app.read.ai Open in urlscan Pro
3.171.100.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u25608997.ct.sendgrid.net/ls/click?upn=u001.CrUrehIev9dAOd9CS5LlcqT6AXLwm3zPvY-2F0dk-2F0ZQft4oIA2lJcZtC5zycIkkUSEL776GIRzr...
Effective URL:
https://app.read.ai/analytics/settings/user/email
Submission: On October 20 via api (October 20th 2025, 8:18:00 pm UTC) from US — Scanned from US

Summary HTTP 66 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 21 IPs in 1 countries across 15 domains to perform 66 HTTP transactions. The main IP is 3.171.100.83, located in United States and belongs to AMAZON-02, US. The main domain is app.read.ai. The Cisco Umbrella rank of the primary domain is 101032.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 11th 2025. Valid for: a year.

This is the only time app.read.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.116.152.91 18.116.152.91	16509 (AMAZON-02) (AMAZON-02)
15	3.171.100.83 3.171.100.83	16509 (AMAZON-02) (AMAZON-02)
5	142.251.111.95 142.251.111.95	15169 (GOOGLE) (GOOGLE)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.251.167.97 142.251.167.97	15169 (GOOGLE) (GOOGLE)
3	34.128.128.0 34.128.128.0	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.251.16.94 142.251.16.94	15169 (GOOGLE) (GOOGLE)
9	34.237.127.53 34.237.127.53	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
4	216.198.53.3 216.198.53.3	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
4	142.250.31.84 142.250.31.84	15169 (GOOGLE) (GOOGLE)
1	142.251.16.100 142.251.16.100	15169 (GOOGLE) (GOOGLE)
1	142.251.167.154 142.251.167.154	15169 (GOOGLE) (GOOGLE)
2	23.212.251.22 23.212.251.22	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
10	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
1	172.253.63.106 172.253.63.106	15169 (GOOGLE) (GOOGLE)
1	216.198.54.6 216.198.54.6	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
1	184.24.67.161 184.24.67.161	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.163.50.127 35.163.50.127	16509 (AMAZON-02) (AMAZON-02)
2	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	18.213.87.253 18.213.87.253	14618 (AMAZON-AES) (AMAZON-AES)
66	21

1 18.116.152.91 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-152-91.us-east-2.compute.amazonaws.com

u25608997.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

15 3.171.100.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-100-83.iad12.r.cloudfront.net

app.read.ai	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 142.251.111.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o992397.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.251.167.97 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 34.128.128.0 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 0.128.128.34.bc.googleusercontent.com

featureassets.org	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
prodregistryv2.org	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.16.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

9 34.237.127.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-127-53.compute-1.amazonaws.com

api.read.ai	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 216.198.53.3 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 142.250.31.84 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f84.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.16.100 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f100.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 23.212.251.22 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-212-251-22.deploy.static.akamaitechnologies.com

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

10 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.253.63.106 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 216.198.54.6 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

readinc.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 184.24.67.161 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-67-161.deploy.static.akamaitechnologies.com

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.163.50.127 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-50-127.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 18.213.87.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-87-253.compute-1.amazonaws.com

moxy.read.ai	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
25	read.ai app.read.ai — Cisco Umbrella Rank: 101032 api.read.ai — Cisco Umbrella Rank: 36473 moxy.read.ai — Cisco Umbrella Rank: 91276	3 MB
12	stripe.com js.stripe.com — Cisco Umbrella Rank: 1151 m.stripe.com — Cisco Umbrella Rank: 1129 r.stripe.com — Cisco Umbrella Rank: 2129	612 KB
6	google.com accounts.google.com — Cisco Umbrella Rank: 18 analytics.google.com — Cisco Umbrella Rank: 172 www.google.com — Cisco Umbrella Rank: 2	92 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	6 KB
4	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2142 ekr.zdassets.com — Cisco Umbrella Rank: 2400	281 KB
3	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4673 consentcdn.cookiebot.com — Cisco Umbrella Rank: 4887	192 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1238	15 KB
2	featureassets.org featureassets.org — Cisco Umbrella Rank: 1714	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	271 KB
1	zendesk.com readinc.zendesk.com — Cisco Umbrella Rank: 135901	1 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 186	554 B
1	prodregistryv2.org prodregistryv2.org — Cisco Umbrella Rank: 975	342 B
1	gstatic.com fonts.gstatic.com	49 KB
1	sentry.io o992397.ingest.sentry.io — Cisco Umbrella Rank: 116265	300 B
1	sendgrid.net 1 redirects u25608997.ct.sendgrid.net — Cisco Umbrella Rank: 70492	252 B
66	15

	Domain	Requested by
15	app.read.ai	app.read.ai
9	js.stripe.com	app.read.ai js.stripe.com
9	api.read.ai	app.read.ai
5	fonts.googleapis.com	app.read.ai
4	accounts.google.com	app.read.ai accounts.google.com
3	static.zdassets.com	app.read.ai static.zdassets.com
2	r.stripe.com	js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	consent.cookiebot.com	www.googletagmanager.com consent.cookiebot.com
2	featureassets.org	app.read.ai
2	www.googletagmanager.com	app.read.ai
1	moxy.read.ai	app.read.ai
1	m.stripe.com	m.stripe.network
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	readinc.zendesk.com	static.zdassets.com
1	www.google.com
1	ekr.zdassets.com	app.read.ai
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	app.read.ai
1	prodregistryv2.org	app.read.ai
1	fonts.gstatic.com	fonts.googleapis.com
1	o992397.ingest.sentry.io	app.read.ai
1	u25608997.ct.sendgrid.net	1 redirects
66	23

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
read.ai
www.canva.com
business.safety.google
www.linkedin.com
stripe.com
www.zendesk.com
embed.ly
legal.hubspot.com
vimeo.com
www.facebook.com
www.redditinc.com
www.read.ai

Subject Issuer	Validity	Valid
*.read.ai Amazon RSA 2048 M02	`2025-05-11` - `2026-06-08`	a year	crt.sh
upload.video.google.com WR2	`2025-09-22` - `2025-12-15`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-07-24` - `2026-08-24`	a year	crt.sh
*.google-analytics.com WR2	`2025-09-22` - `2025-12-15`	3 months	crt.sh
featureassets.org R12	`2025-10-15` - `2026-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2025-09-22` - `2025-12-15`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2025-08-19` - `2025-12-04`	4 months	crt.sh
prodregistryv2.org R13	`2025-10-15` - `2026-01-13`	3 months	crt.sh
zdassets.com WE1	`2025-08-25` - `2025-11-23`	3 months	crt.sh
accounts.google.com WR2	`2025-09-22` - `2025-12-15`	3 months	crt.sh
*.google.com WR2	`2025-09-22` - `2025-12-15`	3 months	crt.sh
*.g.doubleclick.net WR2	`2025-09-22` - `2025-12-15`	3 months	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-12-30` - `2026-01-07`	a year	crt.sh
readinc.zendesk.com E7	`2025-09-24` - `2025-12-23`	3 months	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-12-29` - `2026-01-07`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2025-08-26` - `2025-12-11`	4 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2025-09-03` - `2025-12-11`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://app.read.ai/analytics/settings/user/email
Frame ID: E7CD8EC407182F7E722075F3488D267F
Requests: 47 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-5c9c4b3062885b0eda86b2be1f7a7a10.html
Frame ID: 3A841A83F76F0CE625041CFB8A1D571B
Requests: 8 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-dc053fa.js
Frame ID: C15EF3E7F2EC88A7C901B695C35E6A79
Requests: 3 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 9125EE56E5222936B0F7FCAD1BCB3DAB
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 538C081E8B88DCB208356F540E2ADE6A
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 3B8A814A0B858CDA0745083A58BF4AB8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Read - Sign in

