 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	269ms 213ms	Image image/png	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=532305200903080&ev=PageView&dl=https%3A%2F%2Fapp.itrustcapital.com%2Flogin&rl=&if=false&ts=1720202568853&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720202568851.12351943431809063&ler=empty&cdl=API_unavailable&it=1720202568738&coo=false&rqm=FGET Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x7ccbb157fab2973c","source_keys":["1","2"]},{"key_piece":"0xd72d97e2f9e4963c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Fri, 05 Jul 2024 18:02:49 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388213773731513162", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=22, rtx=0, c=12, mss=1328, tbw=3134, tp=-1, tpl=-1, uplat=189, ullat=0 pragma no-cache x-fb-debug qO9O8cnYEgK5KmuI+htXutUvqI7+2mg+v/WintH+8K9D3WiGiU4VgLZSujMh0evsWOEuJkatNhVP45CpXYfOYA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388213773731513162"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	identify_ce1d8843.js Show response analytics.tiktok.com/i18n/pixel/static/	146 KB 39 KB	29ms 29ms	Script application/javascript	104.126.37.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 4c2aa59f date Fri, 05 Jul 2024 18:02:48 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 2024052114000028360ABE5A822A9D157C x-tt-trace-id 00-24052114000028360ABE5A822A9D157C-65016C1984D6CF15-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a104-126-37-159.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 014a16450144a70267c8331d4ff43712d8e1aa548e71da4501fa7daafd5dc4fa2e2bfc0ce1813575125b39d9c0622b18aa7a2faed0f58404ba50a9eb55dc4b0a6f83daf2b9d2bf3c974a7138e6f9d1152019d91868398d1a2c7281abe5fab4e5ef server-timing cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=4 content-length 39703
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 846 B	169ms 169ms	Ping text/plain	104.126.37.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 32f63a71.4c2aa5bc date Fri, 05 Jul 2024 18:02:49 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2407051802485531EF149CC8B6F4DF63-38BC106A2DA5581A-00 x-cache TCP_MISS from a104-126-37-159.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) x-parent-response-time 135,104.126.37.159 server-timing cdn-cache; desc=MISS, edge; dur=104, origin; dur=38, inner; dur=31 content-length 0 pragma no-cache server nginx x-tt-logid 202407051802485531EF149CC8B6F4DF63 x-cache-remote TCP_MISS from a23-48-200-83.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 38,23.48.200.83 x-tt-trace-host 013de2ff59b67152c9e07fa2f4ad3e36605549f862709d8e734bc0fa2453cf614788653f4ba4e9c04e5b39c30443f429bd1335b6025508c6b3a452997faab8842f3cab45c99082612da524e60fda83a253ed621ebea15f2e633f59c654bd03f4a88f3002343d479a9d9ba1a51d8eae0a54 access-control-allow-headers Authorization,* expires Fri, 05 Jul 2024 18:02:49 GMT
POST H2	202	rum Show response rum.browser-intake-us3-datadoghq.com/api/v2/	53 B 335 B	409ms 408ms	Fetch application/json	20.69.148.154 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rum.browser-intake-us3-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cservice%3Aportfolioweb&dd-api-key=pub883c3a3891ad7708fe11e87d24d4d40f&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=c512ac02-bff4-44b2-960b-5dbee57ce4fe&batch_time=1720202568927 Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.69.148.154 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 896188ab48e605a4443444539865b09653f5011421c1aa9e058f49dcb3065841 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 05 Jul 2024 18:02:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff accept-encoding identity,gzip,x-gzip,deflate,x-deflate,zstd content-type application/json access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 53 dd-request-id c512ac02-bff4-44b2-960b-5dbee57ce4fe
GET H2	200	triggerRunner.js Show response d2mjzob2nc713b.cloudfront.net/widget/	11 KB 4 KB	22ms 22ms	Script application/javascript	2600:9000:26e8:0:d:370a:51c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2mjzob2nc713b.cloudfront.net/widget/triggerRunner.js?v=53f4a9a Requested by Host: shop.pe URL: https://shop.pe/widget/widget_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26e8:0:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 45fdcedbeb833ea40206c98dfcbfa73842f72d53f166a26b47ecc3b01a55286d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 02:03:49 GMT content-encoding gzip via 1.1 950827d16996e598fc854bddb58b3ff0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P10 age 316740 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 3876 last-modified Mon, 20 May 2024 15:33:23 GMT server AmazonS3 etag "f774f3054b32067929bcaf42657d6bb0" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=2592000, public accept-ranges bytes x-amz-cf-id TIiIEe3C0fLnLaSfsck817ak37tDj6UPyRcbD9wNCHzI8Gw7KbAHqg== x-amz-meta-mtime 1716219202.02
