www.threatlocker.com Open in urlscan Pro
34.234.52.18  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://threatlocker.com/ HTTP 307
   https://threatlocker.com/ HTTP 301
   https://www.threatlocker.com/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2782332&time=1723824646602&url=https%3A%2F%2Fwww.threatlocker.com%2F&tm=gtmv2 HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2782332&time=1723824646602&url=https%3A%2F%2Fwww.threatlocker.com%2F&tm=gtmv2&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2782332%26time%3D1723824646602%26url%3Dhttps%253A%252F%252Fwww.threatlocker.com%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2782332&time=1723824646602&url=https%3A%2F%2Fwww.threatlocker.com%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2782332&time=1723824646602&url=https%3A%2F%2Fwww.threatlocker.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJNEnAP9Wq2FgAAAZFb9KxENBXPFondBITgvDQA7X4QYo7XRx6e5P7vLEb_UgFvdbQjzw

Request Chain 92

• https://insight.adsrvr.org/tags/qguk9l8/ebqujy4/iframe HTTP 301
• https://d1eoo1tco6rr5e.cloudfront.net/qguk9l8/ebqujy4/iframe

Request Chain 93

• https://insight.adsrvr.org/track/conv/?adv=qguk9l8&ct=0:5wdbbrz&fmt=3 HTTP 302
• https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=1e11446d-57d4-4e0b-8608-379acf6fdd26

Request Chain 94

• https://insight.adsrvr.org/track/evnt/?adv=qguk9l8&ct=0:ebqujy4&fmt=3 HTTP 302
• https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=079de1f1-86a9-45ad-8c26-33e2572a24d7

Request Chain 109

• https://www.googleadservices.com/pagead/conversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0 HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0&ct_cookie_present=false&random=1503922229&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIsKyanvP5hwMV_geICR2wNA6pMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggS HTTP 302
• https://www.google.com/pagead/1p-conversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0&ct_cookie_present=false&random=1503922229&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIsKyanvP5hwMV_geICR2wNA6pMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggS&is_vtc=1&cid=CAQSGwDpaXnf4lUTE5Lm-amXCARDlASQhk1fQ4RDiQ&random=2786524960

Request Chain 119

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/616220730/?random=64837161&cv=11&fst=1723824647847&bg=ffffff&guid=ON&async=1&gtm=45be48e0v890694919za200zb9115913288&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.threatlocker.com%2F&label=vGPiCPi3pNMDELqQ66UC&hn=www.googleadservices.com&frm=0&tiba=Enterprise%20Cybersecurity%20Solutions%20%7C%20ThreatLocker&gtm_ee=1&npa=0&pscdl=noapi&auid=1126181062.1723824646&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCKLFsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIz96tnvP5hwMVRgaICR2n9wCZMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggS HTTP 302
• https://www.google.com/pagead/1p-conversion/616220730/?random=64837161&cv=11&fst=1723824647847&bg=ffffff&guid=ON&async=1&gtm=45be48e0v890694919za200zb9115913288&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.threatlocker.com%2F&label=vGPiCPi3pNMDELqQ66UC&hn=www.googleadservices.com&frm=0&tiba=Enterprise%20Cybersecurity%20Solutions%20%7C%20ThreatLocker&gtm_ee=1&npa=0&pscdl=noapi&auid=1126181062.1723824646&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCKLFsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIz96tnvP5hwMVRgaICR2n9wCZMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggS&is_vtc=1&cid=CAQSGwDpaXnfp76VNJgWi6N_U7UWFFq92mjynVZsSA&random=4041893244

Request Chain 127

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3B95D35CA6F740999297F91661175D72&RedC=c.clarity.ms&MXFR=0449165FD2F7607E00470282D6F76E00 HTTP 302
• https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3B95D35CA6F740999297F91661175D72&MUID=13BB801683746B0D201A94CB82F06A13