Page URL History Show full URLs

https://u25608997.ct.sendgrid.net/ls/click?upn=u001.CrUrehIev9dAOd9CS5LlcqT6AXLwm3zPvY-2F0dk-2F0ZQft4oIA2lJcZt... HTTP 302
https://app.read.ai/analytics/settings/user/email Page URL

Detected technologies

Google Sign-in (Authentication) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Stripe (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

66
Requests

100 %
HTTPS

0 %
IPv6

15
Domains

23
Subdomains

21
IPs

1
Countries

4402 kB
Transfer

13344 kB
Size

9
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiebot.com/en/what-is-behind-powered-by-cookiebot/

Search URL Search Domain Scan URL

URL: https://read.ai/pp
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.canva.com/policies/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://business.safety.google/privacy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/legal/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://stripe.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.zendesk.com/company/customers-partners/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://embed.ly/legal/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://legal.hubspot.com/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://vimeo.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.redditinc.com/policies/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://read.ai/
Title: read.ai

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://www.read.ai/updated-termsofservice
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.read.ai/updated-privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.read.ai/?v=1
Title: Visit read.ai

Search URL Search Domain Scan URL

URL: https://www.read.ai/contact-sales
Title: Contact Sales

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u25608997.ct.sendgrid.net/ls/click?upn=u001.CrUrehIev9dAOd9CS5LlcqT6AXLwm3zPvY-2F0dk-2F0ZQft4oIA2lJcZtC5zycIkkUSEL776GIRzr6NjEGCRoheaA-3D-3DBMfZ_4iz7goLxnJYOvzBK01yz1imdEYKQz3z-2B-2FzUofFa-2Ff-2F8LGem5hBNsIw-2B2lIVxagXdY-2BPJkPv-2F-2BujHDdlLE-2BleUjlBe2CeGXqsXMKALOaiLJHklkiEZbV00kyEHcmjrALTVbuI9OnvKQ10OZDMsrNnczvOY-2FULJVHYh7C2fiXAO8jhJ3wyx6OYj4E6ngDP3f-2FBw3mWrbEz2WjCXzmvT-2B6fvw722-2FXQNfpELOzsAyPh5kVlZwH-2FwWXoJ9mBIPGL9d8-2Bptb9hEBxlNXgmSV1Ucax01JRepzKgS4p7d-2FRToobR5VPv3kKT4HbtOcroyW1B-2BnFG7NxgJrdKXUD8UFaJW1m327lMjCcS9u0nUq93sorFHZDgGh-2FZckoV0szRTcY16wY7FcwqTHIrJ-2FfsVBKh2mCbc0UQtmYQ5bnje7-2FVlED4eWqje0q7JbvQ2nL-2Biv4sMdZdgQ5pOVO6CdEO-2B1BDez8MNoL8ceB21Lk2Gukbv5AKQc-3D HTTP 302
https://app.read.ai/analytics/settings/user/email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request email Show response
app.read.ai/analytics/settings/user/
Redirect Chain

https://u25608997.ct.sendgrid.net/ls/click?upn=u001.CrUrehIev9dAOd9CS5LlcqT6AXLwm3zPvY-2F0dk-2F0ZQft4oIA2lJcZtC5zycIkkUSEL776GIRzr6NjEGCRoheaA-3D-3DBMfZ_4iz7goLxnJYOvzBK01yz1imdEYKQz3z-2B-2FzUofFa-...
https://app.read.ai/analytics/settings/user/email

2 KB
4 KB

727ms
425ms

Document
text/html

3.171.100.83
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://app.read.ai/analytics/settings/user/email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.171.100.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-171-100-83.iad12.r.cloudfront.net

Software

CloudFront /

Resource Hash

0ab2885e9e573ff21add3a68a55aea39bddbad6dc144b5ee496d8c908f2b38a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com .redditstatic.com connect.facebook.net .cookiebot.com .gstatic.com gstatic.com .google.com .googletagmanager.com .stripe.com .zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com .reddit.com .google.com .google-analytics.com .googletagmanager.com .read.ai blob: .googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org .sentry.io .zdassets.com .zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com .run.app conversionsapigateway.com .cookiebot.com .facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: .read.ai .linkedin.com .facebook.com connect.facebook.net .reddit.com reddit.com .google-analytics.com .googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com .atlassian.net 'unsafe-inline'; media-src 'self' blob: data: .read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: .read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' .facebook.com .read.ai .sharepoint.com .live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com .teams.microsoft.com .cloud.microsoft .skype.com login.microsoftonline.com .twitter.com twitter.com .x.com x.com meet.google.com .meet.google.com .live.com; frame-src 'self' consentcdn.cookiebot.com .facebook.com .google.com content.googleapis.com .stripe.com player.vimeo.com login.microsoftonline.com .live.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

content-length: 2212
content-security-policy: default-src 'self' *.read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com *.redditstatic.com connect.facebook.net *.cookiebot.com *.gstatic.com gstatic.com *.google.com *.googletagmanager.com *.stripe.com *.zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com *.reddit.com *.google.com *.google-analytics.com *.googletagmanager.com *.read.ai blob: *.googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org *.sentry.io *.zdassets.com *.zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com *.run.app conversionsapigateway.com *.cookiebot.com *.facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: *.read.ai *.linkedin.com *.facebook.com connect.facebook.net *.reddit.com reddit.com *.google-analytics.com *.googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com *.atlassian.net 'unsafe-inline'; media-src 'self' blob: data: *.read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: *.read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' *.facebook.com *.read.ai *.sharepoint.com *.live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com *.teams.microsoft.com *.cloud.microsoft *.skype.com login.microsoftonline.com *.twitter.com twitter.com *.x.com x.com meet.google.com *.meet.google.com *.live.com; frame-src 'self' consentcdn.cookiebot.com *.facebook.com *.google.com content.googleapis.com *.stripe.com player.vimeo.com login.microsoftonline.com *.live.com;
content-type: text/html
date: Mon, 20 Oct 2025 20:18:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin
via: 1.1 336702a3fb556c2c02b604e07553dd94.cloudfront.net (CloudFront)
x-amz-cf-id: FUHkA0v_xKArkl7gErqgsWwSOCA3WpZoDN7goOgiIa0T--VXYBZ3bw==
x-amz-cf-pop: IAD12-P5
x-amzn-requestid: 3a0334ad-f207-42c3-926d-7c9413d95b95
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-robots-tag: noindex
x-xss-protection: 1