GET H2	200	saq_pxl Show response tags.srv.stackadapt.com/	116 B 313 B	119ms 116ms	XHR text/plain	18.195.151.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/saq_pxl?uid=D_TorA2PnPxFCN1bWvN5RQ&is_js=true&landing_url=https%3A%2F%2Fapp.itrustcapital.com%2Flogin&t=iTrustCapital%20Log%20In&tip=30ucrcMmFkzwB4Mo_eLyG_Lc_XTJ3ezSM8CSUHFJWvc&host=https%3A%2F%2Fapp.itrustcapital.com&sa_conv_data_css_value=%270-6607cc4c-99b7-5afc-7a38-762df91a68d8%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd96607cc4c99b75afc7a38762df91a68d85413afb7&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIBzsIsZHvoG0fW3pNiRL49aSYdlJV3gnfKBPMLolaFPDEHwYBCDI6qC0BjABOgRpr-VwQgQU0rmm.CO8YBp4qI8G40ohJ7wLJSnwhLDYCJsH%252BAA9C0FVTqPA&sa-user-id-v2=s%253AZgfMTJm3Wvx6OHYt-Rpo2FQTr7c.s3t6CAlHRd4HuzZtHmRZPFwQRlP4pjgDmaIIVXvrqLc&sa-user-id=s%253A0-6607cc4c-99b7-5afc-7a38-762df91a68d8.GyswUnAcCcNVj%252FsMcwQgDx7JvYptIHTAPzmRMQ3giwY Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.195.151.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-151-101.eu-central-1.compute.amazonaws.com Software / Resource Hash 169953e0503cde2d5ce979a140186ee23901cf7c8253cc32bc463d94ad91a80f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin https://app.itrustcapital.com date Fri, 05 Jul 2024 18:02:49 GMT access-control-allow-credentials true access-control-allow-headers * content-length 116 access-control-allow-methods GET content-type text/plain; charset=utf-8
GET H2	200	widget.js Show response d2mjzob2nc713b.cloudfront.net/widget/	194 KB 50 KB	31ms 30ms	Script application/javascript	2600:9000:26e8:0:d:370a:51c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=2a338b8 Requested by Host: shop.pe URL: https://shop.pe/widget/widget_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26e8:0:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2bb8bd87e231ac9f9f22c98b1aae09d04ffc1bed75d096dacf0e629473151074 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 02:03:49 GMT content-encoding gzip via 1.1 950827d16996e598fc854bddb58b3ff0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P10 age 316739 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 50190 last-modified Mon, 20 May 2024 15:33:24 GMT server AmazonS3 etag "41961d3c766c3993d219e2cc934e33c0" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=2592000, public accept-ranges bytes x-amz-cf-id XcI1WWmh37w1Khx-ClWN5uFhNfeahGpJMRfONqBPenuPtucQJS9Lmw== x-amz-meta-mtime 1716219200.28
POST H/1.1	204 No Content	report www.mczbf.com/811210196090/	0 416 B	115ms 28ms	Ping text/plain	2600:9000:20eb:f400:16:4ed5:12c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.mczbf.com/811210196090/report Requested by Host: www.itrustcapital.com URL: https://www.itrustcapital.com/proxydirectory/tags/811210196090/tag.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:f400:16:4ed5:12c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 05 Jul 2024 18:02:49 GMT Via 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront) Server nginx X-Amz-Cf-Pop FRA2-C1 X-Cache Miss from cloudfront Access-Control-Allow-Origin * Connection keep-alive X-Robots-Tag noindex, nofollow X-Amz-Cf-Id A1VW4QU7z1q1fFoiCzsMPh1Ur3AqUid6He1eJb4aatSag59jWdes7A== X-Request-ID ca3a1816-3af8-11ef-902e-55c5d0d5cccb
POST		pageInfo www.itrustcapital.com/proxydirectory/811210196090/	0 0
POST H/1.1	204 No Content	report www.mczbf.com/811210196090/	0 416 B	251ms 251ms	Ping text/plain	2600:9000:20eb:f400:16:4ed5:12c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.mczbf.com/811210196090/report Requested by Host: www.itrustcapital.com URL: https://www.itrustcapital.com/proxydirectory/tags/811210196090/tag.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:f400:16:4ed5:12c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 05 Jul 2024 18:02:49 GMT Via 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront) Server nginx X-Amz-Cf-Pop FRA2-C1 X-Cache Miss from cloudfront Access-Control-Allow-Origin * Connection keep-alive X-Robots-Tag noindex, nofollow X-Amz-Cf-Id fcsKZ7IS3Vg5H0ytpqWBCBm2ZRdfFm5oJsWoPEwcuCN8vQbrV7dOSA== X-Request-ID ca6d3618-3af8-11ef-902e-55c5d0d5cccb