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.threatlocker.com/ Redirect Chain http://threatlocker.com/ https://threatlocker.com/ https://www.threatlocker.com/	82 KB 19 KB	684ms 260ms	Document text/html	34.234.52.18 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.234.52.18 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-234-52-18.compute-1.amazonaws.com Software / Resource Hash cf50c16a18fb9fd34cdf0e79d7d77c2a7d2761222fed2bec6487176d20a0275b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 6084 content-encoding gzip content-length 18723 content-security-policy frame-ancestors 'self' content-type text/html date Fri, 16 Aug 2024 16:10:43 GMT feature-policy geolocation 'none' referrer-policy no-referrer strict-transport-security max-age=31536000; includeSubDomains vary x-wf-forwarded-proto, Accept-Encoding x-cache HIT x-cache-hits 1 x-cluster-name us-east-1-prod-hosting-red x-content-type-options nosniff x-frame-options SAMEORIGIN x-lambda-id ee519b5f-7bb0-4730-ace4-de2b1c97a2be x-served-by cache-iad-kjyo7100177-IAD x-timer S1723824643.067835,VS0,VE2 Redirect headers content-length 166 content-type text/html date Fri, 16 Aug 2024 16:10:42 GMT location https://www.threatlocker.com/ strict-transport-security max-age=31536000; includeSubDomains
GET H3	200	tl-build.bd60e10f1.min.css cdn.prod.website-files.com/6356c441ce34029b327802bf/css/	504 KB 93 KB	169ms 86ms	Stylesheet text/css	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/css/tl-build.bd60e10f1.min.css Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce46cee475b7499f551804fb13e8d4bb676084ff2484ee21107c58990ea8a0ea Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:43 GMT content-encoding gzip x-amz-version-id eztI9GZdiWnrCFWdmvcyT.vXoK5BNa79 cf-cache-status HIT x-amz-request-id TCCJC8FGXGMTMDG4 age 68927 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 94288 x-amz-id-2 G+DxDPDi+4njtrjsnnQguzRG07c2rFyYhf50Vs8tSR+dR5c3gXgZAncY0ZCrECXRP5XIrfyCsGXWYWurKy7QUcad7y8+2WbE last-modified Thu, 15 Aug 2024 21:01:25 GMT server cloudflare etag "690108e57b430be9533af737f47001e1" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000, immutable accept-ranges bytes cf-ray 8b42b2353a3e2ad9-LAX
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 6 KB	431ms 139ms	Script text/javascript	2607:f8b0:4006:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 11:32:56 GMT content-encoding gzip x-content-type-options nosniff age 16667 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5437 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 16 Aug 2025 11:32:56 GMT
GET H2	200	wpr3nqk.js Show response use.typekit.net/	19 KB 7 KB	584ms 146ms	Script text/javascript	2600:141b:1c00:8::1728:b330 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/wpr3nqk.js Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b330 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash aec1985c2e202be76f0fd0741b69a0413bccec9b28a45ee16e5f3e238c58657c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Fri, 16 Aug 2024 16:10:43 GMT server nginx vary Accept-Encoding content-type text/javascript;charset=utf-8 access-control-allow-origin * cache-control public, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 6865
GET H2	200	wpr3nqk.css use.typekit.net/	6 KB 1 KB	583ms 145ms	Stylesheet text/css	2600:141b:1c00:8::1728:b330 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/wpr3nqk.css Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b330 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 056b586b28e729158aae42933695501bf132d36d6fddbdb91950e59c56ff58d7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Fri, 16 Aug 2024 16:10:43 GMT server nginx vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 893
GET H3	200	6650bf337440b8c55ce509b6_Us_Navy_Seal_Logo.webp cdn.prod.website-files.com/6356c441ce34029b327802bf/	15 KB 16 KB	225ms 143ms	Image image/webp	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/6650bf337440b8c55ce509b6_Us_Navy_Seal_Logo.webp Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2eac1d5f890a70dc058b5821809f31ce8bf6b74ac7492d9a3e80f00b9cf30eae Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:43 GMT x-amz-version-id sChK6egXyuQ.zJbfEvaD4vcnbOutkpY1 cf-cache-status HIT x-amz-request-id Q10WS7PKYHQ234A1 age 1862829 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 15614 x-amz-id-2 Pq09f69IwDOSeAiepjImoazshM8uGGk65EkXlIwjUSUEs1MDPvvRrGj2898bzeC/octsA6jo+6M= last-modified Fri, 24 May 2024 16:24:21 GMT server cloudflare etag "3ee08f05598064d343a473beb10e6add" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8b42b2353a3c2ad9-LAX
GET H3	200	6650bf4ac278b77e6d3ca809_Jetblue_Logo.webp cdn.prod.website-files.com/6356c441ce34029b327802bf/	3 KB 3 KB	166ms 85ms	Image image/webp	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/6650bf4ac278b77e6d3ca809_Jetblue_Logo.webp Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21efd8c163b42f57f0289209a6232723d8b04a3cbf537c8403b95acce7f179c6 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:43 GMT x-amz-version-id mPFtrllemLAS1u2IhfTOVljzpMWtvx5X cf-cache-status HIT x-amz-request-id Q10YFBS1XDGTF1WJ age 3801380 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 2912 x-amz-id-2 Qt+PcJ3A48EjvBiL9a02ausKDhifqCOPI2TVruKSMXgKCPgckd5AiXWQhK8nOwOXDNUoW2lFdAg= last-modified Fri, 24 May 2024 16:24:43 GMT server cloudflare etag "e1947a85ff2b96d9f0da8dbe75407f39" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8b42b2353a3a2ad9-LAX
GET H3	200	6650c0038f14bd496ea9e320_Edelman_logo.webp cdn.prod.website-files.com/6356c441ce34029b327802bf/	2 KB 3 KB	288ms 287ms	Image image/webp	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/6650c0038f14bd496ea9e320_Edelman_logo.webp Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd55773000b67c2d6a7d7c25299889417d724859c736d0d99cdc76b7f324c1db Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:43 GMT x-amz-version-id cDeS0mlE1I.xl4qT6craUAhvKqw_ah2A cf-cache-status HIT x-amz-request-id Q10M8648TKJJT9VB age 1850260 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 2296 x-amz-id-2 Am8viqX63cLdOE8efkO44efJmvL3GmL3kMzBTp5hJ2VANTZKRH/5YJ8hAqE2ghLhmk46QYL1oUtVYaMPLz3Qcw== last-modified Fri, 24 May 2024 16:27:48 GMT server cloudflare etag "09bf01c846b2c8e3431f45c1a9ed165c" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8b42b235cacf2ad9-LAX
GET H3	200	6650c0c211fad4561ad1ee5a_Emirates_Catering_Logo.webp cdn.prod.website-files.com/6356c441ce34029b327802bf/	6 KB 7 KB	217ms 216ms	Image image/webp	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/6650c0c211fad4561ad1ee5a_Emirates_Catering_Logo.webp Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 324b0686e0107c2b8cda8052b5427c3ad76d9316a9f1cf10dc8aafab1970015e Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:43 GMT x-amz-version-id Ir6b9dn_U.bI5CxjlMJbxWqbc0f7gXbW cf-cache-status HIT x-amz-request-id Q10JHFVN6EZSEFMH age 1850260 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 6550 x-amz-id-2 lh0o2EXCTKs3tAtk15fXWa45zzEkB5f75O6SAkI+06PTKOXXW19LbxGGtyxI54kiPzzXULEca6I= last-modified Fri, 24 May 2024 16:31:00 GMT server cloudflare etag "69f74952d4598f5bc92dc460cc5bec0f" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8b42b2363b3a2ad9-LAX
GET H3	200	6650c12f2635b076b6f384fb_Hattiesburg_clinic_logo.webp cdn.prod.website-files.com/6356c441ce34029b327802bf/	8 KB 9 KB	93ms 92ms	Image image/webp	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/6650c12f2635b076b6f384fb_Hattiesburg_clinic_logo.webp Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b68ae6f3b005c768cc4954f80a05e0a5b59c9d6afc77619831b628758e3aa7a3 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:43 GMT x-amz-version-id 3q6dV6AjbZqMm164xsXSrbe1RP9kUQRk cf-cache-status HIT x-amz-request-id Q10MQE770F64H9WV age 880985 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 8584 x-amz-id-2 Ve9+YMbbOkj5JCafQ2xhVvqrl13ozGqHINI+Dcj+RooD59OxcsSKhQR7rnSybwL9ZdGiS+MGFhs= last-modified Fri, 24 May 2024 16:32:48 GMT server cloudflare etag "667672b4e400d1914aa5674013a0fd06" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8b42b2379cbc2ad9-LAX
GET H3	200	6650c18982c964e7d1a26657_UniversidadPontificiadeSalamanca_Logo.webp cdn.prod.website-files.com/6356c441ce34029b327802bf/	14 KB 15 KB	106ms 104ms	Image image/webp	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/6650c18982c964e7d1a26657_UniversidadPontificiadeSalamanca_Logo.webp Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a779f0a3884a5824352994cf19b8c1c418d078a9674c4a2914e7dbb9b1dd5f98 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:44 GMT x-amz-version-id tQvIJnlvBMjAvmEZ46Vj96jOdMA8bUpl cf-cache-status HIT x-amz-request-id 5TCK8MYQDW4X94B7 age 6742131 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 14832 x-amz-id-2 WXWzK1ycs0OCoKAgLmeb0Q126Irh8e8WanVzxZWNhRo48kx1EB7J4v+5t9cE5ntCYU5WBjzMsJI= last-modified Fri, 24 May 2024 16:34:19 GMT server cloudflare etag "7416f83841488098841e4dfb8f51b840" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8b42b23debf52ad9-LAX
GET H3	200	6650c1f4873d1afcb5aaaf25_OrlandoCity_Logo-p-500.webp cdn.prod.website-files.com/6356c441ce34029b327802bf/	22 KB 22 KB	95ms 90ms	Image image/webp	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/6650c1f4873d1afcb5aaaf25_OrlandoCity_Logo-p-500.webp Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18f528eaada29a5a79742c0e83d1c0359bf7bf52c289d6b70f594f6071c6ae87 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:44 GMT x-amz-version-id tNPAfDQ6JQZj1JvOaOlFPhRT.s7A9tWt cf-cache-status HIT x-amz-request-id 5TCGCRD2140H2FE2 age 1298570 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 22460 x-amz-id-2 dIk6vS3Cf4y8N8xxor0lsaX10nyC9pGCFMMBNAXZk1X6jlWc5O4CUT2mApW311fTc+BLdYg/yOw= last-modified Fri, 24 May 2024 16:36:06 GMT server cloudflare etag "6a75cf8a60fad2cb7cd0bba0d3deaa23" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8b42b23debfc2ad9-LAX
GET H3	200	6650c255f5716c698a5648de_HoustonRockets-logo-p-500.webp cdn.prod.website-files.com/6356c441ce34029b327802bf/	14 KB 15 KB	91ms 87ms	Image image/webp	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/6650c255f5716c698a5648de_HoustonRockets-logo-p-500.webp Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cba7a13335e72690a964c8d84633bd4703d483ce62cdf8cb53b5e59ae3042fad Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:44 GMT x-amz-version-id rbUMRSvGwL2qrUO5_S51i49x3XU8gkhI cf-cache-status HIT x-amz-request-id 5TCRB5P2DFJ87TH7 age 6742131 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 14516 x-amz-id-2 7djasI5NzVNblsXBKv6mUYKd5vZnJMaeKXLIkeHNicfKNvyYmj0Iie/Oz8EYp1z6j4ynUhfsQns= last-modified Fri, 24 May 2024 16:37:44 GMT server cloudflare etag "1dc1c28f0e2603313cc71544374a8488" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8b42b23debfe2ad9-LAX
GET H3	200	6650c2d0eced3ea9aefe1b52_Orlando_Magic_logo.webp cdn.prod.website-files.com/6356c441ce34029b327802bf/	8 KB 8 KB	89ms 85ms	Image image/webp	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/6650c2d0eced3ea9aefe1b52_Orlando_Magic_logo.webp Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38ede3652270c25f76e44746f86d2f1a8bb04af684cc3a06f54abb1fa36dc42e Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:44 GMT x-amz-version-id 2PcozAU0TDQwwT2ltAPc1TgYfBSfCPHS cf-cache-status HIT x-amz-request-id 5TCH6XEV6NY04J79 age 6742255 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 8010 x-amz-id-2 3rkxyKKpaK+83UgCdwflObi1EevAYEcuvIFK3EiLqv1VeNO4Q3yypsUR3iRCt4DH+0pJ9VWFK7s= last-modified Fri, 24 May 2024 16:39:45 GMT server cloudflare etag "4f701d6d9d54f37e6ac36f3ba50d5a82" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8b42b23debff2ad9-LAX
GET H3	200	6650c3e0ad5209471555c392_University_of_Arkansas_logo.webp cdn.prod.website-files.com/6356c441ce34029b327802bf/	3 KB 4 KB	97ms 93ms	Image image/webp	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/6650c3e0ad5209471555c392_University_of_Arkansas_logo.webp Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42025f55892cc96faf5dea118cb891a5d8878ff70c1c8daa15f4882f4c0e5d3a Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:44 GMT x-amz-version-id xgfA0ICOAdbtHO5WYCDMX36nWq8HoaT5 cf-cache-status HIT x-amz-request-id 5TCYKD3FS44GXC9X age 6742255 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 3282 x-amz-id-2 7I2zj6+y8GA1aO90+LO1/zE8KXqSlMIxIkisbObfqwPNmzIvGRChc4+uIfxAhTt+ivtUH5VdkJc= last-modified Fri, 24 May 2024 16:44:17 GMT server cloudflare etag "bc3d1cadcd4d8f0e45d3b815675f7b06" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8b42b23dec002ad9-LAX
GET H3	200	6650c47dac841a81ccaef2ca_Tafe_Queensland_logo.webp cdn.prod.website-files.com/6356c441ce34029b327802bf/	5 KB 6 KB	97ms 93ms	Image image/webp	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/6650c47dac841a81ccaef2ca_Tafe_Queensland_logo.webp Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 822c74433a824bfea83e031494628829b535a7908b8af7c14ce30159977e9a6e Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:44 GMT x-amz-version-id 64tHEECYL8VHyl7_PgCJPP_OA5gQW8bU cf-cache-status HIT x-amz-request-id 5TCXK7E890S0DCWR age 3777736 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 5572 x-amz-id-2 Ttcl0wn4nmg21/fjXX7p98mYO3+0I2aw5KXuf/gl0Y0oHx0ZVjdd6Cqmug2ACT09Ik1piYmBWEE= last-modified Fri, 24 May 2024 16:46:54 GMT server cloudflare etag "3a8293dbcd9c35ed18b7a947387e7faa" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8b42b23dec022ad9-LAX
GET H3	200	6650c4dd14844a31f67af317_Port_of_Vancouver_logo.webp cdn.prod.website-files.com/6356c441ce34029b327802bf/	3 KB 3 KB	95ms 92ms	Image image/webp	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/6650c4dd14844a31f67af317_Port_of_Vancouver_logo.webp Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffedfb9b21760dafef37be4fc4e531d01547a153c8804efd2cba1391db9de51a Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:44 GMT x-amz-version-id 11o_O.tAzeNc4Wq9f6hus6xD0hlHlViv cf-cache-status HIT x-amz-request-id 5TCNS0YZGNXP4D7W age 3811443 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 3182 x-amz-id-2 zCtxv64/2U8TECUNVOOMN1qKJ07dSTOecbIUbtw4oO02eHTRJdGhRTpxrDywO1b7+Uf1OPK4uq0= last-modified Fri, 24 May 2024 16:48:30 GMT server cloudflare etag "c053558db33270803324e66dba38ec9d" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8b42b23dec032ad9-LAX
GET H2	200	platform.js Show response static.elfsight.com/platform/	48 KB 17 KB	341ms 88ms	Script application/javascript	2606:4700:10::6816:445f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.elfsight.com/platform/platform.js Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:445f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cec24a06e2e9c6dbe79ac537c1c0906c2896eb331ebe94fc3077075d78dc5a6f Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:45 GMT strict-transport-security max-age=0 content-encoding gzip cf-cache-status HIT x-amz-request-id tx000009816f5853648b0a3-006698eb70-5ac52b6e-sfo2a age 3404 x-envoy-upstream-healthchecked-cluster alt-svc h3=":443"; ma=86400 last-modified Tue, 11 Jun 2024 05:32:12 GMT server cloudflare etag W/"9cb6cdfa853ae05f7abcff41c1cfd0af" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type application/javascript x-do-cdn-uuid e32c40dc-02c3-4408-a6ec-51bfedff6dd9 x-rgw-object-type Normal cache-control max-age=3600 cf-ray 8b42b23f7ed629f6-LAX
GET H3	200	v2.js Show response js.hsforms.net/forms/embed/	483 KB 156 KB	214ms 110ms	Script application/javascript	104.18.142.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsforms.net/forms/embed/v2.js Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.142.119 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dfdf1af1a230e3ee08968606c4322f5a9c51a5a6bf341687fedac60716c9ddab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-encoding gzip age 145 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5781/bundles/project-v2.js&cfRay=8b2a1f86fc8afa4a-SJC x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"07033d485ccfcdda144e7a4173dbc0bc" vary accept-encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset forms-embed/static-1.5781/bundles/project-v2.js date Fri, 16 Aug 2024 16:10:43 GMT via 1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-version-id __TkXxzKt.v8sm6CVT1EUR2QdTtEmM_4 cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id 83240f2b-79ca-48b2-9f19-ee136c7163da x-cache Hit from cloudfront cache-tag staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod x-envoy-upstream-service-time 3 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 83240f2b-79ca-48b2-9f19-ee136c7163da last-modified Wed, 07 Aug 2024 13:25:19 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PJpquILGT3Lu%2BwegaaQZysNZ1vaWIgrvJtmb5jnNiAafHtpXCxZzEXOjgSBg1erMev%2Fs7Hi68VBlUd1GVr3mJXyIuz3NZVSTZB7LTAf9afJnOjx18HGsM2H59pHwpROt"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-5f4dcb8bc8-xgqk6 cf-ray 8b42b2386838cf1a-SJC x-amz-cf-id fEg0R2kqw7Wr9bJeI9ZjKdyREOA_J6YgXw9x_ViYSpFdizI3mlFseQ==
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 32 KB	443ms 159ms	Script application/javascript	18.238.59.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6356c441ce34029b327802bf Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.59.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-59-82.jfk52.r.cloudfront.net Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer Origin https://www.threatlocker.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 08:30:19 GMT content-encoding br via 1.1 071f5fea9cc276d1769e252ea33022fa.cloudfront.net (CloudFront) age 27626 x-amz-cf-pop JFK52-P4 x-cache Hit from cloudfront last-modified Mon, 20 Jul 2020 17:53:02 GMT server AmazonS3 etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate vary accept-encoding x-amz-cf-id ZtxVGk4KwatjjGxOuZN-ykivqx_7y_lLLHUwBcvlBHbKmdbg3yyiKw==