Redirect headers

Connection: keep-alive
Content-Length: 72
Content-Type: text/html; charset=utf-8
Date: Mon, 20 Oct 2025 20:18:00 GMT
Location: https://app.read.ai/analytics/settings/user/email
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 main-C8ydukrU.js Show response
app.read.ai/assets/ 556 KB
178 KB 202ms
202ms Script
text/javascript 3.171.100.83
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://app.read.ai/assets/main-C8ydukrU.js

Requested by

Host: app.read.ai
URL: https://app.read.ai/analytics/settings/user/email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.171.100.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-171-100-83.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b6340dafb04c6f65a70acde917656606b3062ef4d8d56cf52c7d4acc7d4789c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com .redditstatic.com connect.facebook.net .cookiebot.com .gstatic.com gstatic.com .google.com .googletagmanager.com .stripe.com .zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com .reddit.com .google.com .google-analytics.com .googletagmanager.com .read.ai blob: .googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org .sentry.io .zdassets.com .zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com .run.app conversionsapigateway.com .cookiebot.com .facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: .read.ai .linkedin.com .facebook.com connect.facebook.net .reddit.com reddit.com .google-analytics.com .googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com .atlassian.net 'unsafe-inline'; media-src 'self' blob: data: .read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: .read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' .facebook.com .read.ai .sharepoint.com .live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com .teams.microsoft.com .cloud.microsoft .skype.com login.microsoftonline.com .twitter.com twitter.com .x.com x.com meet.google.com .meet.google.com .live.com; frame-src 'self' consentcdn.cookiebot.com .facebook.com .google.com content.googleapis.com .stripe.com player.vimeo.com login.microsoftonline.com .live.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://app.read.ai
Referer: https://app.read.ai/analytics/settings/user/email

Response headers

content-encoding: br
etag: W/"b838ec98de5cb75ba17be47d3c578a74"
age: 3532
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Pdjg27clyXK077myVG_GpmNy-_gOQY8Oveeb_XKqXxjSApZC9PtYiQ==
date: Mon, 20 Oct 2025 19:19:10 GMT
content-type: text/javascript
vary: accept-encoding, Origin
last-modified: Fri, 17 Oct 2025 23:27:56 GMT
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' *.read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com *.redditstatic.com connect.facebook.net *.cookiebot.com *.gstatic.com gstatic.com *.google.com *.googletagmanager.com *.stripe.com *.zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com *.reddit.com *.google.com *.google-analytics.com *.googletagmanager.com *.read.ai blob: *.googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org *.sentry.io *.zdassets.com *.zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com *.run.app conversionsapigateway.com *.cookiebot.com *.facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: *.read.ai *.linkedin.com *.facebook.com connect.facebook.net *.reddit.com reddit.com *.google-analytics.com *.googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com *.atlassian.net 'unsafe-inline'; media-src 'self' blob: data: *.read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: *.read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' *.facebook.com *.read.ai *.sharepoint.com *.live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com *.teams.microsoft.com *.cloud.microsoft *.skype.com login.microsoftonline.com *.twitter.com twitter.com *.x.com x.com meet.google.com *.meet.google.com *.live.com; frame-src 'self' consentcdn.cookiebot.com *.facebook.com *.google.com content.googleapis.com *.stripe.com player.vimeo.com login.microsoftonline.com *.live.com;
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
via: 1.1 336702a3fb556c2c02b604e07553dd94.cloudfront.net (CloudFront)
access-control-allow-origin: https://app.read.ai
x-xss-protection: 1
x-amz-cf-pop: IAD12-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 main-B84XSr8_.css
app.read.ai/assets/ 1 KB
2 KB 116ms
115ms Stylesheet
text/css 3.171.100.83
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://app.read.ai/assets/main-B84XSr8_.css

Requested by

Host: app.read.ai
URL: https://app.read.ai/analytics/settings/user/email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.171.100.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-171-100-83.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

362699d56d9c7d945e1a99175423b359f2aebb6461d03135f80822347b345de3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com .redditstatic.com connect.facebook.net .cookiebot.com .gstatic.com gstatic.com .google.com .googletagmanager.com .stripe.com .zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com .reddit.com .google.com .google-analytics.com .googletagmanager.com .read.ai blob: .googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org .sentry.io .zdassets.com .zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com .run.app conversionsapigateway.com .cookiebot.com .facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: .read.ai .linkedin.com .facebook.com connect.facebook.net .reddit.com reddit.com .google-analytics.com .googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com .atlassian.net 'unsafe-inline'; media-src 'self' blob: data: .read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: .read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' .facebook.com .read.ai .sharepoint.com .live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com .teams.microsoft.com .cloud.microsoft .skype.com login.microsoftonline.com .twitter.com twitter.com .x.com x.com meet.google.com .meet.google.com .live.com; frame-src 'self' consentcdn.cookiebot.com .facebook.com .google.com content.googleapis.com .stripe.com player.vimeo.com login.microsoftonline.com .live.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://app.read.ai
Referer: https://app.read.ai/analytics/settings/user/email

Response headers

content-encoding: gzip
etag: W/"da53f8a961d03a4f5849a8164e502362"
age: 3532
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: sxLCkNHEJ3xF1xO2AcA4mFgy5RNOg-MDi4eZrpb5vm_q__CsAQeUfQ==
date: Mon, 20 Oct 2025 19:19:10 GMT
content-type: text/css
vary: accept-encoding, Origin
last-modified: Fri, 17 Oct 2025 23:27:56 GMT
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' *.read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com *.redditstatic.com connect.facebook.net *.cookiebot.com *.gstatic.com gstatic.com *.google.com *.googletagmanager.com *.stripe.com *.zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com *.reddit.com *.google.com *.google-analytics.com *.googletagmanager.com *.read.ai blob: *.googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org *.sentry.io *.zdassets.com *.zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com *.run.app conversionsapigateway.com *.cookiebot.com *.facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: *.read.ai *.linkedin.com *.facebook.com connect.facebook.net *.reddit.com reddit.com *.google-analytics.com *.googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com *.atlassian.net 'unsafe-inline'; media-src 'self' blob: data: *.read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: *.read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' *.facebook.com *.read.ai *.sharepoint.com *.live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com *.teams.microsoft.com *.cloud.microsoft *.skype.com login.microsoftonline.com *.twitter.com twitter.com *.x.com x.com meet.google.com *.meet.google.com *.live.com; frame-src 'self' consentcdn.cookiebot.com *.facebook.com *.google.com content.googleapis.com *.stripe.com player.vimeo.com login.microsoftonline.com *.live.com;
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
via: 1.1 336702a3fb556c2c02b604e07553dd94.cloudfront.net (CloudFront)
access-control-allow-origin: https://app.read.ai
x-xss-protection: 1
x-amz-cf-pop: IAD12-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1015 B 427ms
175ms Stylesheet
text/css 142.251.111.95
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&family=Poppins:wght@400;500;600;700&display=swap