POST H2	202	rum Show response rum.browser-intake-us3-datadoghq.com/api/v2/	53 B 334 B	446ms 445ms	Fetch application/json	20.69.148.154 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rum.browser-intake-us3-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cservice%3Aportfolioweb&dd-api-key=pub883c3a3891ad7708fe11e87d24d4d40f&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=cf8c938c-3456-44b5-a34b-a3cb6a0c86d9&batch_time=1720202569199 Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.69.148.154 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 1d347aa295950b13bd94630616f55b255b0f18b247f14716f0f293cb50bb37b1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 05 Jul 2024 18:02:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff accept-encoding identity,gzip,x-gzip,deflate,x-deflate,zstd content-type application/json access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 53 dd-request-id cf8c938c-3456-44b5-a34b-a3cb6a0c86d9
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 705 B	229ms 228ms	Ping text/plain	104.126.37.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 4c2aa94c date Fri, 05 Jul 2024 18:02:49 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240705180249FC9D5752E8964DE8E115-3BD1BEE7856F9EDE-00 x-cache TCP_MISS from a104-126-37-159.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) server-timing inner; dur=18, cdn-cache; desc=MISS, edge; dur=7, origin; dur=113 content-length 0 pragma no-cache server nginx x-tt-logid 20240705180249FC9D5752E8964DE8E115 access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 113,104.126.37.159 x-tt-trace-host 013de2ff59b67152c9e07fa2f4ad3e36603d42b42ed8033e86534cd02e2e6a45cde54a3aaf39ee5f27825aff8564e0434ef3eb1d97080c2585392f6fe63ce799f5055e3d42036822b8ebc066bb2b6c81fe4518b73dc8769617a398dd5522fae0a9 access-control-allow-headers Authorization,* expires Fri, 05 Jul 2024 18:02:49 GMT
POST H2	200	httpapi Show response api2.amplitude.com/2/	94 B 309 B	201ms 201ms	Fetch application/json	54.69.96.217 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api2.amplitude.com/2/httpapi Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.69.96.217 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-69-96-217.us-west-2.compute.amazonaws.com Software / Resource Hash edfa27cb3e5077b8b4a5eb8feb3e06b1c9566615faedf51acbc1a353c5385b68 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Accept */* Referer https://app.itrustcapital.com/ sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:50 GMT strict-transport-security max-age=15768000 access-control-max-age 86400 access-control-allow-methods GET, POST content-type application/json access-control-allow-origin * trace-id Root=1-6688354a-27cb796a66e4edcc3a4b1477 content-length 94
OPTIONS H2	200	httpapi api2.amplitude.com/2/ Frame	0 0	608ms 196ms	Preflight	54.69.96.217 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api2.amplitude.com/2/httpapi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.69.96.217 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-69-96-217.us-west-2.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://app.itrustcapital.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET, POST access-control-allow-origin * access-control-max-age 86400 content-length 0 date Fri, 05 Jul 2024 18:02:49 GMT strict-transport-security max-age=15768000
GET H2	200	75d29e98-b787-442d-a1b5-6585eb5b2ef7 Show response docv-prod-api.alloy.co/client/public/	1 KB 1 KB	193ms 192ms	Fetch application/json	52.21.185.113 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://docv-prod-api.alloy.co/client/public/75d29e98-b787-442d-a1b5-6585eb5b2ef7 Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.21.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-21-185-113.compute-1.amazonaws.com Software envoy / Express Resource Hash 62a0c955e582fe129f5a70dacea21ca5f6423e12f651e8a816b50229e6a85863 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" alloy-journey-application-sync true Accept-Language de-DE,de;q=0.9;q=0.9 X-Alloy-Sdk-Version 1 X-Parent-Domain Authorization Bearer eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0..Z3ZKfJPKKCbBB6YZ.f7Zyc_Xe48LCClw9e0iEjAbN-x8aEhE_3xxrtRICyk8vnZQqVtZLFLC-05ABicY-fsO9EEZ3bf9LKsoF0W_N7N6P5BQmaMMJITUf1kYWAcNxX8lCyIr6lcA158gpb6dZDu3eEZqHtlzM5squ_sxLQSvNzTTXSqnCVraNxJQid_uI7QRrMw.gNXVLxdXPee3zcMP698wlQ sec-ch-ua-mobile ?0 Content-Type application/json X-Alloy-Sdk-Platform Web User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Referer https://app.itrustcapital.com/ sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:49 GMT strict-transport-security max-age=63072000; preload x-content-type-options nosniff server envoy x-powered-by Express etag W/"45e-gCZ8+18eWI04nh9i2zlc5vSjZlI" x-frame-options sameorigin content-type application/json; charset=utf-8 access-control-allow-origin * x-envoy-upstream-service-time 64 content-length 1118 x-xss-protection 1; mode=block