GET H3	200	tl-build.a839ff546.js Show response cdn.prod.website-files.com/6356c441ce34029b327802bf/js/	1 MB 322 KB	84ms 84ms	Script text/javascript	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/js/tl-build.a839ff546.js Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87ff92f622aa42414b8bbcb688567484366a969fce92314226e8bad05a66cb95 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:44 GMT content-encoding gzip x-amz-version-id pfShCR6SCGzTjgtkGPKs4cN9REwoi6oQ cf-cache-status HIT x-amz-request-id M9KAM3RX4Z61RPQD age 69464 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 328790 x-amz-id-2 TX/wGwiqlpHsA56YyEEWNj8mfYHm5JqNuJI2fAzhYYkGjcu7EkegeNPSiIOzWASa4JHastny4ExYw2rJxvKhbvNZSniRmhqu last-modified Thu, 15 Aug 2024 20:51:42 GMT server cloudflare etag "3c1523570904a590f63274da1114a743" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable accept-ranges bytes cf-ray 8b42b23b28b92ad9-LAX
GET H2	200	store_utm.min.js Show response static.threatlocker.com/script/	2 KB 2 KB	527ms 204ms	Script application/javascript	2600:9000:21da:b400:7:cc21:18c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.threatlocker.com/script/store_utm.min.js Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21da:b400:7:cc21:18c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 75ac005172f77cdc62355c9b52efb64a470ae2facb10f7cdbd98cd68b4ba2792 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT x-amz-version-id 5hx1IlkfaPh_zsEgUb3JpRUkkMFeLGqW via 1.1 7f822cbc5468903ff5582a7c6af4c024.cloudfront.net (CloudFront) last-modified Fri, 29 Sep 2023 19:58:10 GMT server AmazonS3 x-amz-cf-pop EWR53-C1 etag "3bb7be755e4354a3b8265e7f42974b84" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript accept-ranges bytes content-length 1541 x-amz-cf-id GeQzDYls9ABdu_ZtdHEXcYznijaQxJ3iCQPd3_nTbTOsO2C2djexkA==
GET H2	200	form-124.js Show response hubspotonwebflow.com/assets/js/	10 KB 3 KB	291ms 113ms	Script application/javascript	76.76.21.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hubspotonwebflow.com/assets/js/form-124.js Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 10ef3ba5308697292067120aee8cea7f3341a9a5e691475bc4a29805a5194939 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer Origin https://www.threatlocker.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:44 GMT content-encoding br strict-transport-security max-age=63072000 server Vercel x-vercel-id sfo1::2p6vk-1723824644526-ae00d3eec24d age 1936176 x-matched-path /assets/js/form-124.js etag W/"392ca1f460caa2aa9439969a89f31c13" x-vercel-cache HIT content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate content-disposition inline; filename="form-124.js"
GET H2	200	css fonts.googleapis.com/	55 KB 3 KB	452ms 161ms	Stylesheet text/css	2607:f8b0:4006:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 16 Aug 2024 16:10:44 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 16 Aug 2024 14:51:46 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 16 Aug 2024 16:10:44 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	333 KB 110 KB	487ms 187ms	Script application/javascript	2607:f8b0:4006:824::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2d667134380de33152ee1c6d17f6d48ffa85463b98e41e0b240366358a7e04de Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 111882 x-xss-protection 0 last-modified Fri, 16 Aug 2024 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 16 Aug 2024 16:10:45 GMT
GET H2	200	p.css p.typekit.net/	5 B 172 B	868ms 309ms	Stylesheet text/css	2600:141b:1c00:8::1728:b323 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=wpr3nqk&ht=tk&f=139.169.173.175.176.5474.5475.25136&a=95479717&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/wpr3nqk.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b323 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:44 GMT last-modified Sun, 10 Mar 2024 12:44:13 GMT server nginx etag "65edab1d-5" content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 5
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 47 KB	643ms 355ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.threatlocker.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 13:12:06 GMT x-content-type-options nosniff age 10718 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 16 Aug 2025 13:12:06 GMT
GET H2	200	memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 fonts.gstatic.com/s/opensans/v40/	49 KB 50 KB	423ms 136ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.threatlocker.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 01:48:25 GMT x-content-type-options nosniff age 138139 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50296 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:10:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 15 Aug 2025 01:48:25 GMT
GET H2	200	rating_schema.json Show response www.g2.com/products/threatlocker-inc-threatlocker/	416 B 2 KB	430ms 248ms	Fetch application/json	2606:4700::6810:bc29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.g2.com/products/threatlocker-inc-threatlocker/rating_schema.json Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:bc29 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 306cf8a83334a9c2d18c1a11a108deb8c3fbf3a9be97179c38ed8974eefcd6f8 Security Headers Name Value Content-Security-Policy default-src 'self' *.g2crowd.com *.g2.com; connect-src * 'self' *.g2crowd.com *.g2.com; frame-src * 'self' *.g2crowd.com *.g2.com; font-src * data: 'self' *.g2crowd.com *.g2.com; form-action * 'self' *.g2crowd.com *.g2.com; img-src * data: blob: 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src * blob: 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src * 'unsafe-inline' 'unsafe-eval' 'self' *.g2crowd.com *.g2.com; style-src * 'unsafe-inline' 'self' *.g2crowd.com *.g2.com; worker-src * blob: 'self' *.g2crowd.com *.g2.com; frame-ancestors * Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:45 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC x-datadome protected strict-transport-security max-age=15552000; includeSubDomains; preload x-permitted-cross-domain-policies none content-security-policy default-src 'self' *.g2crowd.com *.g2.com; connect-src * 'self' *.g2crowd.com *.g2.com; frame-src * 'self' *.g2crowd.com *.g2.com; font-src * data: 'self' *.g2crowd.com *.g2.com; form-action * 'self' *.g2crowd.com *.g2.com; img-src * data: blob: 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src * blob: 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src * 'unsafe-inline' 'unsafe-eval' 'self' *.g2crowd.com *.g2.com; style-src * 'unsafe-inline' 'self' *.g2crowd.com *.g2.com; worker-src * blob: 'self' *.g2crowd.com *.g2.com; frame-ancestors * x-xss-protection 1; mode=block x-request-id 6fb04f60-5240-45c3-aa93-f288f1c584a3 x-runtime 0.004715 referrer-policy strict-origin-when-cross-origin accept-ch Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory server cloudflare etag W/"306cf8a83334a9c2d18c1a11a108deb8" x-download-options noopen vary Origin,Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-max-age 7200 cf-ray 8b42b23f18d22f1c-LAX x-frame-options SAMEORIGIN
GET H3	200	665762136e08be2dbb71ef43_ThreatLocker_BinaryCode.webp cdn.prod.website-files.com/6356c441ce34029b327802bf/	455 KB 456 KB	85ms 84ms	Image image/webp	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/665762136e08be2dbb71ef43_ThreatLocker_BinaryCode.webp Requested by Host: cdn.prod.website-files.com URL: https://cdn.prod.website-files.com/6356c441ce34029b327802bf/css/tl-build.bd60e10f1.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7d94c85821462f3d2f603e4bc02d468204a807d8e5e7948318efc9653ea0d62b Request headers Referer https://cdn.prod.website-files.com/6356c441ce34029b327802bf/css/tl-build.bd60e10f1.min.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:44 GMT x-amz-version-id Q2hWb7WB3VfYJfrUTFpRglB9MkrofRKx cf-cache-status HIT x-amz-request-id 5TCXA2MJMSM6G1KK age 6742255 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 466014 x-amz-id-2 eMulhAn8+bKGL3bFzbHXY0jSCfypV7p/IuYvQSPRWZrRx5m+n4YJxOWN9XPmVfffq6/tbfhLuzQ= last-modified Wed, 29 May 2024 17:12:53 GMT server cloudflare etag "d1505f7fa2214992e165eed517be787d" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8b42b23e2c422ad9-LAX
GET H2	200	l use.typekit.net/af/23e139/00000000000000007735e605/30/	16 KB 17 KB	545ms 139ms	Font application/font-woff2	2600:141b:1c00:8::1728:b330 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/23e139/00000000000000007735e605/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n5&v=3 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b330 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 58dc2f9ecbfa85accf8b5b67e283ba5b32fafc4769e6244a271ebb80d8a2efcf Request headers Referer https://www.threatlocker.com/ Origin https://www.threatlocker.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:45 GMT server nginx etag "464e80c81dc664a05b42585c76719dbf06e6c621" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 16720
GET H2	200	l use.typekit.net/af/efe4a5/00000000000000007735e609/30/	16 KB 16 KB	1024ms 618ms	Font application/font-woff2	2600:141b:1c00:8::1728:b330 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b330 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5 Request headers Referer https://www.threatlocker.com/ Origin https://www.threatlocker.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:45 GMT server nginx etag "ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 16560
GET H2	200	l use.typekit.net/af/78aca8/00000000000000007735e60d/30/	16 KB 17 KB	879ms 473ms	Font application/font-woff2	2600:141b:1c00:8::1728:b330 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n6&v=3 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b330 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 5c9f600b175a870a39e534669ba425e642b0e3b79946273b04f36278fb14c89d Request headers Referer https://www.threatlocker.com/ Origin https://www.threatlocker.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:45 GMT server nginx etag "e054ee68ef06f627cc7e34fb951cfa3a80cc5aa0" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 16744
GET H2	200	l use.typekit.net/af/2555e1/00000000000000007735e603/30/	16 KB 17 KB	877ms 472ms	Font application/font-woff2	2600:141b:1c00:8::1728:b330 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b330 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e Request headers Referer https://www.threatlocker.com/ Origin https://www.threatlocker.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:45 GMT server nginx etag "96c7595dad6bb306bf9cc4c7a3b3d28654c7d636" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 16832
GET H2	200	6446a789736ef701c26e59fe_fa-solid-900.woff2 assets.website-files.com/6356c441ce34029b327802bf/	313 KB 313 KB	1059ms 777ms	Font application/octet-stream	2600:9000:2514:2e00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/6356c441ce34029b327802bf/6446a789736ef701c26e59fe_fa-solid-900.woff2 Requested by Host: cdn.prod.website-files.com URL: https://cdn.prod.website-files.com/6356c441ce34029b327802bf/css/tl-build.bd60e10f1.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c0fd7653283e19ac86a3245bfd82feab6bc58794511975e68af222fa3800e455 Request headers Referer https://cdn.prod.website-files.com/ Origin https://www.threatlocker.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 31 May 2024 13:25:29 GMT x-amz-version-id fJ2FZ_3Vnkq01Qu_yfEAAHvYLMFrQycM via 1.1 7aea4d81c29185bd2784c2f86062007a.cloudfront.net (CloudFront) age 6662717 x-amz-cf-pop JFK50-P8 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING content-length 320080 last-modified Mon, 24 Apr 2023 16:03:07 GMT server AmazonS3 etag "9966f4967759f0a0e24b33218c42a89b" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/octet-stream access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id I0E_3qg-PXY_MWMjNDhqOiPyXf-RMXwR4NmzPKWeVAL9QyiMceCE6Q==
GET H2	200	l use.typekit.net/af/1be3c2/00000000000000007735e606/30/	16 KB 16 KB	1012ms 607ms	Font application/font-woff2	2600:141b:1c00:8::1728:b330 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/1be3c2/00000000000000007735e606/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n3&v=3 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b330 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash f1096de525ecd4549a0dea1507686fd365db607cddc697686b0f7ce81a9bdbab Request headers Referer https://www.threatlocker.com/ Origin https://www.threatlocker.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:45 GMT server nginx etag "f72012c08a11a2b44b8e4fe91c5042bc39decdd0" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 16488
GET H2	200	l use.typekit.net/af/3322cc/00000000000000007735e616/30/	17 KB 17 KB	878ms 474ms	Font application/font-woff2	2600:141b:1c00:8::1728:b330 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i4&v=3 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b330 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a Request headers Referer https://www.threatlocker.com/ Origin https://www.threatlocker.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:45 GMT server nginx etag "71f986ad2b4d0b6a0e5a056380e0c8c577137ae8" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 17212
GET H3	200	63eebaf42d2925e34203e31a_logo-white.svg cdn.prod.website-files.com/6356c441ce34029b327802bf/	5 KB 2 KB	106ms 105ms	Image image/svg+xml	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/63eebaf42d2925e34203e31a_logo-white.svg Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dfdaf1ae3fe702746d6a8ef59197245a12742efb2bf34adba19f20d7779cd8b0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:44 GMT x-amz-version-id 422wPwtC4bxhq8QGFEoHxTCaS1WrXuFa content-encoding br cf-cache-status HIT x-amz-request-id 5TCQCVZPA3Z09FWM age 6742131 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 aeHAILHekRTMZwbrvKMuqPgYir5EvnYdzaWn4gx7Jg9rWwjpBbVTh4FatVwOmhFv7jJ6edC/5N4= last-modified Thu, 16 Feb 2023 23:23:33 GMT server cloudflare etag W/"051fdc1836b16f97b0ace8bfb7fccdf8" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate cf-ray 8b42b23eacad2ad9-LAX
GET H3	200	64da6b67cf4844bc7f451908_645ce6903f4f80b0e4440347_Computer-Mock-Up-p-1080.webp cdn.prod.website-files.com/6356c441ce34029b327802bf/	14 KB 14 KB	122ms 120ms	Image image/webp	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/64da6b67cf4844bc7f451908_645ce6903f4f80b0e4440347_Computer-Mock-Up-p-1080.webp Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef182a50add1e3a38290b86673deb9a3900352f45fd45c17a1996e7163b69bbd Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:44 GMT x-amz-version-id lSRgYaqeidi9GAYAwL8ufWGBigzIY77e cf-cache-status HIT x-amz-request-id YNNTE41V9NXS0JRB age 6742255 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 14132 x-amz-id-2 arA+WSt8qmiDCWhUG8aXdwSBuFGSrGNL+vLNr5xMxAxSVSopvY+TQ6dmW9+dk8+lf5dJa1/EVSM= last-modified Mon, 14 Aug 2023 17:59:12 GMT server cloudflare etag "651a260f1a1c7be632373426dce4f38a" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8b42b23eacb42ad9-LAX
GET H3	200	json Show response forms.hsforms.com/embed/v3/form/3949713/02d81281-39e5-496a-8059-1144f82a1ec2/	122 KB 42 KB	314ms 204ms	XHR application/json	104.19.175.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hsforms.com/embed/v3/form/3949713/02d81281-39e5-496a-8059-1144f82a1ec2/json?hs_static_app=forms-embed&hs_static_app_version=1.5781&X-HubSpot-Static-App-Info=forms-embed-1.5781 Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/embed/v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f3c20a8a0507c8d3c0ef6d12d1df5d116404c2379873ad07a6442a803fe4bad Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept application/json, text/plain, */* Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-origin-hublet na1 date Fri, 16 Aug 2024 16:10:45 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains; preload x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 689d78b9-14e5-4f07-b079-bab3b242110a x-envoy-upstream-service-time 42 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 689d78b9-14e5-4f07-b079-bab3b242110a server cloudflare vary origin access-control-allow-methods OPTIONS, GET content-type application/json;charset=utf-8 access-control-allow-origin https://www.threatlocker.com x-evy-trace-virtual-host all access-control-expose-headers X-Origin-Hublet access-control-max-age 180 access-control-allow-credentials false cache-control max-age=0, no-cache, no-store x-robots-tag none access-control-allow-headers * cf-ray 8b42b23f6d451726-SJC x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-4pxfv
GET H2	200	651333b6ee3cbcb604083a2c_fa-brands-400.woff2 assets.website-files.com/6356c441ce34029b327802bf/	108 KB 109 KB	384ms 157ms	Font application/octet-stream	2600:9000:2514:2e00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/6356c441ce34029b327802bf/651333b6ee3cbcb604083a2c_fa-brands-400.woff2 Requested by Host: cdn.prod.website-files.com URL: https://cdn.prod.website-files.com/6356c441ce34029b327802bf/css/tl-build.bd60e10f1.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e Request headers Referer https://cdn.prod.website-files.com/ Origin https://www.threatlocker.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 31 May 2024 13:25:29 GMT x-amz-version-id ljUpDBakF0GPTEG5MKmvFk1UAUpVR1iE via 1.1 7aea4d81c29185bd2784c2f86062007a.cloudfront.net (CloudFront) age 6662717 x-amz-cf-pop JFK50-P8 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 110932 last-modified Tue, 26 Sep 2023 19:40:39 GMT server AmazonS3 etag "f022fca674f561d3f3f9f187a7fa3222" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/octet-stream access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id 2u4e9xfC2c6K2KMNFDjSBZSiD3TcYjQ4IrUbv3IQtXhCf7ylaQyzgg==