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-B84XSr8_.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f95.1e100.net

Software

ESF /

Resource Hash

3786181b1a6bdea885939bd26c746bbc01b3ce4610d4c6aabc09f1d450e14632

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 20 Oct 2025 20:18:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 20 Oct 2025 20:18:02 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 20 Oct 2025 19:56:43 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
630 B 422ms
170ms Stylesheet
text/css 142.251.111.95
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=swap

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-B84XSr8_.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f95.1e100.net

Software

ESF /

Resource Hash

91ab22dea7363fd24f310c4b1bf3e7b3686c8850d7833824442efec197b5e581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 20 Oct 2025 20:18:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 20 Oct 2025 20:18:02 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 20 Oct 2025 19:55:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
2 KB 423ms
172ms Stylesheet
text/css 142.251.111.95
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;500;600&display=swap

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-B84XSr8_.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f95.1e100.net

Software

ESF /

Resource Hash

54f3a15767f27295314aaa24214fb75611ea8548c959d03c0ab056f6fb02fb40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 20 Oct 2025 20:18:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 20 Oct 2025 20:18:02 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 20 Oct 2025 19:58:02 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 16 KB
2 KB 420ms
169ms Stylesheet
text/css 142.251.111.95
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-B84XSr8_.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f95.1e100.net

Software

ESF /

Resource Hash

f30a2f101b045d24748cdbb5e2082e3216ae8ecfcc2f091af638786d3eced120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 20 Oct 2025 20:18:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 20 Oct 2025 20:18:02 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 20 Oct 2025 18:57:50 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
517 B 477ms
226ms Stylesheet
text/css 142.251.111.95
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-B84XSr8_.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f95.1e100.net

Software

ESF /

Resource Hash

c3e606051dc0106a9e30d26f110dbb1b835f7a7f2042caa0622ff01f13ef7e5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 20 Oct 2025 20:18:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 20 Oct 2025 20:18:02 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 20 Oct 2025 18:35:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST
H2 200 / Show response
o992397.ingest.sentry.io/api/5997695/envelope/ 2 B
300 B 298ms
110ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://o992397.ingest.sentry.io/api/5997695/envelope/?sentry_version=7&sentry_key=6df7af02dacf407aba6f9c7a3353e8f9&sentry_client=sentry.javascript.react%2F9.44.2

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://app.read.ai/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Mon, 20 Oct 2025 20:18:02 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: nginx

GET
H2 200 App-B8tHEfhB.js Show response
app.read.ai/assets/ 1 MB
479 KB 122ms
120ms Script
text/javascript 3.171.100.83
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://app.read.ai/assets/App-B8tHEfhB.js

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.171.100.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-171-100-83.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d62d0049117cfbfb93b2968b2e3a2867092feecb6e06ac1df35b254be9e684f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com .redditstatic.com connect.facebook.net .cookiebot.com .gstatic.com gstatic.com .google.com .googletagmanager.com .stripe.com .zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com .reddit.com .google.com .google-analytics.com .googletagmanager.com .read.ai blob: .googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org .sentry.io .zdassets.com .zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com .run.app conversionsapigateway.com .cookiebot.com .facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: .read.ai .linkedin.com .facebook.com connect.facebook.net .reddit.com reddit.com .google-analytics.com .googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com .atlassian.net 'unsafe-inline'; media-src 'self' blob: data: .read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: .read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' .facebook.com .read.ai .sharepoint.com .live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com .teams.microsoft.com .cloud.microsoft .skype.com login.microsoftonline.com .twitter.com twitter.com .x.com x.com meet.google.com .meet.google.com .live.com; frame-src 'self' consentcdn.cookiebot.com .facebook.com .google.com content.googleapis.com .stripe.com player.vimeo.com login.microsoftonline.com .live.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://app.read.ai
Referer

Response headers

content-encoding: gzip
etag: W/"3a383fd9be382a1a173d5b03dc7f3b9c"
age: 3528
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: NjQhayEYXiSkvrswzvFDTWSaOPP0K7IpzMlfMCp9Xk4LGnhRW0lp_Q==
date: Mon, 20 Oct 2025 19:19:15 GMT
content-type: text/javascript
vary: accept-encoding, Origin
last-modified: Fri, 17 Oct 2025 23:27:53 GMT
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' *.read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com *.redditstatic.com connect.facebook.net *.cookiebot.com *.gstatic.com gstatic.com *.google.com *.googletagmanager.com *.stripe.com *.zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com *.reddit.com *.google.com *.google-analytics.com *.googletagmanager.com *.read.ai blob: *.googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org *.sentry.io *.zdassets.com *.zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com *.run.app conversionsapigateway.com *.cookiebot.com *.facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: *.read.ai *.linkedin.com *.facebook.com connect.facebook.net *.reddit.com reddit.com *.google-analytics.com *.googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com *.atlassian.net 'unsafe-inline'; media-src 'self' blob: data: *.read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: *.read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' *.facebook.com *.read.ai *.sharepoint.com *.live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com *.teams.microsoft.com *.cloud.microsoft *.skype.com login.microsoftonline.com *.twitter.com twitter.com *.x.com x.com meet.google.com *.meet.google.com *.live.com; frame-src 'self' consentcdn.cookiebot.com *.facebook.com *.google.com content.googleapis.com *.stripe.com player.vimeo.com login.microsoftonline.com *.live.com;
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
via: 1.1 336702a3fb556c2c02b604e07553dd94.cloudfront.net (CloudFront)
access-control-allow-origin: https://app.read.ai
x-xss-protection: 1
x-amz-cf-pop: IAD12-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 App-DmhOWiV4.css
app.read.ai/assets/ 157 B
2 KB 117ms
116ms Stylesheet
text/css 3.171.100.83
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://app.read.ai/assets/App-DmhOWiV4.css