OPTIONS H2	204	75d29e98-b787-442d-a1b5-6585eb5b2ef7 docv-prod-api.alloy.co/client/public/ Frame	0 0	128ms 128ms	Preflight	52.21.185.113 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://docv-prod-api.alloy.co/client/public/75d29e98-b787-442d-a1b5-6585eb5b2ef7 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.21.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-21-185-113.compute-1.amazonaws.com Software envoy / Express Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers alloy-journey-application-sync,authorization,content-type,x-alloy-sdk-platform,x-alloy-sdk-version,x-parent-domain Access-Control-Request-Method GET Origin https://app.itrustcapital.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers alloy-journey-application-sync,authorization,content-type,x-alloy-sdk-platform,x-alloy-sdk-version,x-parent-domain access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * date Fri, 05 Jul 2024 18:02:49 GMT server envoy strict-transport-security max-age=63072000; preload vary Access-Control-Request-Headers x-content-type-options nosniff x-envoy-upstream-service-time 0 x-frame-options sameorigin x-powered-by Express x-xss-protection 1; mode=block
GET H2	200	params Show response shop.pe/widget/main/init/	260 B 750 B	144ms 144ms	Script text/javascript	35.227.244.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://shop.pe/widget/main/init/params?siteid=6593d032ccdbb10f3b2cbaff&product=iTrustCapital%20Log%20In&product_url=https%3A%2F%2Fapp.itrustcapital.com%2Flogin&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fapp.itrustcapital.com%2Flogin&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&sos=false&rand=44747&cookie=&referer= Requested by Host: d2mjzob2nc713b.cloudfront.net URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=2a338b8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 1.244.227.35.bc.googleusercontent.com Software nginx / Resource Hash 0c4aa014e5493c5e3d2d478196ec46545e1ab3d6ba6b8132296f30774d114e10 Security Headers Name Value Content-Security-Policy frame-ancestors none; Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options deny Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:49 GMT content-security-policy frame-ancestors none; content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 google p3p policyref="/w3c/p3p.xml", CP="CAO PSA OUR" backend-version 47 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 data-regulation-gdpr-enforced true referrer-policy no-referrer-when-downgrade server nginx etag W/"040abc73f954b6125095c306115ddb9f3fe40f9c" x-frame-options deny access-control-allow-methods POST, GET, OPTIONS, DELETE, PATCH content-type text/javascript access-control-allow-origin https://my.addshoppers.com access-control-allow-credentials true access-control-allow-headers X-Requested-With, Content-Type, X-XSRFToken
GET H3	200	favicon.ico app.itrustcapital.com/	34 KB 3 KB	354ms 354ms	Other image/vnd.microsoft.icon	104.18.23.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.itrustcapital.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.23.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 068c5d3981970315964b639b64254fba880d9ee4afd0628ed33c7f8996a0fe51 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:49 GMT strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Jul 2024 03:03:03 GMT server cloudflare cross-origin-opener-policy sameorigin etag W/"50796167" expect-ct max-age=86400, enforce x-frame-options sameorigin access-control-allow-methods POST, GET, OPTIONS, FETCH content-type image/vnd.microsoft.icon access-control-allow-origin * cache-control public, must-revalidate, max-age=30 permissions-policy interest-cohort=() cf-ray 89e944ab4dfc2c1c-FRA