GET H3	200	644fe44697c8aba8ca1ea70c_Hamburger%20Menu_v2.json Show response cdn.prod.website-files.com/6356c441ce34029b327802bf/	6 KB 1 KB	161ms 85ms	XHR application/json	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/644fe44697c8aba8ca1ea70c_Hamburger%20Menu_v2.json Requested by Host: cdn.prod.website-files.com URL: https://cdn.prod.website-files.com/6356c441ce34029b327802bf/js/tl-build.a839ff546.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12d8216551a0974e16d1792fee6d9d9feee0b2470ed93a20b35dd0e1e9954a97 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:45 GMT x-amz-version-id DBjVZREzo2sJB.6.aC9SepijVH_jsb70 content-encoding br cf-cache-status HIT x-amz-request-id ESH63K0MAAJTC3AS age 6742255 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 JpGDbZ091G4IcJ9WJPPcYwZGsoBYaYfEIzONWYG9CR9Ure8sgTAV3Ldu+Gvk1PZMInE6rC1GpPfV+l3S/U7ku4NHIYrPFC1E last-modified Mon, 01 May 2023 16:09:43 GMT server cloudflare etag W/"9afdc3b8fbd04f96d02c35cc6c55ed0f" access-control-max-age 3000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * cache-control max-age=31536000, must-revalidate cf-ray 8b42b2405d59cbaf-LAX
GET H2	200	l use.typekit.net/af/8738d8/00000000000000007735e611/30/	16 KB 17 KB	612ms 612ms	Font application/font-woff2	2600:141b:1c00:8::1728:b330 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/8738d8/00000000000000007735e611/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b330 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5 Request headers Referer https://www.threatlocker.com/ Origin https://www.threatlocker.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:45 GMT server nginx etag "a5565f97e4389f39e94f7880b2c8088023e4d88a" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 16880
GET H2	200	l use.typekit.net/af/40d372/00000000000000007735e607/30/	17 KB 17 KB	652ms 651ms	Font application/font-woff2	2600:141b:1c00:8::1728:b330 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/40d372/00000000000000007735e607/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i3&v=3 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b330 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 0ac75b515902d4a9c871724d8da779aaf77108660db9987a1fe1ab789ac95d4b Request headers Referer https://www.threatlocker.com/ Origin https://www.threatlocker.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:45 GMT server nginx etag "916ef3d33f48ba3f0537bae74184b159347fff5f" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 16988
GET H2	200	/ Show response api.ipify.org/	24 B 157 B	643ms 156ms	Fetch application/json	172.67.74.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a51c02ded3766cce9d32ec5d0829a6f762d321ac17d1e1b2451e193625e8313 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:45 GMT cf-cache-status DYNAMIC server cloudflare vary Origin content-type application/json access-control-allow-origin * cf-ray 8b42b2445b147c79-LAX content-length 24
GET H3	200	v2.js Show response js.hsforms.net/forms/embed/ Frame 0924	483 KB 0	214ms 110ms	Script application/javascript	104.18.142.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsforms.net/forms/embed/v2.js Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/embed/v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.142.119 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dfdf1af1a230e3ee08968606c4322f5a9c51a5a6bf341687fedac60716c9ddab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-encoding gzip age 145 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5781/bundles/project-v2.js&cfRay=8b2a1f86fc8afa4a-SJC x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"07033d485ccfcdda144e7a4173dbc0bc" vary accept-encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset forms-embed/static-1.5781/bundles/project-v2.js date Fri, 16 Aug 2024 16:10:43 GMT via 1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-version-id __TkXxzKt.v8sm6CVT1EUR2QdTtEmM_4 cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id 83240f2b-79ca-48b2-9f19-ee136c7163da x-cache Hit from cloudfront cache-tag staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod x-envoy-upstream-service-time 3 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 83240f2b-79ca-48b2-9f19-ee136c7163da last-modified Wed, 07 Aug 2024 13:25:19 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PJpquILGT3Lu%2BwegaaQZysNZ1vaWIgrvJtmb5jnNiAafHtpXCxZzEXOjgSBg1erMev%2Fs7Hi68VBlUd1GVr3mJXyIuz3NZVSTZB7LTAf9afJnOjx18HGsM2H59pHwpROt"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-5f4dcb8bc8-xgqk6 cf-ray 8b42b2386838cf1a-SJC x-amz-cf-id fEg0R2kqw7Wr9bJeI9ZjKdyREOA_J6YgXw9x_ViYSpFdizI3mlFseQ==
GET H3	200	counters.gif forms-na1.hsforms.com/embed/v3/	35 B 886 B	510ms 196ms	Image image/gif	104.18.80.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 831277c7-f66a-42b4-85e6-923e50dc0269 x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 831277c7-f66a-42b4-85e6-923e50dc0269 server cloudflare vary origin content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-wb9hj access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none cf-ray 8b42b244695ace78-SJC
GET H2	200	css2 fonts.googleapis.com/ Frame 0924	5 KB 720 B	342ms 341ms	Stylesheet text/css	2607:f8b0:4006:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/embed/v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2ceb044fbea6e5616887f79557f76fe8b1053593d01b862aa3d50f986d9ac272 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 16 Aug 2024 16:10:45 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 16 Aug 2024 14:50:01 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 16 Aug 2024 16:10:45 GMT
GET H3	200	counters.gif forms-na1.hsforms.com/embed/v3/	35 B 849 B	455ms 216ms	Image image/gif	104.18.80.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 0ea8dc6e-36cd-4030-bd9c-e1ea7318d970 x-envoy-upstream-service-time 19 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 0ea8dc6e-36cd-4030-bd9c-e1ea7318d970 server cloudflare vary origin content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-jklz5 access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none cf-ray 8b42b2446955ce78-SJC
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/ Frame 0924	32 KB 32 KB	142ms 140ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.threatlocker.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 04:20:13 GMT x-content-type-options nosniff age 42632 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 16 Aug 2025 04:20:13 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	324 KB 106 KB	183ms 182ms	Script application/javascript	2607:f8b0:4006:824::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-1GW8T9MYPR&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6214974e6d4159f00352169420addd28f6680227c9729f72fbeb4c012f017c16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 108662 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 16 Aug 2024 16:10:46 GMT
GET H2	200	7f7c58ff8d6644687bb2be95293940a7.js Show response d.rageagainstthesoap.com/i/	105 KB 39 KB	476ms 158ms	Script text/javascript	2600:9000:266a:4a00:7:4902:e200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.rageagainstthesoap.com/i/7f7c58ff8d6644687bb2be95293940a7.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266a:4a00:7:4902:e200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Caddy / Resource Hash 103c505dd7e5aec4976cd47c775ecbdcae7b8fb65d8da2dcd108fd0824e7cf1a Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 06:31:10 GMT content-encoding gzip via 1.1 a422a2e7c5cee555310dfa3dcc07c402.cloudfront.net (CloudFront) server Caddy x-amz-cf-pop JFK52-P5 age 34776 etag "1a4c5-fSmjWFbxxy4NHem+um2lv73fbAc" x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 cache-control max-age=43200 content-length 39280 x-amz-cf-id FEP3uP1uBByuYNVj7VtwPkdqqLQFyoSs6xo0hm0t1ylbfa7rUgyAEw== expires Fri, 16 Aug 2024 18:31:10 GMT
GET H2	200	3949713.js Show response js.hs-scripts.com/	1 KB 1 KB	272ms 97ms	Script application/javascript	2606:4700::6810:8bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/3949713.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 270644ad274b58f6d9b1a6dbbf45be7a98c964a4e84860826a4c9c0521096dfe Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 9f806995-0d6c-4edf-b8dd-9d7aa4160d6a cf-polished origSize=1498 age 54 x-envoy-upstream-service-time 6 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 9f806995-0d6c-4edf-b8dd-9d7aa4160d6a cf-bgj minify last-modified Fri, 16 Aug 2024 16:09:28 GMT server cloudflare access-control-max-age 3600 vary origin, Accept-Encoding content-type application/javascript;charset=utf-8 x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-78c8468c8b-rr68b x-evy-trace-virtual-host all cache-control public, max-age=90 access-control-allow-credentials true cf-ray 8b42b246beb82b6d-LAX expires Fri, 16 Aug 2024 16:12:16 GMT
GET H2	200	lftracker_v1_kn9Eq4RjeBl4RlvP.js Show response sc.lfeeder.com/	32 KB 11 KB	492ms 145ms	Script application/javascript	2600:9000:2209:8800:4:d7e1:700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc.lfeeder.com/lftracker_v1_kn9Eq4RjeBl4RlvP.js Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2209:8800:4:d7e1:700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 216a52be50a34ea8d6034d5319730a1000c4ff5f6299cac437a7a9b15a4f8e8d Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-amz-version-id lXE2rjhxxVPUmxL8AAGSHx8HcUJz6IlP content-encoding br via 1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront) date Fri, 16 Aug 2024 15:45:53 GMT x-amz-cf-pop EWR53-P1 age 1494 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin last-modified Wed, 14 Aug 2024 14:18:11 GMT server AmazonS3 etag W/"e709c4c238afce3cda5dca2d4bb2c85a" vary Accept-Encoding, Origin content-type application/javascript cache-control max-age=3600 x-amz-cf-id 67LZAULm3hmhpr4tMzdevM1uu8_hEtoCa4k95SEvr19c9rDwDm4kXg==
GET H2	200	5279.js Show response tracking.g2crowd.com/attribution_tracking/conversions/	2 KB 2 KB	306ms 131ms	Script text/javascript	2606:4700::6812:1fb0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tracking.g2crowd.com/attribution_tracking/conversions/5279.js?p=https://www.threatlocker.com/&e= Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1fb0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12b155eb77ce973744e49dcb25ce082787ff4b9b385ab2b40967ea86e48869a5 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff content-encoding br x-permitted-cross-domain-policies none x-dns-prefetch-control off cross-origin-resource-policy cross-origin content-disposition inline x-xss-protection 0 referrer-policy no-referrer server cloudflare cross-origin-opener-policy same-origin x-download-options noopen vary Origin, Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript;charset=UTF-8 access-control-allow-origin * origin-agent-cluster ?1 cf-ray 8b42b246ccb07bd9-LAX
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	40 KB 14 KB	442ms 139ms	Script application/javascript	2600:141b:1c00:6::17df:d112 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:6::17df:d112 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 24 Jul 2024 05:33:09 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=18917 accept-ranges bytes content-length 14597
GET H2	200	sup.min.js Show response cdn.jsdelivr.net/gh/gkogan/sup-save-url-parameters/	800 B 960 B	242ms 74ms	Script application/javascript	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/gkogan/sup-save-url-parameters/sup.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 39ce82b4ceba8d24e7d6fce5422980df77d9d246a1cc7d87b1e2a35f9d4143e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 16 Aug 2024 16:10:46 GMT x-content-type-options nosniff content-encoding br age 8240 x-jsd-version master x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 497 x-served-by cache-fra-etou8220144-FRA, cache-lax-kwhp1940131-LAX x-jsd-version-type branch etag W/"320-6xK3t6Qb4uqG/vGj3sKpmBu/CtQ" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	42 KB 13 KB	241ms 74ms	Script application/javascript	2a04:4e42::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish last-modified Thu, 20 Jun 2024 19:23:03 GMT server snooserv nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} etag "71b328aff914ada8b774bfa8fff542c4" x-amz-server-side-encryption AES256 vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/javascript cache-control public, max-age=60 accept-ranges bytes content-length 12116
GET H2	200	bat.js Show response bat.bing.com/	49 KB 14 KB	338ms 106ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Fri, 16 Aug 2024 16:10:46 GMT last-modified Sat, 13 Jul 2024 20:42:16 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: F19F2A38EA544E68B0CD93A5434FBBB7 Ref B: LAXEDGE1909 Ref C: 2024-08-16T16:10:46Z etag "044982565d5da1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 14183
GET H3	200	9097.js Show response script.crazyegg.com/pages/scripts/0084/	7 KB 3 KB	223ms 97ms	Script text/javascript	104.19.148.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0084/9097.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b809b0881dc155d9c8ce351c6370c11736c53dd6bd6ff5bb92e81123302d7035 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT content-encoding gzip cf-cache-status HIT age 3925 cf-polished origSize=6998 ce-version 11.5.266 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Fri, 16 Aug 2024 15:05:16 GMT server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 timing-allow-origin * cf-ray 8b42b246afabfae3-SJC
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	225 KB 60 KB	428ms 138ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 16 Aug 2024 16:10:46 GMT document-policy force-load-at-top x-fb-server-load 51 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58865 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=135, rtx=0, c=12, mss=1297, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug zcxEA8NI4sxakQmC1OyrBLBM8H0Ge005ik+lAaB/j8v6ANCc/aqjlLCnfyIVZTCHBgrUHPLSkdXCHhFRaanWrg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	tracker Show response www.influ2.com/	5 KB 2 KB	285ms 121ms	Script application/javascript	34.107.254.219 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://www.influ2.com/tracker?clid=087a6b34-4416-4bb1-8253-c5e09162b66c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.254.219 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 219.254.107.34.bc.googleusercontent.com Software / Resource Hash e15914699b6dcc6716e24839fab85490c87a6518c5716c691931a7d09cf62f00 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains content-encoding gzip x-content-type-options nosniff date Fri, 16 Aug 2024 16:10:46 GMT via 1.1 google vary Accept-Encoding x-frame-options DENY content-type application/javascript alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block
GET H2	200	ThreatLocker.js Show response tag.brandcdn.com/autoscript/threatlocker_vgtsqk1vouvvve09/	1 KB 1 KB	463ms 138ms	Script text/javascript	2600:9000:266a:600:7:e536:8b00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tag.brandcdn.com/autoscript/threatlocker_vgtsqk1vouvvve09/ThreatLocker.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266a:600:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cd5364593710e3fb8d9985fa69658fad43bc599b698c32a2957eacd4a0422ac7 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-amz-version-id FpFEmkQqeC2Fy9MbgCQ9uyv.mkYGgkO8 date Fri, 16 Aug 2024 11:11:40 GMT via 1.1 a35a15e72ad59a60ddc8752bdb709706.cloudfront.net (CloudFront) last-modified Mon, 09 Oct 2023 15:27:59 GMT server AmazonS3 x-amz-cf-pop JFK52-P5 age 19453 x-amz-server-side-encryption AES256 etag "d02ff52c7d32f987214037634e09273b" x-cache Hit from cloudfront content-type text/javascript x-amz-replication-status COMPLETED accept-ranges bytes content-length 1092 x-amz-cf-id F5RHyy-rJYOA7yFnnskBlzzU1HIdUIqajaRoVINMI8LnOn9VslvCQg==
GET H2	200	e0y38b0sji Show response www.clarity.ms/tag/	655 B 1017 B	787ms 192ms	Script application/x-javascript	2620:1ec:bdf::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/e0y38b0sji?ref=gtm2 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a6f517307766d33e0feb2ca0105dd87fde77dcd254edf1d83d6f638a2a02d467 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers request-context appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81 date Fri, 16 Aug 2024 16:10:46 GMT x-azure-ref 20240816T161046Z-15db5b49bf6sf8bk3tsdfawras00000000fg00000000t1tu x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 655 expires -1
GET H/1.1	200 OK	tv2track.js Show response collector-35187.us.tvsquared.com/	20 KB 9 KB	528ms 124ms	Script application/javascript	18.117.65.149 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://collector-35187.us.tvsquared.com/tv2track.js Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.117.65.149 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-117-65-149.us-east-2.compute.amazonaws.com Software nginx / Resource Hash a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Fri, 16 Aug 2024 16:10:46 GMT Content-Encoding gzip Last-Modified Mon, 19 Feb 2024 15:46:47 GMT Server nginx ETag "65d377e7-2133" Content-Type application/javascript Cache-Control max-age=600 Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex Content-Length 8499 Expires Fri, 16 Aug 2024 16:20:46 GMT