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.171.100.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-171-100-83.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e871bb71bfb534927f5f7f31383d04d01deebbeb180d40ed5f8d344794e2616d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com .redditstatic.com connect.facebook.net .cookiebot.com .gstatic.com gstatic.com .google.com .googletagmanager.com .stripe.com .zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com .reddit.com .google.com .google-analytics.com .googletagmanager.com .read.ai blob: .googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org .sentry.io .zdassets.com .zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com .run.app conversionsapigateway.com .cookiebot.com .facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: .read.ai .linkedin.com .facebook.com connect.facebook.net .reddit.com reddit.com .google-analytics.com .googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com .atlassian.net 'unsafe-inline'; media-src 'self' blob: data: .read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: .read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' .facebook.com .read.ai .sharepoint.com .live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com .teams.microsoft.com .cloud.microsoft .skype.com login.microsoftonline.com .twitter.com twitter.com .x.com x.com meet.google.com .meet.google.com .live.com; frame-src 'self' consentcdn.cookiebot.com .facebook.com .google.com content.googleapis.com .stripe.com player.vimeo.com login.microsoftonline.com .live.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://app.read.ai
Referer: https://app.read.ai/analytics/settings/user/email

Response headers

etag: "f04eb8dc3d9bb9cca7034fa24f9bce9c"
age: 3484
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: va_WfWyXYKonB9TdxGh4D1wgGAsIn4NgOyy7OGu2F-TrElX4RnIEMw==
date: Mon, 20 Oct 2025 19:19:59 GMT
content-type: text/css
vary: accept-encoding, Origin
last-modified: Fri, 17 Oct 2025 23:27:53 GMT
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' *.read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com *.redditstatic.com connect.facebook.net *.cookiebot.com *.gstatic.com gstatic.com *.google.com *.googletagmanager.com *.stripe.com *.zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com *.reddit.com *.google.com *.google-analytics.com *.googletagmanager.com *.read.ai blob: *.googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org *.sentry.io *.zdassets.com *.zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com *.run.app conversionsapigateway.com *.cookiebot.com *.facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: *.read.ai *.linkedin.com *.facebook.com connect.facebook.net *.reddit.com reddit.com *.google-analytics.com *.googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com *.atlassian.net 'unsafe-inline'; media-src 'self' blob: data: *.read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: *.read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' *.facebook.com *.read.ai *.sharepoint.com *.live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com *.teams.microsoft.com *.cloud.microsoft *.skype.com login.microsoftonline.com *.twitter.com twitter.com *.x.com x.com meet.google.com *.meet.google.com *.live.com; frame-src 'self' consentcdn.cookiebot.com *.facebook.com *.google.com content.googleapis.com *.stripe.com player.vimeo.com login.microsoftonline.com *.live.com;
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
via: 1.1 336702a3fb556c2c02b604e07553dd94.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: https://app.read.ai
content-length: 157
x-xss-protection: 1
x-amz-cf-pop: IAD12-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 favicon.ico
app.read.ai/ 15 KB
17 KB 235ms
230ms Other
image/vnd.microsoft.icon 3.171.100.83
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://app.read.ai/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.171.100.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-171-100-83.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

21e3f2c31ba605a773a378d10e5d2921725192937933583f291cf2b3b2f2376b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com .redditstatic.com connect.facebook.net .cookiebot.com .gstatic.com gstatic.com .google.com .googletagmanager.com .stripe.com .zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com .reddit.com .google.com .google-analytics.com .googletagmanager.com .read.ai blob: .googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org .sentry.io .zdassets.com .zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com .run.app conversionsapigateway.com .cookiebot.com .facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: .read.ai .linkedin.com .facebook.com connect.facebook.net .reddit.com reddit.com .google-analytics.com .googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com .atlassian.net 'unsafe-inline'; media-src 'self' blob: data: .read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: .read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' .facebook.com .read.ai .sharepoint.com .live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com .teams.microsoft.com .cloud.microsoft .skype.com login.microsoftonline.com .twitter.com twitter.com .x.com x.com meet.google.com .meet.google.com .live.com; frame-src 'self' consentcdn.cookiebot.com .facebook.com .google.com content.googleapis.com .stripe.com player.vimeo.com login.microsoftonline.com .live.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/analytics/settings/user/email

Response headers

etag: "cb681e65721db81d34576cfe39a37dac"
age: 229
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: UcdcpnuWLdghiqpZq17P1bWvUZw-JaSvKxRBOu6cPrPtj2hbjJTY-Q==
date: Mon, 20 Oct 2025 20:14:14 GMT
content-type: image/vnd.microsoft.icon
vary: accept-encoding, Origin
last-modified: Fri, 17 Oct 2025 23:27:58 GMT
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' *.read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com *.redditstatic.com connect.facebook.net *.cookiebot.com *.gstatic.com gstatic.com *.google.com *.googletagmanager.com *.stripe.com *.zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com *.reddit.com *.google.com *.google-analytics.com *.googletagmanager.com *.read.ai blob: *.googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org *.sentry.io *.zdassets.com *.zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com *.run.app conversionsapigateway.com *.cookiebot.com *.facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: *.read.ai *.linkedin.com *.facebook.com connect.facebook.net *.reddit.com reddit.com *.google-analytics.com *.googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com *.atlassian.net 'unsafe-inline'; media-src 'self' blob: data: *.read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: *.read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' *.facebook.com *.read.ai *.sharepoint.com *.live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com *.teams.microsoft.com *.cloud.microsoft *.skype.com login.microsoftonline.com *.twitter.com twitter.com *.x.com x.com meet.google.com *.meet.google.com *.live.com; frame-src 'self' consentcdn.cookiebot.com *.facebook.com *.google.com content.googleapis.com *.stripe.com player.vimeo.com login.microsoftonline.com *.live.com;
referrer-policy: strict-origin-when-cross-origin
via: 1.1 336702a3fb556c2c02b604e07553dd94.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 15406
x-xss-protection: 1
x-amz-cf-pop: IAD12-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 476 KB
158 KB 364ms
164ms Script
application/javascript 142.251.167.97
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2Y1H5ZJMBK

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/App-B8tHEfhB.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

96f90aa8c0e02a0f852219314988faf9d4fc0782989a30022a3c9226f878ea79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Mon, 20 Oct 2025 20:18:03 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 161131
date: Mon, 20 Oct 2025 20:18:03 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

POST
H2 200 initialize Show response
featureassets.org/v1/ 26 KB
4 KB 292ms
107ms Fetch
application/json 34.128.128.0
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://featureassets.org/v1/initialize?k=client-5rDNQDOcT7Yt6ZTWHVfNzpkY1kHdmfijSlRx83EYj9e&st=javascript-client&sv=3.21.0&t=1760991482922&sid=aef33325-392e-4842-ae08-4bb0425a09c4&se=1

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.128.128.0 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

0.128.128.34.bc.googleusercontent.com

Software

Resource Hash

9475cf731ce7ff125deb1c0124077fe051c598d90c7d2bde98a88520946371c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://app.read.ai/

Response headers

cache-control: no-transform
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
x-statsig-region: gke-us-west1
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 20 Oct 2025 20:18:03 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding

GET
H3 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v24/ 49 KB
49 KB 200ms
99ms Font
font/woff2 142.251.16.94
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v24/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

1dd49afc07fb2231b2ff686cbf007725fb2742271bb1f28ebd98f22a0d817343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://app.read.ai
Referer: https://fonts.googleapis.com/