GET H3	200	params Show response shop.pe/widget/main/init/	1 KB 671 B	150ms 149ms	Script text/javascript	35.227.244.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://shop.pe/widget/main/init/params?siteid=6593d032ccdbb10f3b2cbaff&product=iTrustCapital%20Log%20In&product_url=https%3A%2F%2Fapp.itrustcapital.com%2Flogin&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fapp.itrustcapital.com%2Flogin&callback=AddShoppersWidget.load_widget&rand=24809&cookie=2%7C1%3A0%7C10%3A1720202569%7C15%3Aaddshoppers.com%7C44%3ANjU2ZTVmYjRmYjQyNGQzYjkwOTMxNjRjZjA0ZDRkMmU%3D%7Ca760b590f76f44b375b1dde24ddb3e9f7a78852ab967c8d2e8d85771c4028b27&referer= Requested by Host: d2mjzob2nc713b.cloudfront.net URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=2a338b8 Protocol H3 Security QUIC, , AES_128_GCM Server 35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 1.244.227.35.bc.googleusercontent.com Software nginx / Resource Hash bff8c2141d3fbcf141aed7d0678c83d522751d1e16282abec61cde6ec21cd4b2 Security Headers Name Value Content-Security-Policy frame-ancestors none; Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options deny Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:49 GMT content-security-policy frame-ancestors none; content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 google p3p policyref="/w3c/p3p.xml", CP="CAO PSA OUR" backend-version 47 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 data-regulation-gdpr-enforced true referrer-policy no-referrer-when-downgrade server nginx etag W/"b323ea0c319e21c7a5676f087655e354e6566920" x-frame-options deny access-control-allow-methods POST, GET, OPTIONS, DELETE, PATCH content-type text/javascript access-control-allow-origin https://my.addshoppers.com access-control-allow-credentials true access-control-allow-headers X-Requested-With, Content-Type, X-XSRFToken
GET H/1.1	200 OK	c980e285ff48473491a3609012c71c50.js Show response addshoppers.s3.amazonaws.com/customize/6593d032ccdbb10f3b2cbaff/	873 B 1 KB	433ms 144ms	Script application/javascript	3.5.29.162 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://addshoppers.s3.amazonaws.com/customize/6593d032ccdbb10f3b2cbaff/c980e285ff48473491a3609012c71c50.js?_t=1706014061 Requested by Host: d2mjzob2nc713b.cloudfront.net URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=2a338b8 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.29.162 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 27c0f75465ec67df1e5018adad3f61b9d55b968a8954abf8c4dae37245fe1d55 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Jul 2024 18:02:51 GMT Content-Encoding gzip x-amz-version-id QaQjEiEjN0HjknuFlTJD5A9.IiUNQ2M0 Last-Modified Tue, 23 Jan 2024 12:47:43 GMT Server AmazonS3 x-amz-request-id 7A2Y1DP772BM9S8X ETag "394408c7c20d2610d808168e18b56ed0" x-amz-server-side-encryption AES256 Content-Type application/javascript; charset=utf-8 Cache-Control max-age=2592000, public Accept-Ranges bytes Content-Length 483 x-amz-id-2 Lw7OdYiFCpOAxppvd626cW9929pKQas3VT+K0GvU/s+J//C9nfXhQFU44whH/VwTr8UyiC5Ey97iVHVSXSyKelaUPTPaDQ15PE/ZsNrNsr0=
GET H2	200	input.js Show response shopper.shop.pe/	26 KB 9 KB	184ms 25ms	Script application/javascript	35.190.54.17 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://shopper.shop.pe/input.js Requested by Host: shop.pe URL: https://shop.pe/widget/widget_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 17.54.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash 620a97911c6964bfc7cfacf4df74b3ba598ef728f2117675d171e4c62d500add Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 15:13:06 GMT content-encoding gzip age 10183 x-guploader-uploadid ACJd0NpvPdKR0-O0_QIHsopBxvporhGbFEbxAK-qeg7_V5gpw9WH2TXMUYJW86u0u8KtaxWS0A x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8831 last-modified Tue, 13 Feb 2024 16:47:53 GMT server UploadServer etag "d311745e83077b078fa566c77a15d9b5" vary Accept-Encoding x-goog-generation 1707842873418606 x-goog-hash crc32c=mi0bhQ==, md5=0xF0XoMHewePpWbHehXZtQ== access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin cache-control public, max-age=14400 x-goog-stored-content-length 8831 accept-ranges bytes content-type application/javascript; charset=utf-8 expires Fri, 05 Jul 2024 19:13:06 GMT