GET H2	200	tracker.iife.js Show response assets.apollo.io/micro/website-tracker/	3 KB 2 KB	251ms 91ms	Script application/javascript	2606:4700:10::6814:28d5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.apollo.io/micro/website-tracker/tracker.iife.js?nocache=2s5ebr Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:28d5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2039d204f18247df88a0f132f35fe67f9e52ee7268515ead1647c611f737ba07 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT content-encoding gzip cf-cache-status HIT age 82177 x-guploader-uploadid AHxI1nMNY4IezaVXydmTvVgDzS666DLUIE0DbqSpbK0iIUu4QzFz74kwf-0u0JoXad7KeXOKD0zQtVFYlA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 1168 last-modified Mon, 12 Feb 2024 19:05:14 GMT server cloudflare etag "482eb3be75b60ec86f88e9bc33337e88" vary Accept-Encoding x-goog-generation 1707764714580510 content-type application/javascript access-control-allow-origin * x-goog-hash crc32c=I3tUEw==, md5=SC6zvnW2DshviOm8MzN+iA== access-control-expose-headers * cache-control public, max-age=31453753 x-goog-stored-content-length 1168 accept-ranges bytes cf-ray 8b42b24899e2090c-LAX expires Fri, 15 Aug 2025 17:19:59 GMT
GET H2	200	ping.min.js Show response pixel.byspotify.com/	22 KB 22 KB	238ms 73ms	Script text/javascript	34.117.162.98 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pixel.byspotify.com/ping.min.js Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.162.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 98.162.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 15:53:14 GMT via 1.1 google age 1052 x-guploader-uploadid AHxI1nO5TcFq6RJuduY26kK7P5RSF_5xGVOpG5SmxgjEFh75rOgSFcTs7klUhuYYl6xipj5Iaq4 x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22096 last-modified Tue, 25 Jun 2024 13:55:33 GMT server UploadServer etag "4eddeec95afda969b3d1b2fb970c1eb1" x-goog-generation 1719323733334567 x-goog-hash crc32c=NZyeaA==, md5=Tt3uyVr9qWmz0bL7lwwesQ== content-type text/javascript cache-control public, max-age=3600 x-goog-stored-content-length 22096 accept-ranges bytes expires Fri, 16 Aug 2024 16:53:14 GMT
GET H2	200	p.gif p.typekit.net/	35 B 205 B	137ms 136ms	Image image/gif	2600:141b:1c00:8::1728:b323 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://p.typekit.net/p.gif?s=1&k=wpr3nqk&ht=tk&h=www.threatlocker.com&f=139.169.173.175.176.5474.5475.25136&a=95479717&js=1.21.0&app=typekit&e=js&_=1723824646039 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b323 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT last-modified Sun, 11 Feb 2024 13:00:56 GMT server nginx etag "65c8c508-23" content-type image/gif access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 35
GET H3	200	www.threatlocker.com.json Show response script.crazyegg.com/pages/data-scripts/0084/9097/site/	1 KB 727 B	191ms 105ms	XHR application/json	104.19.148.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0084/9097/site/www.threatlocker.com.json?t=1 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0084/9097.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d25c268498cd081563787b1c56d8afec4c2f8165b52257dfbaa62226c57ab507 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT content-encoding gzip cf-cache-status HIT age 2439 ce-version 11.5.266 alt-svc h3=":443"; ma=86400 content-length 478 last-modified Fri, 16 Aug 2024 15:12:02 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 8b42b247cb112511-SJC
GET H2	200	config Show response pixel-config.reddit.com/pixels/t2_1nycqv2/	3 B 124 B	244ms 73ms	XHR application/json	151.101.129.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pixel-config.reddit.com/pixels/t2_1nycqv2/config Requested by Host: www.redditstatic.com URL: https://www.redditstatic.com/ads/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT content-encoding gzip via 1.1 varnish content-type application/json access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes content-length 27
GET H2	200	t2_1nycqv2_telemetry Show response www.redditstatic.com/ads/conversions-config/v1/pixel/config/	86 B 699 B	234ms 80ms	XHR application/json	2a04:4e42::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_1nycqv2_telemetry Requested by Host: www.redditstatic.com URL: https://www.redditstatic.com/ads/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT content-encoding gzip via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} server snooserv vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/json access-control-allow-origin * cache-control max-age=300 accept-ranges bytes content-length 97
GET H2	200	rp.gif alb.reddit.com/	42 B 637 B	230ms 72ms	Image image/gif	2a04:4e42:600::396 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1723824646279&id=t2_1nycqv2&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=b50a5ca5-ca6f-4cd2-8b19-480cc2c21de0&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc= Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3} server Varnish report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type image/gif cross-origin-resource-policy cross-origin accept-ranges bytes content-length 42 retry-after 0
GET H2	200	fb.js Show response js.hsadspixel.net/	6 KB 4 KB	259ms 83ms	Script application/javascript	2606:4700::6811:df98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsadspixel.net/fb.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/3949713.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e1b1a37caa8b7627123aeb0e23ad3a2ac14d4ad48be7aabb2ca7ca9da218ef5 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT x-amz-version-id UIOsIr3qFS9r3wFn4ECf3yNr1.R8N2aA content-encoding gzip x-content-type-options nosniff via 1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop IAD12-P3 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 9d8296f0-e150-49f9-a239-3268e811e174 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.572/bundles/pixels-release.js&cfRay=8af16386ae997301-DFW x-cache Hit from cloudfront cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod age 354 x-envoy-upstream-service-time 1 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 9d8296f0-e150-49f9-a239-3268e811e174 last-modified Tue, 06 Aug 2024 19:11:03 UTC server cloudflare etag W/"45a803cc17701ff8c7710294960c14c7" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status HIT x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-5f4dcb8bc8-rx7hx cf-ray 8b42b249efb4cbaf-LAX x-amz-cf-id 0cKjmH8-6GyERq3uVRY3BxtSKPXgQNsmfSLBL8y1mjW02ZIFoSslLA== x-hs-target-asset adsscriptloaderstatic/static-1.572/bundles/pixels-release.js
GET H2	200	3949713.js Show response js.hs-analytics.net/analytics/1723824300000/	69 KB 25 KB	243ms 86ms	Script text/javascript	2606:4700::6810:a0a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1723824300000/3949713.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/3949713.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8c6d384d5ec6d3cd9076fc9d0d9fd2dd4c465f33d255d025dcf44bf88fb357d Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT x-amz-version-id null content-encoding gzip cf-cache-status HIT x-amz-request-id Q0YZZZMX4KPXJT8V x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id f7106c45-2175-4f65-91db-0591d90f6a07 age 54 x-envoy-upstream-service-time 32 x-amz-id-2 n2Y9bLKL8YKFJnveJyF8zOwtvHMbj5L/6b2R0XcukxcgDlbWaSIWMcHTZoKwTfupHdBwk/t8w4Q= x-evy-trace-listener listener_https x-request-id f7106c45-2175-4f65-91db-0591d90f6a07 x-evy-trace-route-configuration listener_https/all last-modified Wed, 14 Aug 2024 17:28:20 GMT server cloudflare etag W/"ef97e442c0831098b9667ad11ef51560" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-k5ntq cache-control max-age=300,public access-control-allow-credentials false cf-ray 8b42b249fc4a69cd-LAX expires Fri, 16 Aug 2024 16:10:13 GMT
GET H2	200	banner.js Show response js.hs-banner.com/v2/3949713/	72 KB 26 KB	264ms 98ms	Script text/javascript	2606:4700::6812:17b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/3949713/banner.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/3949713.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:17b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8836334731a183af302d0b72f414e9632672574ab41a8da1b79a38e3a974558 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT x-amz-version-id Jj6n89.RSlxMIZtRq2A5K7fIbEnL_2Bs content-encoding gzip cf-cache-status HIT x-amz-request-id 00YGH9KGWSQA8YTB x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 26276f5f-cab2-4c01-969a-64cc208bc04b age 54 x-envoy-upstream-service-time 34 x-amz-id-2 ldhIC4PSYLLp3XvREkHF6vkZnB6VDOKaZmuLuWDJVNlQNlnPs37NUQQFTn/mVSSZpvp0O/O68WM= x-evy-trace-listener listener_https x-request-id 26276f5f-cab2-4c01-969a-64cc208bc04b x-evy-trace-route-configuration listener_https/all last-modified Thu, 01 Aug 2024 16:38:00 GMT server cloudflare etag W/"64b9be04002ea0b9c555a940306c521c" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 vary origin, Accept-Encoding x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-g9d49 timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 8b42b24a3e5708b2-LAX expires Fri, 16 Aug 2024 16:11:25 GMT
POST H2	200	assign tracking.g2crowd.com/attribution_tracking/conversions/	0 0	155ms 154ms	Ping text/html	2606:4700::6812:1fb0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tracking.g2crowd.com/attribution_tracking/conversions/assign Requested by Host: tracking.g2crowd.com URL: https://tracking.g2crowd.com/attribution_tracking/conversions/5279.js?p=https://www.threatlocker.com/&e= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1fb0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundary0jrZZOk7r6jAHjDt Response headers
GET H2	200	136027538.js Show response bat.bing.com/p/action/	2 KB 960 B	105ms 104ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/136027538.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 0835af6bed667056e26c07c9d643763e09c8ba348f55c5c5c8813dbf7741aef7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Fri, 16 Aug 2024 16:10:46 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 2A3F08D57E494F44B9E4F3B197BCBB2B Ref B: LAXEDGE1909 Ref C: 2024-08-16T16:10:46Z vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 cache-control private,max-age=60
POST H2	204	collect analytics.google.com/g/	0 0	448ms 150ms	Fetch text/plain	2607:f8b0:4006:80c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-1GW8T9MYPR&gtm=45je48e0v9123343682z89115913288za200zb9115913288&_p=1723824643875&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1461496421.1723824646&ecid=1606115754&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1723824646&sct=1&seg=0&dl=https%3A%2F%2Fwww.threatlocker.com%2F&dt=Enterprise%20Cybersecurity%20Solutions%20%7C%20ThreatLocker&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4373 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1GW8T9MYPR&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 16 Aug 2024 16:10:46 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.threatlocker.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 258 B	421ms 140ms	Ping text/plain	2607:f8b0:4004:c06::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1GW8T9MYPR&cid=1461496421.1723824646&gtm=45je48e0v9123343682z89115913288za200zb9115913288&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1GW8T9MYPR&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 16 Aug 2024 16:10:46 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.threatlocker.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	136027538 Show response bat.bing.com/p/insights/t/	730 B 898 B	247ms 246ms	Script application/x-javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/insights/t/136027538 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/136027538.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 04250d6259e1b1aaff435f1890375cb4763d0b95cad370beb7bf6190a1b5b7bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers request-context appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111 strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Fri, 16 Aug 2024 16:10:46 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 3FB7D9A613954340A0EF911E75E89CDA Ref B: LAXEDGE1909 Ref C: 2024-08-16T16:10:46Z vary Accept-Encoding x-azure-ref 20240816T161046Z-r177d99cbd4v9x2zk7sskeec0g00000000zg00000000hpex content-type application/x-javascript x-cache CONFIG_NOCACHE cache-control no-cache, no-store accept-ranges bytes content-length 619 expires -1
GET H2	204	0 bat.bing.com/action/	0 359 B	104ms 103ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=136027538&tm=gtm002&Ver=2&mid=bc8610ba-eab1-416d-97f5-0016b9a2b7bc&sid=189fa3605bea11efa1ccd731b2ffa4e8&vid=18a071905bea11ef86dc5d2b0f2641b7&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Enterprise%20Cybersecurity%20Solutions%20%7C%20ThreatLocker&p=https%3A%2F%2Fwww.threatlocker.com%2F&r=&lt=3180&pt=1723824642111,,,,,464,488,488,488,889,619,889,1149,1158,1161,2999,3172,3180,,,&pn=0,0&evt=pageLoad&sv=1&cdb=AQAQ&rn=382152 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 16 Aug 2024 16:10:46 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 6D6CDD0788F7462CA90159125F1F1F39 Ref B: LAXEDGE1909 Ref C: 2024-08-16T16:10:46Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 491 B	305ms 141ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept * Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 16 Aug 2024 16:10:46 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 72A09C590A5941E8807632BA6D7DDF9A Ref B: LAX311000112045 Ref C: 2024-08-16T16:10:46Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 access-control-allow-origin https://www.threatlocker.com x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYfzzO6GFgBUCFAS/7uWw==
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 762 B	272ms 117ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=2782332&time=1723824646602&url=https%3A%2F%2Fwww.threatlocker.com%2F&tm=gtmv2 Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Accept * Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT content-encoding gzip x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 287349BD2A53449A922FFF274B0FB74A Ref B: LAXEDGE1822 Ref C: 2024-08-16T16:10:46Z access-control-allow-methods GET, OPTIONS x-li-fabric prod-ltx1 access-control-allow-origin * x-cache CONFIG_NOCACHE content-type application/json x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-li-uuid AAYfzzO6aoaSmM8Li+QlTQ== x-fs-uuid 00061fcf33ba6a869298cf0b8be4254d
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2782332&time=1723824646602&url=https%3A%2F%2Fwww.threatlocker.com%2F&tm=gtmv2 https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2782332&time=1723824646602&url=https%3A%2F%2Fwww.threatlocker.com%2F&tm=gtmv2&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2782332%26time%3D1723824646602%26url%3Dhttps%253A%252F%252Fwww.threatlocker.com%2... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2782332&time=1723824646602&url=https%3A%2F%2Fwww.threatlocker.com%2F&tm=gtmv2&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2782332&time=1723824646602&url=https%3A%2F%2Fwww.threatlocker.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJNEnAP9Wq2FgAAAZFb9KxENBXPFon...	0 491 B	296ms 141ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2782332&time=1723824646602&url=https%3A%2F%2Fwww.threatlocker.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJNEnAP9Wq2FgAAAZFb9KxENBXPFondBITgvDQA7X4QYo7XRx6e5P7vLEb_UgFvdbQjzw Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 1A81EDA7676541568484F5EE90536FC9 Ref B: LAX311000109049 Ref C: 2024-08-16T16:10:47Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAYfzzPFgGUxfPwRsSwdeQ== Redirect headers date Fri, 16 Aug 2024 16:10:46 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 6677606D220B446CA43A1AAAC71F2FF0 Ref B: LAX311000112045 Ref C: 2024-08-16T16:10:47Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2782332&time=1723824646602&url=https%3A%2F%2Fwww.threatlocker.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJNEnAP9Wq2FgAAAZFb9KxENBXPFondBITgvDQA7X4QYo7XRx6e5P7vLEb_UgFvdbQjzw x-li-proto http/2 content-length 0 x-li-uuid AAYfzzPA0Yf2dzutNA1yAg==
GET H2	200	/ Show response t.influ2.com/u/	63 B 337 B	304ms 131ms	Fetch text/plain	34.117.110.211 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://t.influ2.com/u/?cb=1723824646609 Requested by Host: www.influ2.com URL: https://www.influ2.com/tracker?clid=087a6b34-4416-4bb1-8253-c5e09162b66c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.110.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 211.110.117.34.bc.googleusercontent.com Software nginx/1.25.5 / Resource Hash 287561aa757956f019100c6bf3e0002666a6bacce43ffc661352dd001aa3f8b6 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT via 1.1 google server nginx/1.25.5 content-type text/plain; charset=utf-8 access-control-allow-origin https://www.threatlocker.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 63
POST H2	204	track_request aplo-evnt.com/api/v1/intent_pixel/	0 0	155ms 148ms	Fetch	34.107.133.146 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://aplo-evnt.com/api/v1/intent_pixel/track_request?app_id=65e1978a960c2c06e05043d6 Requested by Host: assets.apollo.io URL: https://assets.apollo.io/micro/website-tracker/tracker.iife.js?nocache=2s5ebr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.133.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 146.133.107.34.bc.googleusercontent.com Software nginx / Resource Hash Security Headers Name Value Content-Security-Policy frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn *.salesforce.com *.lightning.force.com Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options ALLOWALL Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/json Response headers date Fri, 16 Aug 2024 16:10:47 GMT strict-transport-security max-age=3600 x-content-type-options nosniff content-security-policy frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn *.salesforce.com *.lightning.force.com via 1.1 google server nginx vary Origin access-control-max-age 7200 access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS status 204 No Content x-transaction-id b254e7b73ad732e4defe7be7708af6a8 cache-control no-cache access-control-allow-origin * x-frame-options ALLOWALL alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