Response headers

age: 383888
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 16 Oct 2026 09:39:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 16 Oct 2025 09:39:55 GMT
last-modified: Wed, 10 Sep 2025 16:23:20 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 50316
x-xss-protection: 0
server: sffe

GET
H2 401 me Show response
api.read.ai/users/ 30 B
281 B 498ms
213ms Fetch
application/json 34.237.127.53
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://api.read.ai/users/me

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.127.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-127-53.compute-1.amazonaws.com

Software

uvicorn /

Resource Hash

cfec9feffbcc0dabaa0f92491e3609eeb1e9bc8d17625cd7f043be03b609c812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-Read-App-Info: @app/webapp:v2.62.0
Referer: https://app.read.ai/
X-Read-App-Location: https://app.read.ai/analytics/settings/user/email
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://app.read.ai
content-length: 30
date: Mon, 20 Oct 2025 20:18:03 GMT
content-type: application/json
vary: Origin
server: uvicorn
x-frame-options: DENY

OPTIONS
H2 200 me
api.read.ai/users/ Frame 0
0 521ms
224ms Preflight
text/plain 34.237.127.53
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://api.read.ai/users/me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.127.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-127-53.compute-1.amazonaws.com

Software

uvicorn /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-read-app-info,x-read-app-location
Access-Control-Request-Method: GET
Origin: https://app.read.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-read-app-info,x-read-app-location
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://app.read.ai
access-control-max-age: 600
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 20 Oct 2025 20:18:03 GMT
server: uvicorn
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 index-DK7f7xfF.js Show response
app.read.ai/assets/ 4 MB
1 MB 129ms
127ms Script
text/javascript 3.171.100.83
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://app.read.ai/assets/index-DK7f7xfF.js

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.171.100.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-171-100-83.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

068c9d71a7822d4a36f2fad53743b48cd37cb901a74f81112d1015b54a2fec58

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com .redditstatic.com connect.facebook.net .cookiebot.com .gstatic.com gstatic.com .google.com .googletagmanager.com .stripe.com .zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com .reddit.com .google.com .google-analytics.com .googletagmanager.com .read.ai blob: .googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org .sentry.io .zdassets.com .zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com .run.app conversionsapigateway.com .cookiebot.com .facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: .read.ai .linkedin.com .facebook.com connect.facebook.net .reddit.com reddit.com .google-analytics.com .googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com .atlassian.net 'unsafe-inline'; media-src 'self' blob: data: .read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: .read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' .facebook.com .read.ai .sharepoint.com .live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com .teams.microsoft.com .cloud.microsoft .skype.com login.microsoftonline.com .twitter.com twitter.com .x.com x.com meet.google.com .meet.google.com .live.com; frame-src 'self' consentcdn.cookiebot.com .facebook.com .google.com content.googleapis.com .stripe.com player.vimeo.com login.microsoftonline.com .live.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://app.read.ai
Referer

Response headers

content-encoding: br
etag: W/"63212526fb37eb423e753af50ac5e87a"
age: 3506
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: RJo2ZR8UKak-ABm1ZY2ZGFpcyypzuNne-wAsm3Ics69KtB1iVmKwVA==
date: Mon, 20 Oct 2025 19:19:38 GMT
content-type: text/javascript
vary: accept-encoding, Origin
last-modified: Fri, 17 Oct 2025 23:27:55 GMT
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' *.read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com *.redditstatic.com connect.facebook.net *.cookiebot.com *.gstatic.com gstatic.com *.google.com *.googletagmanager.com *.stripe.com *.zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com *.reddit.com *.google.com *.google-analytics.com *.googletagmanager.com *.read.ai blob: *.googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org *.sentry.io *.zdassets.com *.zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com *.run.app conversionsapigateway.com *.cookiebot.com *.facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: *.read.ai *.linkedin.com *.facebook.com connect.facebook.net *.reddit.com reddit.com *.google-analytics.com *.googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com *.atlassian.net 'unsafe-inline'; media-src 'self' blob: data: *.read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: *.read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' *.facebook.com *.read.ai *.sharepoint.com *.live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com *.teams.microsoft.com *.cloud.microsoft *.skype.com login.microsoftonline.com *.twitter.com twitter.com *.x.com x.com meet.google.com *.meet.google.com *.live.com; frame-src 'self' consentcdn.cookiebot.com *.facebook.com *.google.com content.googleapis.com *.stripe.com player.vimeo.com login.microsoftonline.com *.live.com;
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
via: 1.1 336702a3fb556c2c02b604e07553dd94.cloudfront.net (CloudFront)
access-control-allow-origin: https://app.read.ai
x-xss-protection: 1
x-amz-cf-pop: IAD12-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 NotFoundRedirect-sCatOOTm.js Show response
app.read.ai/assets/ 1 MB
337 KB 215ms
213ms Script
text/javascript 3.171.100.83
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://app.read.ai/assets/NotFoundRedirect-sCatOOTm.js

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.171.100.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-171-100-83.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

09fc998a0ebb491fbf96911b6a391033b76f53ab9f73e8d0338182683f90b12e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com .redditstatic.com connect.facebook.net .cookiebot.com .gstatic.com gstatic.com .google.com .googletagmanager.com .stripe.com .zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com .reddit.com .google.com .google-analytics.com .googletagmanager.com .read.ai blob: .googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org .sentry.io .zdassets.com .zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com .run.app conversionsapigateway.com .cookiebot.com .facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: .read.ai .linkedin.com .facebook.com connect.facebook.net .reddit.com reddit.com .google-analytics.com .googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com .atlassian.net 'unsafe-inline'; media-src 'self' blob: data: .read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: .read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' .facebook.com .read.ai .sharepoint.com .live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com .teams.microsoft.com .cloud.microsoft .skype.com login.microsoftonline.com .twitter.com twitter.com .x.com x.com meet.google.com .meet.google.com .live.com; frame-src 'self' consentcdn.cookiebot.com .facebook.com .google.com content.googleapis.com .stripe.com player.vimeo.com login.microsoftonline.com .live.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://app.read.ai
Referer