GET H2	200	status Show response app.shop.pe/app/datapartners/	34 B 500 B	214ms 142ms	XHR application/json	35.227.244.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app.shop.pe/app/datapartners/status?usersite_id=6593d032ccdbb10f3b2cbaff Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 1.244.227.35.bc.googleusercontent.com Software nginx / Resource Hash b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options deny Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:49 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip via 1.1 google server nginx etag W/"0467ba22658b680d6de72dc567071b5bc495547f" x-frame-options deny access-control-allow-methods POST, GET, OPTIONS, DELETE, PATCH p3p policyref="/w3c/p3p.xml", CP="CAO PSA OUR" access-control-allow-origin * content-type application/json; charset=UTF-8 access-control-allow-credentials true access-control-allow-headers X-Requested-With, Content-Type, X-XSRFToken alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	devicer.min.js Show response scripts.alloy.com/	41 KB 12 KB	363ms 363ms	Script application/javascript	18.165.227.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://scripts.alloy.com/devicer.min.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.227.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-227-97.lhr61.r.cloudfront.net Software AmazonS3 / Resource Hash 7987b00fc873ae5e25b9220d900537c3f3e72bc72f4c2d0ef9981e589a3aac3c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:51 GMT content-encoding gzip via 1.1 ba381fd8a09812137895a0eea1f07744.cloudfront.net (CloudFront) last-modified Thu, 30 Mar 2023 14:11:45 GMT server AmazonS3 x-amz-cf-pop LHR61-P5 x-amz-server-side-encryption AES256 etag W/"a9b687ac5b02886eefbb098c4495522b" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript x-amz-cf-id VJld-2dIk3HtGE6On40qTSxFZWu8kwHGkFZeZPqIz7kj_CycWvI82Q==
HEAD H2	200	consent Show response manage.safeopt.com/	0 834 B	226ms 137ms	XHR text/html	35.227.244.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://manage.safeopt.com/consent Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 1.244.227.35.bc.googleusercontent.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options deny Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 18:02:50 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 google p3p policyref="/w3c/p3p.xml", CP="CAO PSA OUR" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 data-regulation-gdpr-enforced true server nginx etag "da39a3ee5e6b4b0d3255bfef95601890afd80709" x-frame-options deny access-control-allow-methods HEAD, GET, POST content-type text/html; charset=UTF-8 access-control-allow-origin * access-control-expose-headers Data-Regulation-Gdpr-Enforced access-control-allow-credentials true access-control-allow-headers X-Requested-With, Content-Type, Data-Regulation-Gdpr-Enforced
GET H2	200	iframe nytrng.com/ Frame 413F	0 0	507ms 177ms	Document text/html	75.2.91.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nytrng.com/iframe?vcp=4dd5h0np&as_id=656e5fb4fb424d3b9093164cf04d4d2e Requested by Host: d2mjzob2nc713b.cloudfront.net URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=2a338b8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.91.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a954c1fc80b8251dc.awsglobalaccelerator.com Software gunicorn / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://app.itrustcapital.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-length 420 content-type text/html; charset=utf-8 date Fri, 05 Jul 2024 18:02:50 GMT server gunicorn
POST H3	200	triggered_email_attribution Show response app.shop.pe/app/	29 B 69 B	145ms 144ms	XHR application/json	35.227.244.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app.shop.pe/app/triggered_email_attribution Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 1.244.227.35.bc.googleusercontent.com Software nginx / Resource Hash 85ad9c4586b439a1f2ce5516c218bed3c64110ac93bb7c916894240392503053 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options deny Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Response headers date Fri, 05 Jul 2024 18:02:50 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip via 1.1 google server nginx x-frame-options deny access-control-allow-methods POST, GET, OPTIONS, DELETE, PATCH p3p policyref="/w3c/p3p.xml", CP="CAO PSA OUR" access-control-allow-origin * content-type application/json; charset=UTF-8 access-control-allow-credentials true access-control-allow-headers X-Requested-With, Content-Type, X-XSRFToken alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
OPTIONS H2	204	triggered_email_attribution app.shop.pe/app/ Frame	0 0	140ms 139ms	Preflight	35.227.244.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app.shop.pe/app/triggered_email_attribution Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 1.244.227.35.bc.googleusercontent.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options deny Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://app.itrustcapital.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Requested-With, Content-Type, X-XSRFToken access-control-allow-methods POST, GET, OPTIONS, DELETE, PATCH access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Jul 2024 18:02:50 GMT server nginx strict-transport-security max-age=31536000; includeSubDomains via 1.1 google x-frame-options deny