OPTIONS H2	200	track_request aplo-evnt.com/api/v1/intent_pixel/ Frame	0 0	297ms 123ms	Preflight	34.107.133.146 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://aplo-evnt.com/api/v1/intent_pixel/track_request?app_id=65e1978a960c2c06e05043d6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.133.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 146.133.107.34.bc.googleusercontent.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.threatlocker.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS access-control-allow-origin * access-control-max-age 7200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache content-length 0 date Fri, 16 Aug 2024 16:10:46 GMT server nginx status 200 OK via 1.1 google
GET H2	200	ct Show response en.rageagainstthesoap.com/	5 KB 2 KB	474ms 163ms	Script text/javascript	2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://en.rageagainstthesoap.com/ct?id=27762&url=https%3A%2F%2Fwww.threatlocker.com%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1723824646812&hl=2&op=0&ag=4229657421&rand=532222128575590222876627581226181455124289278121680880016607536872726279770766221229&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDI4OTJdLFsiYWJuY2giLDUwXSxbLTksIisiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0zMCwiW1widlwiLDBdIl0sWy01MCwiLSJdLFstNTIsIi0iXSxbLTYzLCItIl0sWy02NywiLSJdLFstMiwiMTQsZUFIV1gxL2YzcXpDdmJrdXltUXdnbElhRjNwRXNSRUVUcG9WZEZWQlFRcFJjUkJGU0tJSWdpUklyMEtoSlJxcFNBdENBa1FIcEl6eWJiWHBtWnIvNS9kOTZiemN1U0FQSi9HdCJdLFstMzUsIlsxNzIzODI0NjQ2NzAyLDEwXSJdLFstNDUsIi0iXSxbLTUzLCIxMDAiXSxbLTQsIjxodG1sIGRhdGEtd2YtZG9tYWluPVwid3d3LnRocmVhdGxvY2tlci5jb21cIiBkYXRhLXdmLXBhZ2U9XCI2NDJmMDk0ZTY4MmJlNzgwMzE0ZmMyZjlcIiBkYXRhLXdmLXNpdGU9XCI2MzU2YzQ0MWNlMzQwMjliMzI3ODAyYmZcIiBsYW5nPVwiZW5cIiBjbGFzcz1cInctbW9kLWpzIHctbW9kLWl4IHdmLW9wZW5zYW5zLWk2LWFjdGl2ZSB3Zi1vcGVuc2Fucy1pMy1hY3RpdmUgd2Ytb3BlbnNhbnMtaTgtYWN0aXZlIHdmLW9wZW5zYW5zLWk3LWFjdGl2ZSB3Zi1vcGVuc2Fucy1pNC1hY3RpdmUgd2Ytb3BlbnNhbnMtbjYtYWN0aXZlIHdmLW9wZW5zYW5zLW44LWFjdGl2ZSB3Zi1vcGVuc2Fucy1uNC1hY3RpdmUgd2Ytb3BlbnNhbnMtbjctYWN0aXZlIHdmLW9wZW5zYW5zLW4zLWFjdGl2ZSB3Zi1hY3RpdmUgd2YtcHJveGltYW5vdmEtbjUtYWN0aXZlIHdmLXByb3hpbWFub3ZhLW43LWFjdGl2ZSB3Zi1wcm94aW1hbm92YS1uNi1hY3RpdmUgd2YtcHJveGltYW5vdmEtaTQtYWN0aXZlIHdmLXByb3hpbWFub3ZhLW4zLWFjdGl2ZSB3Zi1wcm94aW1hbm92YS1uNC1hY3RpdmUgd2YtcHJveGltYW5vdmEtbjgtYWN0aXZlIHdmLXByb3hpbWFub3ZhLWkzLWFjdGl2ZVwiPjxoZWFkPjxzdHlsZT4ud2YtZm9yY2Utb3V0bGluZS1ub25lW3RhYmluZGV4PVwiLTFcIl06Zm9jdXN7b3V0bGluZTpub25lO308L3N0eWxlPjxtZXRhIGNoYXJzZXQ9XCJ1dGYtOFwiPjx0aXRsZT5FbnRlcnByaXNlIEN5YmVyc2VjdXJpdHkgU29sdXRpb25zIHwgVGhyZWF0TG9ja2VyPC90aXRsZT48bWV0YSBjb250ZW50PVwiV2UgYXJlIGFuIGVuZHBvaW50IHByb3RlY3Rpb24gcGxhdGZvcm0gdGhhdCBvZmZlcnMgdG9wIGVudGVycHJpc2Ugc2VjdXJpdHkgc29mdHdhcmUgYW5kIHNvbHV0aW9ucy4gS2VlcCB5b3VyIGJ1c2luZXNzIHNhZmUgd2l0aCB6ZXJvIHRydXN0IGVuZHBvaW50IHNlY3VyaXR5IVwiIG5hbWU9XCJkZXNjcmlwdGlvblwiPjxtZXRhIGNvbnRlbnQ9XCJFbnRlcnByaXNlIEN5YmVyc2VjdXJpdHkgU29sdXRpb25zIHwgVGhyZWF0TG9ja2VyXCIgcHJvcGVydHk9XCJvZzp0aXRsZVwiPjxtZXRhIGNvbnRlbnQ9XCJXZSBhcmUgYW4gZW5kcG9pbnQgcHJvdGVjdGlvbiBwbGF0Zm9ybSB0aGF0IG9mZmVycyB0b3AgZW50ZXJwcmlzZSBzZWN1cml0eSBzb2Z0d2FyZSBhbmQgc29sdXRpb25zLiBLZWVwIHlvdXIgYnVzaW5lc3Mgc2FmZSB3aXRoIHplcm8gdHJ1c3QgZW5kcG9pbnQgc2VjdXJpdHkhXCIgcHJvcGVydHk9XCJvZzpkZXNjcmlwdGlvblwiPjxtZXRhIGNvbnRlbnQ9XCJodHRwczovL2Nkbi5wcm9kLndlYnNpdGUtZmlsZXMuY29tLzYzNTZjNDQxY2UzNDAyOWIzMjc4MDJiZi82NmJlMjcxYTExZWU2OGM3ODE5NzlhYTVfVGhyZWF0TG9ja2VyLUZlYXR1cmVkLUltYWdlLnBuZ1wiIHByb3BlcnR5PVwib2c6aW1hZ2VcIj48bWV0YSBjb250ZW50PVwiRW50ZXJwcmlzZSBDeWJlcnNlY3VyaXR5IFNvbHV0aW9ucyB8IFRocmVhdExvY2tlclwiIHByb3BlcnR5PVwidHdpdHRlcjp0aXRsZVwiPjxtZXRhIGNvbnRlbnQ9XCJXZSBhcmUgYW4gZW5kcG9pbnQgcHJvdGVjdGlvbiBwbGF0Zm9ybSB0aGF0IG9mZmVycyB0b3AgZW50ZXJwcmlzZSBzZWN1cml0eSBzb2Z0d2FyZSBhbmQgc29sdXRpb25zLiBLZWVwIHlvdXIgYnVzaW5lc3Mgc2FmZSB3aXRoIHplcm8gdHJ1c3QgZW5kcG9pbnQgc2VjdXJpdHkhXCIgcHJvcGVydHk9XCJ0d2l0dGVyOmRlc2NyaXB0aW9uXCI%2BPG1ldGEgY29udGVudD1cImh0dHBzOi8vY2RuLnByb2Qud2Vic2l0ZS1maWxlcy5jb20vNjM1NmM0NDFjZTM0MDI5YjMyNzgwMmJmLzY2YmUyNzFhMTFlZTY4Yzc4MTk3OWFhNV9UaHJlYXRMb2NrZXItRmVhdHVyZWQtSW1hZ2UucG5nXCIgcHJvcGVydHk9XCJ0d2l0dGVyOmltYWdlXCI%2BPG1ldGEgcHJvcGVydHk9XCJvZzp0eXBlXCIgY29udGVudD1cIndlYnNpdGVcIj48bWV0YSBjb250ZW50PVwic3VtbWFyeV9sYXJnZV9pbWFnZVwiIG5hbWU9XCJ0d2l0dGVyOmNhcmRcIj48bWV0YSBjb250ZW50PVwid2lkdGg9ZGV2aWNlLXdpZHRoLCBpbml0aWFsLXNjYWxlPTFcIiBuYW1lPVwidmlld3BvcnRcIj48bGluayBocmVmPVwiaHR0cHM6Ly9jZG4ucHJvZC53ZWJzaXRlLWZpbCJdLFstMTQsIi0iXSxbLTIxLCItIl0sWy0yNCwiW10iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsNSx0cnVlLHRydWUsbnVsbCwwLHRydWUsdHJ1ZV0iXSxbLTQxLCItIl0sWy00NiwiMCJdLFstNjAsMjA2XSxbLTY4LCItIl0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsXCIsXCJ2XCI6XCJpbnRlbCBpbmMuXCIsXCJyXCI6XCJpbnRlbCBpcmlzIG9wZW5nbCBlbmdpbmVcIixcInNsdlwiOlwid2ViZ2wgZ2xzbCBlcyAxLjAgKG9wZW5nbCBlcyBnbHNsIGVzIDEuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDEuMCAob3BlbmdsIGVzIDIuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6MTUsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxOTMwODIwMjc5LFwic2VjXCI6XCJcIn0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTI5LCItIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEiXSxbLTY1LCItIl0sWy0xMiwibnVsbCJdLFstMjUsIi0iXSxbLTY0LCJbMCxcIlwiLFtdXSJdLFstNjYsImdlb2xvY2F0aW9uLHN0b3JhZ2VhY2Nlc3MsZ2FtZXBhZCxjaGVjdCxtaWRpLGRpc3BsYXljYXB0dXJlLHVzYixicm93c2luZ3RvcGljcyxwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LGxvY2FsZm9udHMsb3RwY3JlZGVudGlhbHMsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxzaGFyZWRzdG9yYWdlLGNoZG93bmxpbmssY2hwcmVmZXJzY29sb3JzY2hlbWUsc3luY3hocixjaHVhbW9kZWwsY2hwcmVmZXJzcmVkdWNlZHRyYW5zcGFyZW5jeSxzZXJpYWwsY2FtZXJhLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24scHJpdmF0ZXN0YXRldG9rZW5pc3N1YW5jZSxpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LGNodWFmdWxsdmVyc2lvbixmdWxsc2NyZWVuLGNoZHByLHVubG9hZCxrZXlib2FyZG1hcCxjaHVhcGxhdGZvcm0sc2hhcmVkc3RvcmFnZXNlbGVjdHVybCxneXJvc2NvcGUsaW50ZXJlc3Rjb2hvcnQsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LGNodWEscHVibGlja2V5Y3JlZGVudGlhbHNjcmVhdGUsbWFnbmV0b21ldGVyLGFjY2VsZXJvbWV0ZXIscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGNodWFhcmNoLHhyc3BhdGlhbHRyYWNraW5nLGNodWFmb3JtZmFjdG9ycyxpZGxlZGV0ZWN0aW9uLGNodWFwbGF0Zm9ybXZlcnNpb24sY2h3aWR0aCxjbGlwYm9hcmRyZWFkLGNodmlld3BvcnR3aWR0aCxjb21wdXRlcHJlc3N1cmUscGF5bWVudCxjaHZpZXdwb3J0aGVpZ2h0LGNocnR0LGF1dG9wbGF5LGNyb3Nzb3JpZ2luaXNvbGF0ZWQsaGlkLGNodWFiaXRuZXNzLHNjcmVlbndha2Vsb2NrLHByaXZhdGVhZ2dyZWdhdGlvbixjbGlwYm9hcmR3cml0ZSxhdHRyaWJ1dGlvbnJlcG9ydGluZyxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy02OSwiTGludXggeDg2XzY0fEdvb2dsZSBJbmMufDh8MTZ8fDAiXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwib2c6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOnRpdGxlXCIsXCJ0d2l0dGVyOmRlc2NyaXB0aW9uXCJdfSJdLFstMTMsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstNDAsIjMzIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNywiLSJdLFstMTYsIjAiXSxbLTMyLCItIl0sWy00NCwiMCwwLDAsNSJdLFstNDcsIlBhY2lmaWMvSG9ub2x1bHUsZW4tVVMsbGF0bixncmVnb3J5Il0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkge1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAgICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAgICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAgICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9KVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9XSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstOCwiLSJdLFstMTUsIi0iXSxbLTE5LCJbNzAsNzAsNzAsNzAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyODUsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCIsMTYwMCwxMjAwXSJdLFstMjAsIjE0NjE0OTY0MjEuMTcyMzgyNDY0NiJdLFstMjYsIntcInRqaHNcIjozMTQ3OTUwNixcInVqaHNcIjoyNjAzNTUyNixcImpoc2xcIjo0Mjk0NzA1MTUyfSJdLFstMjcsIlsyMDAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTMxLCJmYWxzZSJdLFstMzQsIi0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstNTEsIi0iXSxbLTU1LCIxIl0sWy01OSwiZGVmYXVsdCJdLFstMTgsIlswLDAsMCwxXSJdLFstMzgsImksLTEsLTEsNDY0LDAsMjQsMCwwLDQwMSwyNjksLTEsMCwyODE4LjQsMjgxOC40LDQ2OTMsNDY5NCJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUW9KQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZGZYQmtSVVUxTlNVb0RGaFpkRjB0WVhseFlYbGhRVjBwTlRWRmNTbFpZU1JkYVZsUVdVQllPWHc1YURBRmZYd0ZkRHc4TkRROEJEbHRiQzF0Y0FBd0xBQW9BRFFsWURoZFRTZ01JQXc4T0R3d1BFQlZZVFJsTEdSRlJUVTFKU2dNV0ZsMFhTMWhlWEZoZVdGQlhTazFOVVZ4S1ZsaEpGMXBXVkJaUUZnNWZEbG9NQVY5ZkFWMFBEdzBORHdFT1cxc0xXMXdBREFzQUNnQU5DVmdPRnc9PSJdLFstMSwiLSJdLFstMTAsIi0iXSxbLTE3LCIxNiJdLFstNTQsIntcImhcIjpbXCIzMzA5MzE0MTY3XCIsXCI4MTAzNDM2ODhcIixcIjI0NjMzMTI5MTdcIixcIjM1Njk0Mzg3NVwiLFwiMjMxNTE1MzYyOFwiLFwiMTUxMDU4NzQxOVwiLFwiXzNcIixcIjI4NzI4OTkzMjBcIl0sXCJkXCI6W10sXCJiXCI6W10sXCJzXCI6MX0iXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNTgsIi0iXSxbImJuY2giLDE5MV0sWy0yMywiKyJdLFstMzMsIi0iXSxbLTYxLCJ7XCJ3Z3NsXCI6XCI0O3JlYWRvbmx5X2FuZF9yZWFkd3JpdGVfc3RvcmFnZV90ZXh0dXJlcztwYWNrZWRfNHg4X2ludGVnZXJfZG90X3Byb2R1Y3Q7dW5yZXN0cmljdGVkX3BvaW50ZXJfcGFyYW1ldGVycztwb2ludGVyX2NvbXBvc2l0ZV9hY2Nlc3M7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbLTYyLCI4MCJdLFsiZGRiIiwiMCwxNCwxLDIsMSwyLDAsMCwwLDEsMCwwLDAsMCwyLDAsMCwwLDEsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwxLDEsMCwwLDAsMCwxLDEsNCwwLDAsMTMsMCwxLDAsMCwwLDAsMCwwLDAsMSwxLDAsMTgsMSwwLDAsMCwwLDEsMCwwLDAiXSxbImNiIiwiMCwwLDAsMCwwLDAsMCwxLDAsOCwwLDAsMTcsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwxNCwwLDAsMCwwLDAsMCwwLDQsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=mGfkYkLzJd&pto=4703&ver=61&gac=1461496421.1723824646&mei=&ap=&fe=1&duid=1.1723824646.dT07iDFcbaV213tH&suid=1.1723824646.tJb5HA1yEzmOoBTb&tuid=1.1723824646.aHyYVnqwIRwXWHz8&fbc=-&gtm=W10%3D&it=75%2C3878%2C594&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=18a071905bea11ef86dc5d2b0f2641b7&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D Requested by Host: d.rageagainstthesoap.com URL: https://d.rageagainstthesoap.com/i/7f7c58ff8d6644687bb2be95293940a7.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash c59cc92c68760bad9dac24bbd6d59f62f54598fae6b16e8234bca3ba8b872b98 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 16 Aug 2024 16:10:47 GMT content-encoding gzip content-type text/javascript cache-control no-cache, no-store, must-revalidate timing-allow-origin undefined content-length 1923 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ tr.lfeeder.com/	43 B 338 B	561ms 248ms	Image image/gif	3.168.122.62 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tr.lfeeder.com/?sid=kn9Eq4RjeBl4RlvP&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLTFHVzhUOU1ZUFIiXSwiZ2FDbGllbnRJZHMiOlsiMTQ2MTQ5NjQyMS4xNzIzODI0NjQ2Il0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNjQuMCJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly93d3cudGhyZWF0bG9ja2VyLmNvbS8iLCJwYWdlVGl0bGUiOiJFbnRlcnByaXNlIEN5YmVyc2VjdXJpdHkgU29sdXRpb25zIHwgVGhyZWF0TG9ja2VyIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiIxYTFjYWY4ZjIyODQyNjliIiwic2NyaXB0SWQiOiJrbjlFcTRSamVCbDRSbHZQIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS5kOGI2MDllMjQ3MmFjZThhLjE3MjM4MjQ2NDY4MjYiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoic3BhIn0= Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.122.62 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-122-62.jfk52.r.cloudfront.net Software CloudFront / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:47 GMT via 1.1 37fecf641296846b450fec2550a25bee.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop JFK52-P7 vary Origin x-cache LambdaGeneratedResponse from cloudfront content-type image/gif cross-origin-resource-policy cross-origin content-length 43 x-amz-cf-id dNKs_08t35QFiI5FoYRBW-XFgFm0OQzgHaRS5sO9Nz0LT1Lu6_vuJA==
OPTIONS H2	200	ingest pixels.spotify.com/v1/ Frame	0 0	303ms 120ms	Preflight	2600:1901:1:7c5:: GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pixels.spotify.com/v1/ingest Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software envoy / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.threatlocker.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-origin https://www.threatlocker.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Fri, 16 Aug 2024 16:10:46 GMT server envoy vary Accept-Encoding via HTTP/2 edgeproxy, 1.1 google
POST H2	200	ingest Show response pixels.spotify.com/v1/	52 B 271 B	131ms 124ms	Fetch application/json	2600:1901:1:7c5:: GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pixels.spotify.com/v1/ingest Requested by Host: pixel.byspotify.com URL: https://pixel.byspotify.com/ping.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software envoy / Resource Hash a12552ac438be15c91b005583d3c6023217c438046c1326be0cb5814d2fa471f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept application/json Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/json Response headers date Fri, 16 Aug 2024 16:10:46 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding gzip grpc-status 0 server envoy via HTTP/2 edgeproxy, 1.1 google grpc-encoding identity vary Accept-Encoding content-type application/json access-control-allow-origin https://www.threatlocker.com x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 grpc-accept-encoding gzip,x-snappy-framed
GET H2	200	415880108001586 Show response connect.facebook.net/signals/config/	62 KB 13 KB	143ms 141ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/415880108001586?v=2.9.164&r=stable&domain=www.threatlocker.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 1ce1652592a8737fd05a4849b2356cfb8c078236ad599d3023bf5d5f1bcc7b55 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 16 Aug 2024 16:10:46 GMT document-policy force-load-at-top x-fb-server-load 41 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 12691 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=134, rtx=0, c=65, mss=1297, tbw=64371, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug HhrGrB6Vfki2woOYjnYdFmyoRUTVyXijPxgDDbeRyHQxlau6oTbrKXalTLJBBndZhwF9W8JMj4Kk51tBoGqGtA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	cv_pixel.js Show response adservices.brandcdn.com/pixel/	2 KB 1 KB	296ms 85ms	Script text/javascript	52.9.87.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adservices.brandcdn.com/pixel/cv_pixel.js Requested by Host: tag.brandcdn.com URL: https://tag.brandcdn.com/autoscript/threatlocker_vgtsqk1vouvvve09/ThreatLocker.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.9.87.39 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-9-87-39.us-west-1.compute.amazonaws.com Software Apache/2.4.52 (Ubuntu) / Resource Hash bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:47 GMT content-encoding gzip last-modified Fri, 21 Apr 2023 11:03:33 GMT server Apache/2.4.52 (Ubuntu) etag "613-5f9d69bae4944-gzip" vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 745
GET H/1.1	200 OK	iframe d1eoo1tco6rr5e.cloudfront.net/qguk9l8/ebqujy4/ Frame 1D94 Redirect Chain https://insight.adsrvr.org/tags/qguk9l8/ebqujy4/iframe https://d1eoo1tco6rr5e.cloudfront.net/qguk9l8/ebqujy4/iframe	0 0	441ms 144ms	Document text/html	13.226.29.201 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1eoo1tco6rr5e.cloudfront.net/qguk9l8/ebqujy4/iframe Requested by Host: tag.brandcdn.com URL: https://tag.brandcdn.com/autoscript/threatlocker_vgtsqk1vouvvve09/ThreatLocker.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.226.29.201 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-29-201.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Age 24776 Cache-Control max-age=86400 Connection keep-alive Content-Length 138 Content-Type text/html Date Fri, 16 Aug 2024 09:17:52 GMT ETag "196e9b440e0b1bfb8c0df0a1551caad5" Last-Modified Mon, 09 Oct 2023 15:27:54 GMT Server AmazonS3 Via 1.1 d8231fd704ad0bc5e49083372d79c2c0.cloudfront.net (CloudFront) X-Amz-Cf-Id XkG2rSlfP4rCx5Y3-b8pacvDmhf6aN2xXzTY12viWnv2LXuJS0DEHw== X-Amz-Cf-Pop EWR53-C2 X-Cache Hit from cloudfront x-amz-server-side-encryption AES256 Redirect headers content-length 0 date Fri, 16 Aug 2024 16:10:47 GMT location https://d1eoo1tco6rr5e.cloudfront.net/qguk9l8/ebqujy4/iframe
GET		v2 usermatch.krxd.net/um/ Redirect Chain https://insight.adsrvr.org/track/conv/?adv=qguk9l8&ct=0:5wdbbrz&fmt=3 https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=1e11446d-57d4-4e0b-8608-379acf6fdd26	0 0
GET		v2 usermatch.krxd.net/um/ Redirect Chain https://insight.adsrvr.org/track/evnt/?adv=qguk9l8&ct=0:ebqujy4&fmt=3 https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=079de1f1-86a9-45ad-8c26-33e2572a24d7	0 0
GET H/1.1	200 OK	tv2track.php collector-35187.us.tvsquared.com/	42 B 276 B	129ms 128ms	Image image/gif	18.117.65.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://collector-35187.us.tvsquared.com/tv2track.php?action_name=Enterprise%20Cybersecurity%20Solutions%20%7C%20ThreatLocker&idsite=TV-6345811827-1&rec=1&r=007508&h=6&m=10&s=46&url=https%3A%2F%2Fwww.threatlocker.com%2F&_id=fff7ab7600c5e52a&_idts=1723824647&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=269 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.117.65.149 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-117-65-149.us-east-2.compute.amazonaws.com Software nginx / Resource Hash f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/gif Date Fri, 16 Aug 2024 16:10:46 GMT Server nginx Connection keep-alive Request-Id ff381759-e8ed-40b1-b518-343886085ebf Content-Length 42 P3p CP='OTI DSP COR NID STP UNI OTPa OUR'