Response headers

content-encoding: br
etag: W/"2d348a983baf39d192ca446d2413e3c4"
age: 3527
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 5WHomzfqNk4bl8kyxZ4LlkDWUy_WOBZqxX0q3VglxRL1PJ4y82hyrw==
date: Mon, 20 Oct 2025 19:19:17 GMT
content-type: text/javascript
vary: accept-encoding, Origin
last-modified: Fri, 17 Oct 2025 23:27:54 GMT
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' *.read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com *.redditstatic.com connect.facebook.net *.cookiebot.com *.gstatic.com gstatic.com *.google.com *.googletagmanager.com *.stripe.com *.zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com *.reddit.com *.google.com *.google-analytics.com *.googletagmanager.com *.read.ai blob: *.googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org *.sentry.io *.zdassets.com *.zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com *.run.app conversionsapigateway.com *.cookiebot.com *.facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: *.read.ai *.linkedin.com *.facebook.com connect.facebook.net *.reddit.com reddit.com *.google-analytics.com *.googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com *.atlassian.net 'unsafe-inline'; media-src 'self' blob: data: *.read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: *.read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' *.facebook.com *.read.ai *.sharepoint.com *.live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com *.teams.microsoft.com *.cloud.microsoft *.skype.com login.microsoftonline.com *.twitter.com twitter.com *.x.com x.com meet.google.com *.meet.google.com *.live.com; frame-src 'self' consentcdn.cookiebot.com *.facebook.com *.google.com content.googleapis.com *.stripe.com player.vimeo.com login.microsoftonline.com *.live.com;
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
via: 1.1 336702a3fb556c2c02b604e07553dd94.cloudfront.net (CloudFront)
access-control-allow-origin: https://app.read.ai
x-xss-protection: 1
x-amz-cf-pop: IAD12-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 NotFoundRedirect-Ci_qVgc6.css
app.read.ai/assets/ 430 KB
46 KB 118ms
116ms Stylesheet
text/css 3.171.100.83
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://app.read.ai/assets/NotFoundRedirect-Ci_qVgc6.css

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.171.100.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-171-100-83.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

90b34db5140a34fe71f082885a7f7d302369ec7c58f8421ae9648514712bf6cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com .redditstatic.com connect.facebook.net .cookiebot.com .gstatic.com gstatic.com .google.com .googletagmanager.com .stripe.com .zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com .reddit.com .google.com .google-analytics.com .googletagmanager.com .read.ai blob: .googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org .sentry.io .zdassets.com .zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com .run.app conversionsapigateway.com .cookiebot.com .facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: .read.ai .linkedin.com .facebook.com connect.facebook.net .reddit.com reddit.com .google-analytics.com .googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com .atlassian.net 'unsafe-inline'; media-src 'self' blob: data: .read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: .read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' .facebook.com .read.ai .sharepoint.com .live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com .teams.microsoft.com .cloud.microsoft .skype.com login.microsoftonline.com .twitter.com twitter.com .x.com x.com meet.google.com .meet.google.com .live.com; frame-src 'self' consentcdn.cookiebot.com .facebook.com .google.com content.googleapis.com .stripe.com player.vimeo.com login.microsoftonline.com .live.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://app.read.ai
Referer: https://app.read.ai/analytics/settings/user/email

Response headers

content-encoding: br
etag: W/"a31c1cecccf96246ad5f4e58498b78a2"
age: 1323
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: dbiEblKtVF0zuP0k9gulHSI6SgG0i7Xb_8Hp4oQqV3W1VMxROy6_QA==
date: Mon, 20 Oct 2025 19:56:01 GMT
content-type: text/css
vary: accept-encoding, Origin
last-modified: Fri, 17 Oct 2025 23:27:54 GMT
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' *.read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com *.redditstatic.com connect.facebook.net *.cookiebot.com *.gstatic.com gstatic.com *.google.com *.googletagmanager.com *.stripe.com *.zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com *.reddit.com *.google.com *.google-analytics.com *.googletagmanager.com *.read.ai blob: *.googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org *.sentry.io *.zdassets.com *.zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com *.run.app conversionsapigateway.com *.cookiebot.com *.facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: *.read.ai *.linkedin.com *.facebook.com connect.facebook.net *.reddit.com reddit.com *.google-analytics.com *.googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com *.atlassian.net 'unsafe-inline'; media-src 'self' blob: data: *.read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: *.read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' *.facebook.com *.read.ai *.sharepoint.com *.live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com *.teams.microsoft.com *.cloud.microsoft *.skype.com login.microsoftonline.com *.twitter.com twitter.com *.x.com x.com meet.google.com *.meet.google.com *.live.com; frame-src 'self' consentcdn.cookiebot.com *.facebook.com *.google.com content.googleapis.com *.stripe.com player.vimeo.com login.microsoftonline.com *.live.com;
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
via: 1.1 336702a3fb556c2c02b604e07553dd94.cloudfront.net (CloudFront)
access-control-allow-origin: https://app.read.ai
x-xss-protection: 1
x-amz-cf-pop: IAD12-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 useConnectCalendar-D9vu57SR.js Show response
app.read.ai/assets/ 2 KB
3 KB 216ms
214ms Script
text/javascript 3.171.100.83
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://app.read.ai/assets/useConnectCalendar-D9vu57SR.js

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.171.100.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-171-100-83.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4a226df4c13be41c0807277803a18adef203bafcd6aeb9c93b587fa2712f6599

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com .redditstatic.com connect.facebook.net .cookiebot.com .gstatic.com gstatic.com .google.com .googletagmanager.com .stripe.com .zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com .reddit.com .google.com .google-analytics.com .googletagmanager.com .read.ai blob: .googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org .sentry.io .zdassets.com .zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com .run.app conversionsapigateway.com .cookiebot.com .facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: .read.ai .linkedin.com .facebook.com connect.facebook.net .reddit.com reddit.com .google-analytics.com .googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com .atlassian.net 'unsafe-inline'; media-src 'self' blob: data: .read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: .read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' .facebook.com .read.ai .sharepoint.com .live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com .teams.microsoft.com .cloud.microsoft .skype.com login.microsoftonline.com .twitter.com twitter.com .x.com x.com meet.google.com .meet.google.com .live.com; frame-src 'self' consentcdn.cookiebot.com .facebook.com .google.com content.googleapis.com .stripe.com player.vimeo.com login.microsoftonline.com .live.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://app.read.ai
Referer

Response headers

content-encoding: br
etag: W/"9d238bb04d140145c57be1ab68de0340"
age: 3533
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: warWMfHanU-6BOub0M979Rur1uv2FUbbbZ59r31bPt0tJ2G999NJ8g==
date: Mon, 20 Oct 2025 19:19:11 GMT
content-type: text/javascript
vary: accept-encoding, Origin
last-modified: Fri, 17 Oct 2025 23:27:58 GMT
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' *.read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com *.redditstatic.com connect.facebook.net *.cookiebot.com *.gstatic.com gstatic.com *.google.com *.googletagmanager.com *.stripe.com *.zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com *.reddit.com *.google.com *.google-analytics.com *.googletagmanager.com *.read.ai blob: *.googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org *.sentry.io *.zdassets.com *.zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com *.run.app conversionsapigateway.com *.cookiebot.com *.facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: *.read.ai *.linkedin.com *.facebook.com connect.facebook.net *.reddit.com reddit.com *.google-analytics.com *.googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com *.atlassian.net 'unsafe-inline'; media-src 'self' blob: data: *.read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: *.read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' *.facebook.com *.read.ai *.sharepoint.com *.live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com *.teams.microsoft.com *.cloud.microsoft *.skype.com login.microsoftonline.com *.twitter.com twitter.com *.x.com x.com meet.google.com *.meet.google.com *.live.com; frame-src 'self' consentcdn.cookiebot.com *.facebook.com *.google.com content.googleapis.com *.stripe.com player.vimeo.com login.microsoftonline.com *.live.com;
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
via: 1.1 336702a3fb556c2c02b604e07553dd94.cloudfront.net (CloudFront)
access-control-allow-origin: https://app.read.ai
x-xss-protection: 1
x-amz-cf-pop: IAD12-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 downloadUtils-dFMdTCoZ.js Show response
app.read.ai/assets/ 7 KB
5 KB 216ms
215ms Script
text/javascript 3.171.100.83
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://app.read.ai/assets/downloadUtils-dFMdTCoZ.js