OPTIONS H2	202	ingestion device.alloy.com/api/ Frame	0 0	430ms 129ms	Preflight	3.219.44.247 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://device.alloy.com/api/ingestion?format=raw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.219.44.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-219-44-247.compute-1.amazonaws.com Software istio-envoy / Resource Hash Request headers Accept */* Access-Control-Request-Headers attributes,domain,pkey Access-Control-Request-Method GET Origin https://app.itrustcapital.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attributes,domain,pkey,tokenFormat access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE, HEAD access-control-allow-origin https://app.itrustcapital.com access-control-max-age 3600 content-length 0 date Fri, 05 Jul 2024 18:02:50 GMT server istio-envoy x-envoy-upstream-service-time 1
GET H2	200	ingestion Show response device.alloy.com/api/	207 B 682 B	421ms 165ms	XHR text/plain	3.219.44.247 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://device.alloy.com/api/ingestion?format=raw Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.219.44.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-219-44-247.compute-1.amazonaws.com Software istio-envoy / Resource Hash 6f15bfd8ac5be7b620c7d95c3e0d7d9a04ec79e1a5b7766c2d661d276c47fc90 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 domain BYFxAcGcC4HpYIbnAOgJYgE4FdIgMZIYIA2K+A9gLZA pkey GYDgrA7MCGBsCcBaaBTATEgLBWBjRIAjPGIgMwQqzQBGu8umYsQA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-mobile ?0 Referer https://app.itrustcapital.com/ attributes N4IgzgJg1gagpgJzASwPYDsQC4QEYB0uIANCAK5iIDCGl6ALtvQmXKQMYb1wAejOAC1QBbOAAcAhgHM4JEBPrNkAIzLcw2UPWSiAqg2QAbKhMOHsIACyXcAJjkVEAQRkMLAWVQAvI4YkB6AFZ8AAYAAgAKAHVkdAhUAHcwMIA5ABUw3BDQgG4wmPQANks8nmKASjCnMTFDOCi4ZQBpZHoggGYAdnx2wsimgAk09wAZYjDDZCg4MIBxOHYoVEqqAQQROH87QtDd8IBlCQAzCQRkDu7euQTGiDOAN0QLE8NKOT90KTJpWRwIOAAtP85JxDKgEAARcT0AQWWyWOT-e7IdhwdxwYTggCeFgAHHIxMgeHBDAAlBRoCxEUiE4mGKFiGFwhGkcHIOAMCkYNJYsS-EAfCBgdgSPkAsRnYSnHGkASnCAJU5wGjodhkBAIDnsHE4OxyVBqRCkuBgVCGNRoTC6wohEI8Oy266xeIJY2m83aDBUm12h0hOTCzUct1mi1e622+22R2kCT3CRGCTKOr7dhB9Ahj2W72Rv1ybSiLwYOAAeSOR0o-BAAId+Z0cCL6H5AFF1ag+f4AEKISaYUiUMAoDD7ejgn4WZisd6oEWGEdjmQTliyUjO3hwCAQ5RLqexiAQbty5Hg56mN6svnoCEKJMSN44F7nkC1BRHcHCCwFdr2GnmqSxDQcAABQhAAxMIYHZG4EAAHyA8F6CTOowghGcyFEBgwlA98FBggAeUVahRLl0H8MQICOGDyKOHJuD4MiKKoiiAD5iFWdZRDCEDwMguBoLghCkJmVC1Qw+gsJw+h8MIyYRU9UjqKYmi6LaRTqNY9iRGQdCuLAiCoMQASEEQ5NhLQsSJIQKUpIImpZJIhjKOo2jeFUxj1OIdwUXWU0jnE5sIBkXSeIM2D4OMoSUPMjlxOwqzcNsoi5MtRylJc+i1JY4gGmaVowlUIx6ABWJgqMkzkJE9CYss6zpLs4j5NS5yVKaliQQkdB4zAAoIFiKQLCxE12s6u9QL6xAJViKsIBvLAdB+MjPhyZQ7zgYpiBCSxbHYCAbQ3TplFxQJOgo3AJFsOBAgkEJbCOABOOBOnaXBUWuRopEMMbPgms43AfCB2lxW1AkCZRAhCI5LGUctLGKCRAiOCBbu2CBOk6I43uUD7mz4Dkh3QQCQCcFJZhGZsAH0AMQ1UN3J04EAkLEwByZsAA00nJ0y4nJ4RYilHgWfZ8n2EmMRha4dZDEFjnQXBTmyHLRByblQwjnJo4wQUaXyf+RkBGFvxhDEbWNdQBRObqOITYZqQdehARtbEM0sSkDBydQctKwNiQje1sA5X+BByZU9U4HJsEIG1kPNXFo3NUHS1OcZdgo9c0PY4lE18fJhApHoFO2Y56Ow6OQqlY65BTWYdsUVTvh095jU5ZFn2xdHcmNxkP3SVmTschLZt9g7uoxMpuJeHJsgpv7wf1eUVAc45QOeeQMQpWNgeh7AamZoQCA7YeClHmZzfg7TmPTa10-i-VzX6HD2I4FOGeh5vlW1cv+gX7P+uY-f2+zb317E-BA39HjGQnvTRm7tlAACsFhfyiM2TspNxZgiDqoRWQdP45CQSgkYGd46UH3jfO8+dcHINQZwOOWdaY3zgOQvBVCRCZ0HHQ8+YcGHsFwBQ-BhDaEkI4eTMA7RGGUIIdQ1hxCf70HTiI-Owjc7KF4ag-4qhbaanHpqIOsQ3wqIIWosgtt-YSEDszJhBj7YyNDvonWDMEjyyweY8R4dUCUHFgwVytjhBkEMNoOxEgEi2KdoYF2btMTAlIDcLGhh4BIGzDgHKpNMihEiCWS8yTB5hFsKkzSvN0LlExh9Y0WiniJMaC0cSSSRhFNiUvE85TcqMCie9Qw+gpRgGmBAEpgcykgAAJKeMMGEfpZxkjpI5Jkz4j9antLvF0+AcQGkDKGSM1U+Bakji1EYTsrRCb+haTE-YAc+ojA6l8H4cT8afkaMk0m+wRhhCyQQcIEQJnoEyfsOYIwHlPK+S8sIeTtLCEKYc7G0ymzokQjNRCAw7ywhwJ0JMyh9xIyOPCQocBvyBHaIddFhRcSK1xLiXa8NNkB0QFC0xN44X+wsBAGw1LLA3WULgXE7BCiHQZUcR6nRLBIyBqDdglh8SyjvCMdkEAzmfG+DIQmk4VwgDlGACVG5MxhitCAR8irlWqogCWQm2q5C6slZ2dYSQ+lGtIPzNIBp2ACHglNfZ+p0C2rIPakcpx6D7DIDUBCG5TyvEVaOd1AhmyPAYD6v1ECICBqfBIMgvVUBUnhKESw7RLCdECLYLNuAbR8sxqSNIVA4S2lwFgXAygbQVpCFkLAtga24HLWtCAFbcRPSwMoVExBcSWEIHdQgWbCC4naCCVAqAoDsmbOgISsacAKunLOecNtlTjsnb8dAvjDCsjOP+dAugzgWAEIoMQYAsD+H8IRfArQWDbxFISRChh8DUP8GCPdchNQ8o1IgA9yALAYkZDKLVXB9nEFwMQWwYHcQQZCBB8Dth2gQcsBBwoxBAioeOmhu6xAbSInVCRMsJgzDYAQ9BkABYho4EcAgFwMUsBhFg2EawdhxjMdsDBMI0SIQPEQPRxjbHWM2HYxMc5sq4B8cEyxpjQmOOy0hPbCT0mpNsY40iFEaIMTYkUwJpTwnaQknJJ6bTQnJN6aJCSBkMJjPKZk2ENkMUSI8j5PRyDunJOWA4-Zzk8knCfDqNZ5DSmPNhDlHvRUmoVRqm-aqLEAX3OecNAgdV8k4tBY4wkZ0iRkuWlS8x4LgY4DBhNKGFLDH3PxbCHGBMfhTKpnTNljAuWbDBYo42UsnsGFNdwC1+sbX6OoaC4J6MHGBz42XT8Yz0YhshA42CJdo4V2TfA9J2wuAONrmJJuZQS2htrcq-uQ8cY0AIB2ytvb7YOTXhMqtU71hVuybEGQKgfhBy3a2ntl89A3xWTe-dsI8QUioHoGkBmixfsfb-ABcHsmOpdR6n1ejiGztDeCyKEaYAvoyAQJNBg9HoMrcC9Yb86XWmY5+lNFz-H02uesNmknMScbcAJpaM9mRBPZvZ+0enH0rk5bK9JnFnPudkiXogXj-PadI8l8LxZ8QTsS8sILgXXPOOtLmZ0tVovtHGaV9L1XMT1cLPqfLqnuvFcq+iR9LZqodl7J11L83wvjmmNOaJy5iB8b0eW5L9nwXLeGGnXujT0KaXwpc779nhQncUoQFSmFEhaUCC95H9nnQOMmo3NKi5cqdedFT+n8VkqGvoFz-nkLheNwGtLwLtP5eVWmvNZQE3qey82rtQ61ATqdf49p7iTzrr2+euMlGp2Mbu-s772EEN9rw0xRH-61tCvAg98V5PhNSa8cT8E4UKP+ui1UC97YbD0md+scCHdQIsm11TpnaZRf-Hz+BDPxf2bM5TDjZkDQCd7JtOP+f5fuzXdWIX9X-C-f-DjT9RAbREAiXP-JjR-DjN8BgVnEVZ-AbWGawDjGgMgTxCAMINIesFzI-EAAAXxIKAA sec-ch-ua-platform "Win32" Response headers access-control-allow-origin https://app.itrustcapital.com date Fri, 05 Jul 2024 18:02:51 GMT cache-control no-cache access-control-allow-credentials true x-envoy-upstream-service-time 37 server istio-envoy etag 535f06df-de26-4e69-87a4-9c8a1dddb428
POST H2	202	rum Show response rum.browser-intake-us3-datadoghq.com/api/v2/	53 B 334 B	374ms 373ms	Fetch application/json	20.69.148.154 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rum.browser-intake-us3-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cservice%3Aportfolioweb&dd-api-key=pub883c3a3891ad7708fe11e87d24d4d40f&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=2de58ea2-6a4d-4bb7-b91c-eaee17b6c9c4&batch_time=1720202571188 Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.69.148.154 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 561e710187691075858daf3e962c4df881e6864706b9fc5acbc2a0d05211ca47 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 05 Jul 2024 18:02:51 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff accept-encoding identity,gzip,x-gzip,deflate,x-deflate,zstd content-type application/json access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 53 dd-request-id 2de58ea2-6a4d-4bb7-b91c-eaee17b6c9c4
GET H/1.1	200 OK	snare.js Show response ci-mpsnare.iovation.com/	38 KB 13 KB	616ms 197ms	Script text/javascript	54.148.2.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ci-mpsnare.iovation.com/snare.js Requested by Host: app.itrustcapital.com URL: https://app.itrustcapital.com/_next/static/chunks/pages/_app-5361717041efb9f6.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.148.2.66 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-148-2-66.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 282f6553414a6bf281341572dd2e1124b87069738a89a72746c50f50328520de Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Fri, 05 Jul 2024 18:02:51 GMT Strict-Transport-Security max-age=15552000; includeSubDomains Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/javascript; charset=utf-8 p3p CP="NON DSP COR CURa" Cache-Control no-cache, private Connection keep-alive Expires 0
GET H/1.1	200 OK	logo.js Show response ci-mpsnare.iovation.com/script/	96 B 809 B	196ms 196ms	Script text/javascript	54.148.2.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ci-mpsnare.iovation.com/script/logo.js Requested by Host: ci-mpsnare.iovation.com URL: https://ci-mpsnare.iovation.com/snare.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.148.2.66 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-148-2-66.us-west-2.compute.amazonaws.com Software nginx / Resource Hash a69c240ede917a2a6913104253c93bf5522863bdf5d1a1a623035b50846a43ab Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.itrustcapital.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Jul 2024 18:02:51 GMT Strict-Transport-Security max-age=15552000; includeSubDomains Content-Encoding gzip Last-Modified Tue, 06 May 2014 00:01:40 GMT Server nginx Accept-CH Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version Transfer-Encoding chunked Content-Type text/javascript; charset=utf-8 p3p CP="NON DSP COR CURa" Cache-Control private Connection keep-alive Expires Sat, 05 Jul 2025 18:02:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.itrustcapital.com

URL

https://www.itrustcapital.com/proxydirectory/811210196090/pageInfo

Domain

www.itrustcapital.com

URL

https://www.itrustcapital.com/proxydirectory/811210196090/pageInfo