GET H2	200	0.7.41 Show response bat.bing.com/p/insights/s/	35 KB 15 KB	112ms 111ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/insights/s/0.7.41 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/insights/t/136027538 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 8446f25870745be7ba067eb67f0a7ba7387230ef4e0673155c137f64eff3483e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Fri, 16 Aug 2024 16:10:46 GMT x-cache CONFIG_NOCACHE x-fd-int-roxy-purgeid 51562430 content-length 15147 last-modified Thu, 01 Aug 2024 19:54:23 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 6C537E771531471D810733A26F7A6ED9 Ref B: LAXEDGE1909 Ref C: 2024-08-16T16:10:46Z etag W/"0x8DCB263BDF5E815" vary Accept-Encoding x-azure-ref 20240816T161046Z-r1c7b8c864dqk87tpnmssdgk0800000012eg000000008631 content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id 030eea90-001e-0079-5874-e4d2ff000000 cache-control public, max-age=86400 x-ms-version 2018-03-28
GET H2	200	json Show response api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/	187 B 1 KB	396ms 172ms	XHR application/json	2606:4700::6812:f46c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=3949713 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f46c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7564ef0792ba747553aa7c678003e337c81041aabc1b494fef1fb39ffc834b8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 6dba935f-1f66-4758-96e6-ce91c1ff5019 content-encoding br x-envoy-upstream-service-time 6 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 6dba935f-1f66-4758-96e6-ce91c1ff5019 server cloudflare vary origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://www.threatlocker.com x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-78c8468c8b-p97ds access-control-max-age 180 access-control-allow-credentials false x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kpZafHgTlwIWTqg86whe0UjoaXhYzezMy2odzZAHB%2FcDvFiMzFjSRn3DtVzpPpKJgogyW5Od9YXDaoxLp%2B4%2F1uM7zyN5hQzr%2FvMQZq1lcRsXrZirMoj3ntkb0EZu8FFbBD2fds8Saj6fxIQe"}],"group":"cf-nel","max_age":604800} cf-ray 8b42b24ccda87baf-LAX access-control-allow-headers *
GET H2	200	/ www.facebook.com/tr/	0 270 B	447ms 137ms	Image text/plain	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=415880108001586&ev=PageView&dl=https%3A%2F%2Fwww.threatlocker.com%2F&rl=&if=false&ts=1723824647085&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1723824647078.321914602780577054&ler=empty&cdl=API_unavailable&it=1723824646865&coo=false&tm=1&rqm=GET Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-fb-connection-quality GOOD; q=0.7, rtt=133, rtx=0, c=10, mss=1297, tbw=2844, tp=-1, tpl=-1, uplat=0, ullat=1 strict-transport-security max-age=31536000; includeSubDomains date Fri, 16 Aug 2024 16:10:47 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 1 KB	578ms 270ms	Image image/png	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=415880108001586&ev=PageView&dl=https%3A%2F%2Fwww.threatlocker.com%2F&rl=&if=false&ts=1723824647085&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1723824647078.321914602780577054&ler=empty&cdl=API_unavailable&it=1723824646865&coo=false&tm=1&rqm=FGET Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Fri, 16 Aug 2024 16:10:47 GMT document-policy force-load-at-top x-fb-server-load 18 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7403770484807060500", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=133, rtx=0, c=10, mss=1297, tbw=6547, tp=-1, tpl=-1, uplat=57, ullat=0 pragma no-cache x-fb-debug Koum/9JzNuDVzR1nMiHg6ZOGGfJmua8fSSpUAk5Bc7ovhYX5MqI8s7DMvaxk0B/WC/5qNCZxuTzFpemfzdYHVw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7403770484807060500"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.43/	62 KB 26 KB	149ms 125ms	Script application/javascript	2620:1ec:bdf::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.43/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/e0y38b0sji?ref=gtm2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:47 GMT content-encoding br last-modified Tue, 13 Aug 2024 20:00:47 GMT etag W/"0x8DCBBD29FD28C29" vary Accept-Encoding x-azure-ref 20240816T161047Z-15db5b49bf6sf8bk3tsdfawras00000000fg00000000t1ur content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id 54363ab6-d01e-0008-6a0d-ef34d4000000 cache-control public, max-age=86400 x-cache TCP_HIT x-ms-version 2018-03-28 x-fd-int-roxy-purgeid 51562430
POST H2	204	l Show response bat.bing.com/p/insights/c/	0 212 B	233ms 231ms	XHR text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/insights/c/l Requested by Host: bat.bing.com URL: https://bat.bing.com/p/insights/s/0.7.41 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept application/x-webinsights-gzip Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 16 Aug 2024 16:10:47 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: F5144F9975BE40F5A8B8236487237B95 Ref B: LAXEDGE1909 Ref C: 2024-08-16T16:10:47Z vary Origin x-cache CONFIG_NOCACHE access-control-allow-origin https://www.threatlocker.com access-control-allow-credentials true request-context appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	40 KB 0	0ms 0ms	Script application/javascript	2600:141b:1c00:6::17df:d112 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:6::17df:d112 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 24 Jul 2024 05:33:09 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=18917 accept-ranges bytes content-length 14597
POST H2	204	collect analytics.google.com/g/	0 0	151ms 150ms	Fetch text/plain	2607:f8b0:4006:80c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-1GW8T9MYPR&gtm=45je48e0v9123343682z89115913288za200zb9115913288&_p=1723824643875&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1461496421.1723824646&ecid=1606115754&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1723824646&sct=1&seg=0&dl=https%3A%2F%2Fwww.threatlocker.com%2F&dt=Enterprise%20Cybersecurity%20Solutions%20%7C%20ThreatLocker&en=timer_10_seconds&_et=541&tfd=5232 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1GW8T9MYPR&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 16 Aug 2024 16:10:47 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.threatlocker.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bat.js Show response bat.bing.com/	49 KB 0	0ms 0ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: d.rageagainstthesoap.com URL: https://d.rageagainstthesoap.com/i/7f7c58ff8d6644687bb2be95293940a7.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:46 GMT content-encoding gzip last-modified Sat, 13 Jul 2024 20:42:16 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: F19F2A38EA544E68B0CD93A5434FBBB7 Ref B: LAXEDGE1909 Ref C: 2024-08-16T16:10:46Z etag "044982565d5da1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 14183
GET H3	200	js Show response www.googletagmanager.com/gtag/	269 KB 93 KB	182ms 181ms	Script application/javascript	142.250.80.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-616220730&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.40 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s34-in-f8.1e100.net Software Google Tag Manager / Resource Hash 758a6e3044adb69b7bddb07c5d6270724f2ad64f960b8b156083ced2870cd67f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:47 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 94781 x-xss-protection 0 last-modified Fri, 16 Aug 2024 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 16 Aug 2024 16:10:47 GMT
GET H2	200	/ www.facebook.com/tr/	0 99 B	174ms 137ms	Image text/plain	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=415880108001586&ev=CHEQ&dl=https%3A%2F%2Fwww.threatlocker.com%2F&rl=&if=false&ts=1723824647348&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1723824647078.321914602780577054&ler=empty&cdl=API_unavailable&it=1723824646865&coo=false&rqm=GET Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-fb-connection-quality GOOD; q=0.7, rtt=133, rtx=0, c=10, mss=1297, tbw=2844, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 16 Aug 2024 16:10:47 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	234ms 198ms	Image image/png	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=415880108001586&ev=CHEQ&dl=https%3A%2F%2Fwww.threatlocker.com%2F&rl=&if=false&ts=1723824647348&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1723824647078.321914602780577054&ler=empty&cdl=API_unavailable&it=1723824646865&coo=false&rqm=FGET Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Fri, 16 Aug 2024 16:10:47 GMT document-policy force-load-at-top x-fb-server-load 31 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7403770484505068539", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=133, rtx=0, c=10, mss=1297, tbw=3257, tp=-1, tpl=-1, uplat=54, ullat=0 pragma no-cache x-fb-debug 5IqqCbfkqvzbYXorGkgRUNY/4BKPgcdrhwdCdOqOJgyCT4M+LEESaeLCKRSLnhw/ep5RwkB40RoVMDbdkLFE5A== cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7403770484505068539"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	204	0 bat.bing.com/action/	0 120 B	104ms 104ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=136027538&tm=gtm002&Ver=2&mid=bc8610ba-eab1-416d-97f5-0016b9a2b7bc&sid=189fa3605bea11efa1ccd731b2ffa4e8&vid=18a071905bea11ef86dc5d2b0f2641b7&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fwww.threatlocker.com%2F&sw=1600&sh=1200&sc=24&evt=custom&cdb=AQAQ&rn=525212 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 16 Aug 2024 16:10:47 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: B78092305C1D4AE1832BB6410C0480EA Ref B: LAXEDGE1909 Ref C: 2024-08-16T16:10:47Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-conversion/616220730/ Redirect Chain https://www.googleadservices.com/pagead/conversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0 https://googleads.g.doubleclick.net/pagead/viewthroughconversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0&ct_cookie_present=false&random=1503922229&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI... https://www.google.com/pagead/1p-conversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0&ct_cookie_present=false&random=1503922229&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIsKyanvP5hwMV_geICR2wN...	42 B 64 B	161ms 160ms	Image image/gif	172.217.165.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-conversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0&ct_cookie_present=false&random=1503922229&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIsKyanvP5hwMV_geICR2wNA6pMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggS&is_vtc=1&cid=CAQSGwDpaXnf4lUTE5Lm-amXCARDlASQhk1fQ4RDiQ&random=2786524960 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Server 172.217.165.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS lax30s03-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 16 Aug 2024 16:10:48 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 16 Aug 2024 16:10:48 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://www.google.com/pagead/1p-conversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0&ct_cookie_present=false&random=1503922229&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIsKyanvP5hwMV_geICR2wNA6pMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggS&is_vtc=1&cid=CAQSGwDpaXnf4lUTE5Lm-amXCARDlASQhk1fQ4RDiQ&random=2786524960 content-type image/gif cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tc_imp.gif en.rageagainstthesoap.com/tracker/	43 B 79 B	134ms 134ms	Image image/gif	2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://en.rageagainstthesoap.com/tracker/tc_imp.gif?e=37dfbd8ee84e001268edcf37ee418e9a9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c168a6b2517071a10acf9f29f671d85d0db0e2e3d13fe797651876f8e66ce04645720c551555663510ec4ed634d77be26bb25cb43e2916af05665ff0b2d7e1bda55ed43f497d7df3cbb2807ff7ecaa8556d8e0e3143714493d60264f160b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c44ca4825b6a3e5aa22a76da50eda7cf54a6863c89777256e1d0cd71ed0d906f50732e690b73255015ab2fb523c9bdc05457f54065258fcd135700e5fe6a5142c93aaf7298ee04572032cbbc5f4c2c935e7c2db59ec489f5e2c7edfaacff4e43e828de66cc53306d0a8982a4b42a2356cf9974264b8d8f372d90eaa43e7d719c61ed9d36d9a6d279c9a27d96d8cc0adb1d3fde90b72b26bf6f8f0364e73fb947dd4ec00e614025d880e01d092cfc9ccf3c870866ad699f5d02ba03c6b3387692698d4c91f768ba633aa41bfd37aa737e13d420b0c9f78ff1adf87f62cf6c728c018e09fccdc77ce01042db31e15593e113ec6a664a713c6de8664ebde69fe8427df81fff57083f0bf1f6a3ec6a95b47fab9025d0ee2c7e474ae289bee5aeee427b478a2308b52d316d4a03ec31c23e2bc8e74696d135f735e0253d3b59e66c01fa5595c0175eabe24dc9b1110fdbad9a6b56cc2ecf8fd86f8aff1574e3cfb4785aa586e83436307d6635d716bea7aaf761ac2f7c0638a63d6398aab2cc9be119a6712222801600e9fc7edc7217a5698045893d3d8d6acd80740c7e4af7784ce6d7adfd011346bfd97dd503fe3438558c66e956cc943bdca12fbfe4af0879a91dd1e36fdea29629c77a18fb3a314986a30101bd0121155c9d25ec6995e97e6c4ba309f959b214a721eea2fa117ab4bb3866b953a4125473e7b61b022c7e8550bf828b9c5b25dbeb70784666fbd533c7a8de2ba6746fc33b1d702d0062d121eed7f7dfef084398f0e61c4e746f68682a19248db41477640b0652f519f99104efa61b6eccb2c93c1ac53083eb060230b0dd30510bbdbfc12118c702e90c4d653c3d5a6dd0661e965f9156055cf473f6d8a93570399dce3caf0eb45b428ac6fc93790cc10cee9f12e33eb9a529bddc7f2b6af899e6f1bd2b1375fcd6ece49c813&cri=mGfkYkLzJd&ts=562&cb=1723824647374 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-type image/gif pragma no-cache date Fri, 16 Aug 2024 16:10:47 GMT cache-control no-cache, no-store, must-revalidate content-length 43 expires Fri, 01 Jan 1990 00:00:00 GMT
GET BLOB	200 OK	6d325986-c6c1-47c5-b138-c57243536936 https://www.threatlocker.com/	261 B 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://www.threatlocker.com/6d325986-c6c1-47c5-b138-c57243536936 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 29a3874c8a5bea12686f32bb123292af2e6f882e689d765b02fdec6079ffad96 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Length 261 Content-Type
POST H2	204	0 bat.bing.com/actionp/	0 120 B	157ms 156ms	Ping text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/actionp/0?ti=136027538&tm=gtm002&Ver=2&mid=bc8610ba-eab1-416d-97f5-0016b9a2b7bc&sid=189fa3605bea11efa1ccd731b2ffa4e8&vid=18a071905bea11ef86dc5d2b0f2641b7&vids=0&msclkid=N&evt=dedup Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 16 Aug 2024 16:10:47 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 1C9BC9AC423E4084AD8D95CCB1A22821 Ref B: LAXEDGE1909 Ref C: 2024-08-16T16:10:47Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	204 No Content	collect Show response l.clarity.ms/	0 284 B	503ms 213ms	XHR text/plain	51.8.207.171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://l.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.43/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.8.207.171 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin https://www.threatlocker.com Date Fri, 16 Aug 2024 16:10:47 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
GET BLOB	200 OK	546c02ce-4a3a-499b-9804-00723e5861f8 https://www.threatlocker.com/	529 B 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://www.threatlocker.com/546c02ce-4a3a-499b-9804-00723e5861f8 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash d29eae7071abe55a5db7064b0d15fb24e186fbf032cc942a6e8810d141337beb Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Length 529 Content-Type
POST H/1.1	204 No Content	collect Show response l.clarity.ms/	0 284 B	614ms 346ms	XHR text/plain	51.8.207.171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://l.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.43/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.8.207.171 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin https://www.threatlocker.com Date Fri, 16 Aug 2024 16:10:48 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
POST H3	200	collect www.google.com/ccm/	0 0	442ms 157ms	Ping text/html	172.217.165.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.threatlocker.com%2F&frm=0&rnd=391224503.1723824648&auid=1126181062.1723824646&npa=0&gtm=45be48e0v890694919za200zb9115913288&gcd=13l3l3l3l1&dma=0&tag_exp=0&tft=1723824647832&tfd=5721&apve=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-616220730&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.165.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS lax30s03-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/616220730/	2 KB 1 KB	285ms 160ms	Script text/javascript	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/616220730/?random=1723824647824&cv=11&fst=1723824647824&bg=ffffff&guid=ON&async=1&gtm=45be48e0v890694919za200zb9115913288&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.threatlocker.com%2F&hn=www.googleadservices.com&frm=0&tiba=Enterprise%20Cybersecurity%20Solutions%20%7C%20ThreatLocker&npa=0&pscdl=noapi&auid=1126181062.1723824646&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-616220730&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software cafe / Resource Hash 6e8573f1e12a8657d35693066f44120a223c93012d2f435931fe8be1cf3322a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 16 Aug 2024 16:10:48 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1381 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response www.googleadservices.com/pagead/conversion/616220730/	3 KB 2 KB	167ms 167ms	Script text/javascript	142.250.80.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/616220730/?random=1723824647847&cv=11&fst=1723824647847&bg=ffffff&guid=ON&async=1&gtm=45be48e0v890694919za200zb9115913288&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.threatlocker.com%2F&label=vGPiCPi3pNMDELqQ66UC&hn=www.googleadservices.com&frm=0&tiba=Enterprise%20Cybersecurity%20Solutions%20%7C%20ThreatLocker&gtm_ee=1&npa=0&pscdl=noapi&auid=1126181062.1723824646&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-616220730&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s35-in-f2.1e100.net Software cafe / Resource Hash ca01d5aaa7c15bbc014fa50aa980ce70ad831c8819a3cc0963b91ac68fd93944 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 16 Aug 2024 16:10:47 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1558 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-conversion/616220730/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/616220730/?random=64837161&cv=11&fst=1723824647847&bg=ffffff&guid=ON&async=1&gtm=45be48e0v890694919za200zb9115913288&gcd=13l3l3l3l1&... https://www.google.com/pagead/1p-conversion/616220730/?random=64837161&cv=11&fst=1723824647847&bg=ffffff&guid=ON&async=1&gtm=45be48e0v890694919za200zb9115913288&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1...	42 B 64 B	162ms 162ms	Image image/gif	172.217.165.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-conversion/616220730/?random=64837161&cv=11&fst=1723824647847&bg=ffffff&guid=ON&async=1&gtm=45be48e0v890694919za200zb9115913288&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.threatlocker.com%2F&label=vGPiCPi3pNMDELqQ66UC&hn=www.googleadservices.com&frm=0&tiba=Enterprise%20Cybersecurity%20Solutions%20%7C%20ThreatLocker&gtm_ee=1&npa=0&pscdl=noapi&auid=1126181062.1723824646&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCKLFsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIz96tnvP5hwMVRgaICR2n9wCZMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggS&is_vtc=1&cid=CAQSGwDpaXnfp76VNJgWi6N_U7UWFFq92mjynVZsSA&random=4041893244 Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Server 172.217.165.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS lax30s03-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 16 Aug 2024 16:10:48 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 16 Aug 2024 16:10:48 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://www.google.com/pagead/1p-conversion/616220730/?random=64837161&cv=11&fst=1723824647847&bg=ffffff&guid=ON&async=1&gtm=45be48e0v890694919za200zb9115913288&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.threatlocker.com%2F&label=vGPiCPi3pNMDELqQ66UC&hn=www.googleadservices.com&frm=0&tiba=Enterprise%20Cybersecurity%20Solutions%20%7C%20ThreatLocker&gtm_ee=1&npa=0&pscdl=noapi&auid=1126181062.1723824646&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCKLFsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIz96tnvP5hwMVRgaICR2n9wCZMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggS&is_vtc=1&cid=CAQSGwDpaXnfp76VNJgWi6N_U7UWFFq92mjynVZsSA&random=4041893244 content-type image/gif cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/616220730/	42 B 64 B	160ms 159ms	Image image/gif	172.217.165.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/616220730/?random=1723824647824&cv=11&fst=1723824000000&bg=ffffff&guid=ON&async=1&gtm=45be48e0v890694919za200zb9115913288&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.threatlocker.com%2F&hn=www.googleadservices.com&frm=0&tiba=Enterprise%20Cybersecurity%20Solutions%20%7C%20ThreatLocker&npa=0&pscdl=noapi&auid=1126181062.1723824646&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfLcPF2_78zYxBcM4e915QjxxJ8pyWLA&random=1800359285&rmt_tld=0&ipr=y Requested by Host: www.threatlocker.com URL: https://www.threatlocker.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.165.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS lax30s03-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 16 Aug 2024 16:10:48 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	mon Show response en.rageagainstthesoap.com/	0 151 B	136ms 132ms	XHR application/json	2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://en.rageagainstthesoap.com/mon Requested by Host: d.rageagainstthesoap.com URL: https://d.rageagainstthesoap.com/i/7f7c58ff8d6644687bb2be95293940a7.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://www.threatlocker.com date Fri, 16 Aug 2024 16:10:48 GMT access-control-allow-credentials true content-length 0 access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json
POST H2	200	mon Show response en.rageagainstthesoap.com/	0 16 B	142ms 140ms	XHR application/json	2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://en.rageagainstthesoap.com/mon Requested by Host: d.rageagainstthesoap.com URL: https://d.rageagainstthesoap.com/i/7f7c58ff8d6644687bb2be95293940a7.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://www.threatlocker.com date Fri, 16 Aug 2024 16:10:48 GMT access-control-allow-credentials true content-length 0 access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json
GET H2	200	blockedDomains.json Show response hubspotonwebflow.com/assets/js/	98 KB 23 KB	95ms 95ms	Fetch application/json	76.76.21.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hubspotonwebflow.com/assets/js/blockedDomains.json Requested by Host: hubspotonwebflow.com URL: https://hubspotonwebflow.com/assets/js/form-124.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 944352d0198c673b45a699471c970aef85458ea3c58a3ed825b0f0e4f33f999c Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:50 GMT content-encoding br strict-transport-security max-age=63072000 server Vercel x-vercel-id sfo1::8px27-1723824650058-11a529dfdfab age 1940378 x-matched-path /assets/js/blockedDomains.json etag W/"04708d47dd194d37b8231a65de7a66f1" x-vercel-cache HIT content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate content-disposition inline; filename="blockedDomains.json"
GET H3	200	157454505624324 Show response connect.facebook.net/signals/config/	41 KB 6 KB	197ms 196ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/157454505624324?v=2.9.164&r=stable&domain=www.threatlocker.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash 0f873ef713fba59ec9babd4dc26bf5bd1224981ed7fd88d81e25eb62f349599b Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 16 Aug 2024 16:10:50 GMT document-policy force-load-at-top x-fb-server-load 41 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=139, rtx=0, c=26, mss=1232, tbw=8280, tp=17, tpl=0, uplat=58, ullat=0 pragma public x-fb-debug YUYOAbR76ux8yPZOUorXPTIqNOj/CTxZEHFaZcrJTXqEUufkRepiTVqpsyes9tDnfD2DJCYgvBoXwjRh0f2CtQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	__ptq.gif track.hubspot.com/	45 B 752 B	333ms 173ms	Image image/gif	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3354772291&v=1.1&a=3949713&rcu=https%3A%2F%2Fwww.threatlocker.com%2F&pu=https%3A%2F%2Fwww.threatlocker.com%2F&t=Enterprise+Cybersecurity+Solutions+%7C+ThreatLocker&cts=1723824650033&vi=cf57110229fa56c67e4eb48335a5bf6d&nc=true&u=227254018.cf57110229fa56c67e4eb48335a5bf6d.1723824650020.1723824650020.1723824650020.1&b=227254018.1.1723824650020&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:50 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 1776f6a7-0f10-4ae9-927d-0d1c9182d8f3 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 8 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 1776f6a7-0f10-4ae9-927d-0d1c9182d8f3 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6gMj0Wgrf0BKrQCOMm1VUvW0%2FAjpZaZpz1ynqrjpjv%2BnTnqsfeQ2kCDluOfLP4U%2FYKvDDhufSFXfrw%2F%2Fm1guW9vCrKTXp7gmry8EJYBYoCVfROFenlGPRP%2BG5X2upZk4F5ZtyTsBmlEk5KR2B1%2B3"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-pbqz5 x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 8b42b25ff9e82f37-LAX x-robots-tag none
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	322ms 169ms	Image image/gif	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=15&fi=02d81281-39e5-496a-8059-1144f82a1ec2&fci=86f7d0e0-8153-430b-a14f-83c955446738&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3354772291&v=1.1&a=3949713&rcu=https%3A%2F%2Fwww.threatlocker.com%2F&pu=https%3A%2F%2Fwww.threatlocker.com%2F&t=Enterprise+Cybersecurity+Solutions+%7C+ThreatLocker&cts=1723824650034&vi=cf57110229fa56c67e4eb48335a5bf6d&nc=true&u=227254018.cf57110229fa56c67e4eb48335a5bf6d.1723824650020.1723824650020.1723824650020.1&b=227254018.1.1723824650020&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:50 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 130e9da3-3a5a-43ad-bd9d-a16aaaeb266c p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 8 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 130e9da3-3a5a-43ad-bd9d-a16aaaeb266c server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C3HWe2RW3XL8WlCX3Opf6Tfvm7LkRmgzsHwRqqFZiRGSjQuQln%2F6hG9fdVWDx1u0tf8y1Z8oAPWVXMeF8p%2FFhzF%2Bs37P9cwD3q5LcsXiyDd%2FyOgGnGsoKyibeQaSXhXuXPnDiYVFdUinAzq3Geq1"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-zn949 x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 8b42b25ff9e52f37-LAX x-robots-tag none
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3B95D35CA6F740999297F91661175D72&RedC=c.clarity.ms&MXFR=0449165FD2F7607E00470282D6F76E00 https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3B95D35CA6F740999297F91661175D72&MUID=13BB801683746B0D201A94CB82F06A13	42 B 442 B	134ms 134ms	Image image/gif	20.110.205.119 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3B95D35CA6F740999297F91661175D72&MUID=13BB801683746B0D201A94CB82F06A13 Protocol H2 Server 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 16 Aug 2024 16:10:49 GMT last-modified Wed, 14 Aug 2024 17:35:32 GMT server Microsoft-IIS/10.0 etag "bb391b5d70eeda1:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Fri, 16 Aug 2024 16:10:50 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 0B32C52109B340629596436A3DB9DDEF Ref B: LAXEDGE1909 Ref C: 2024-08-16T16:10:50Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3B95D35CA6F740999297F91661175D72&MUID=13BB801683746B0D201A94CB82F06A13 cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H2	200	cv adservices.brandcdn.com/pixel/ Frame BE11	0 0	243ms 83ms	Document text/html	52.9.87.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adservices.brandcdn.com/pixel/cv?aid=405847&cv_ck=fe7065a4-3bfd-4d26-ae90-4137668a6ddd&m=www.threatlocker.com&r= Requested by Host: adservices.brandcdn.com URL: https://adservices.brandcdn.com/pixel/cv_pixel.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.9.87.39 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-9-87-39.us-west-1.compute.amazonaws.com Software Apache/2.4.52 (Ubuntu) / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-length 1137 content-location cv.html content-type text/html date Fri, 16 Aug 2024 16:10:50 GMT etag "1002-5f9d69bae4944;5f9d69bae4944 last-modified Fri, 21 Apr 2023 11:03:33 GMT server Apache/2.4.52 (Ubuntu) tcn choice vary negotiate,Accept-Encoding
GET H2	200	/ www.facebook.com/tr/	0 121 B	142ms 140ms	Image text/plain	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=415880108001586&ev=PageView&dl=https%3A%2F%2Fwww.threatlocker.com%2F&rl=&if=false&ts=1723824650247&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=4126&fbp=fb.1.1723824647078.321914602780577054&ler=empty&cdl=API_unavailable&it=1723824646865&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-fb-connection-quality GOOD; q=0.7, rtt=137, rtx=0, c=10, mss=1297, tbw=7719, tp=-1, tpl=-1, uplat=1, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 16 Aug 2024 16:10:50 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 853 B	188ms 187ms	Image image/png	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=415880108001586&ev=PageView&dl=https%3A%2F%2Fwww.threatlocker.com%2F&rl=&if=false&ts=1723824650247&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=4126&fbp=fb.1.1723824647078.321914602780577054&ler=empty&cdl=API_unavailable&it=1723824646865&coo=false&rqm=FGET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Fri, 16 Aug 2024 16:10:50 GMT document-policy force-load-at-top x-fb-server-load 32 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7403770496499961537", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=137, rtx=0, c=10, mss=1297, tbw=7916, tp=-1, tpl=-1, uplat=50, ullat=0 pragma no-cache x-fb-debug huXwE3tFnm+44UF+Q4H+V+901OLY1mnaq36SPVRJNQMZ6vzkk+6KWMOnqxBlrbFnppwMVWzHVPMF/3vU4h6RzQ== cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7403770496499961537"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 32 B	143ms 142ms	Image text/plain	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=157454505624324&ev=PageView&dl=https%3A%2F%2Fwww.threatlocker.com%2F&rl=&if=false&ts=1723824650254&sw=1600&sh=1200&ud[external_id]=cf57110229fa56c67e4eb48335a5bf6d&v=2.9.164&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1723824647078.321914602780577054&ler=empty&cdl=API_unavailable&cs_est=true&it=1723824646865&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-fb-connection-quality GOOD; q=0.7, rtt=137, rtx=0, c=10, mss=1297, tbw=7719, tp=-1, tpl=-1, uplat=1, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 16 Aug 2024 16:10:50 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 1 KB	194ms 193ms	Image image/png	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=157454505624324&ev=PageView&dl=https%3A%2F%2Fwww.threatlocker.com%2F&rl=&if=false&ts=1723824650254&sw=1600&sh=1200&ud[external_id]=cf57110229fa56c67e4eb48335a5bf6d&v=2.9.164&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1723824647078.321914602780577054&ler=empty&cdl=API_unavailable&cs_est=true&it=1723824646865&coo=false&rqm=FGET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x617ad9ec091404b2","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:2868310786601402","7830:2868310786601402","10853:2868310786601402","41:2868310786601402","8046:2868310786601402"]},"debug_reporting":true,"debug_key":"1"} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Fri, 16 Aug 2024 16:10:50 GMT x-fb-server-load 35 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7403770497177211199", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=137, rtx=0, c=10, mss=1297, tbw=8791, tp=-1, tpl=-1, uplat=56, ullat=1 pragma no-cache x-fb-debug hcahb6HUpvHg+Ed+1Sn3EFEGDsOfq5jGgcMHKK2E2AFzIJkXNEk6AKpINUsHr6KA5UPqIOfWHGtr2d6JslJqpA== cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7403770497177211199"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	mon Show response en.rageagainstthesoap.com/	0 39 B	137ms 135ms	XHR application/json	2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://en.rageagainstthesoap.com/mon Requested by Host: d.rageagainstthesoap.com URL: https://d.rageagainstthesoap.com/i/7f7c58ff8d6644687bb2be95293940a7.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://www.threatlocker.com date Fri, 16 Aug 2024 16:10:50 GMT access-control-allow-credentials true content-length 0 access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json
GET H3	200	66bbb21655c00565e20aee3f_ThreatLocker_favicon.png cdn.prod.website-files.com/6356c441ce34029b327802bf/	2 KB 2 KB	89ms 88ms	Other image/png	104.18.28.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66bbb21655c00565e20aee3f_ThreatLocker_favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b58c3f625f15ac50f4d3c05ae59673f30ad0d4d1385f7bfb6f7de819ee6126d4 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 16:10:50 GMT x-amz-version-id KMD2XY4OivA1MNhkb0Oi.IvQ75xNC_PS cf-cache-status HIT x-amz-request-id Q5AV43CQYY8V079Q age 247253 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 1861 x-amz-id-2 UKSurN6UK91cTRgnoJDlA2zcYc0x47yWLjYh0JurW0RkLxdXMCpcija3ezB/jqjWJWJ4UlFAE4XVgml66pJ3OqORsBHZ+Uz5 last-modified Tue, 13 Aug 2024 19:20:55 GMT server cloudflare etag "d282e230c1ba4ff3904e35d30a25480f" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8b42b2633ed82ad9-LAX
POST H/1.1	204 No Content	collect Show response l.clarity.ms/	0 284 B	139ms 138ms	XHR text/plain	51.8.207.171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://l.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.43/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.8.207.171 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin https://www.threatlocker.com Date Fri, 16 Aug 2024 16:10:52 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
POST H3	204	collect analytics.google.com/g/	0 0	153ms 152ms	Fetch text/plain	142.250.80.46
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-1GW8T9MYPR&gtm=45je48e0v9123343682za200zb9115913288&_p=1723824643875&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1461496421.1723824646&ecid=1606115754&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1723824646&sct=1&seg=0&dl=https%3A%2F%2Fwww.threatlocker.com%2F&dt=Enterprise%20Cybersecurity%20Solutions%20%7C%20ThreatLocker&en=CQ&_ee=1&_et=304&up.cq_category=bots&tfd=10237 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1GW8T9MYPR&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.46 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 16 Aug 2024 16:10:52 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.threatlocker.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	mon Show response en.rageagainstthesoap.com/	0 39 B	135ms 134ms	XHR application/json	2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://en.rageagainstthesoap.com/mon Requested by Host: d.rageagainstthesoap.com URL: https://d.rageagainstthesoap.com/i/7f7c58ff8d6644687bb2be95293940a7.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://www.threatlocker.com date Fri, 16 Aug 2024 16:10:52 GMT access-control-allow-credentials true content-length 0 access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

usermatch.krxd.net

URL

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=1e11446d-57d4-4e0b-8608-379acf6fdd26

Domain

usermatch.krxd.net

URL

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=079de1f1-86a9-45ad-8c26-33e2572a24d7