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.171.100.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-171-100-83.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cd415bf7ffc6e5bc56070c39fcf7bbd4a4c3e6bfd142cb44b9346f8663db3b26

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com .redditstatic.com connect.facebook.net .cookiebot.com .gstatic.com gstatic.com .google.com .googletagmanager.com .stripe.com .zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com .reddit.com .google.com .google-analytics.com .googletagmanager.com .read.ai blob: .googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org .sentry.io .zdassets.com .zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com .run.app conversionsapigateway.com .cookiebot.com .facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: .read.ai .linkedin.com .facebook.com connect.facebook.net .reddit.com reddit.com .google-analytics.com .googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com .atlassian.net 'unsafe-inline'; media-src 'self' blob: data: .read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: .read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' .facebook.com .read.ai .sharepoint.com .live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com .teams.microsoft.com .cloud.microsoft .skype.com login.microsoftonline.com .twitter.com twitter.com .x.com x.com meet.google.com .meet.google.com .live.com; frame-src 'self' consentcdn.cookiebot.com .facebook.com .google.com content.googleapis.com .stripe.com player.vimeo.com login.microsoftonline.com .live.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://app.read.ai
Referer

Response headers

content-encoding: br
etag: W/"6325fd1d76e77351ee37f3c0b72fed04"
age: 3506
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: YqZo6WCVQmVfrLIWhThM9wWkWxTCfkRxYec9Oc4MC9pAt49H7IozbA==
date: Mon, 20 Oct 2025 19:19:38 GMT
content-type: text/javascript
vary: accept-encoding, Origin
last-modified: Fri, 17 Oct 2025 23:27:55 GMT
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' *.read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com *.redditstatic.com connect.facebook.net *.cookiebot.com *.gstatic.com gstatic.com *.google.com *.googletagmanager.com *.stripe.com *.zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com *.reddit.com *.google.com *.google-analytics.com *.googletagmanager.com *.read.ai blob: *.googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org *.sentry.io *.zdassets.com *.zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com *.run.app conversionsapigateway.com *.cookiebot.com *.facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: *.read.ai *.linkedin.com *.facebook.com connect.facebook.net *.reddit.com reddit.com *.google-analytics.com *.googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com *.atlassian.net 'unsafe-inline'; media-src 'self' blob: data: *.read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: *.read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' *.facebook.com *.read.ai *.sharepoint.com *.live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com *.teams.microsoft.com *.cloud.microsoft *.skype.com login.microsoftonline.com *.twitter.com twitter.com *.x.com x.com meet.google.com *.meet.google.com *.live.com; frame-src 'self' consentcdn.cookiebot.com *.facebook.com *.google.com content.googleapis.com *.stripe.com player.vimeo.com login.microsoftonline.com *.live.com;
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
via: 1.1 336702a3fb556c2c02b604e07553dd94.cloudfront.net (CloudFront)
access-control-allow-origin: https://app.read.ai
x-xss-protection: 1
x-amz-cf-pop: IAD12-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 index-Bee32Z3a.css
app.read.ai/assets/ 5 KB
3 KB 127ms
125ms Stylesheet
text/css 3.171.100.83
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://app.read.ai/assets/index-Bee32Z3a.css

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.171.100.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-171-100-83.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f827579163615640da9151a9071aae4b19c20ba519b955afe9edf99274898fd9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com .redditstatic.com connect.facebook.net .cookiebot.com .gstatic.com gstatic.com .google.com .googletagmanager.com .stripe.com .zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com .reddit.com .google.com .google-analytics.com .googletagmanager.com .read.ai blob: .googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org .sentry.io .zdassets.com .zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com .run.app conversionsapigateway.com .cookiebot.com .facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: .read.ai .linkedin.com .facebook.com connect.facebook.net .reddit.com reddit.com .google-analytics.com .googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com .atlassian.net 'unsafe-inline'; media-src 'self' blob: data: .read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: .read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' .facebook.com .read.ai .sharepoint.com .live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com .teams.microsoft.com .cloud.microsoft .skype.com login.microsoftonline.com .twitter.com twitter.com .x.com x.com meet.google.com .meet.google.com .live.com; frame-src 'self' consentcdn.cookiebot.com .facebook.com .google.com content.googleapis.com .stripe.com player.vimeo.com login.microsoftonline.com .live.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://app.read.ai
Referer: https://app.read.ai/analytics/settings/user/email

Response headers

content-encoding: br
etag: W/"61853f75168daf1ebd92b84237997aad"
age: 3345
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: I26CIpMPUV3wraTrdUUBKK-QjTjO2QyoMfIM5465_wIJMjCUJDie7A==
date: Mon, 20 Oct 2025 19:22:19 GMT
content-type: text/css
vary: accept-encoding, Origin
last-modified: Fri, 17 Oct 2025 23:27:55 GMT
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' *.read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com *.redditstatic.com connect.facebook.net *.cookiebot.com *.gstatic.com gstatic.com *.google.com *.googletagmanager.com *.stripe.com *.zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com *.reddit.com *.google.com *.google-analytics.com *.googletagmanager.com *.read.ai blob: *.googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org *.sentry.io *.zdassets.com *.zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com *.run.app conversionsapigateway.com *.cookiebot.com *.facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: *.read.ai *.linkedin.com *.facebook.com connect.facebook.net *.reddit.com reddit.com *.google-analytics.com *.googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com *.atlassian.net 'unsafe-inline'; media-src 'self' blob: data: *.read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: *.read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' *.facebook.com *.read.ai *.sharepoint.com *.live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com *.teams.microsoft.com *.cloud.microsoft *.skype.com login.microsoftonline.com *.twitter.com twitter.com *.x.com x.com meet.google.com *.meet.google.com *.live.com; frame-src 'self' consentcdn.cookiebot.com *.facebook.com *.google.com content.googleapis.com *.stripe.com player.vimeo.com login.microsoftonline.com *.live.com;
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
via: 1.1 336702a3fb556c2c02b604e07553dd94.cloudfront.net (CloudFront)
access-control-allow-origin: https://app.read.ai
x-xss-protection: 1
x-amz-cf-pop: IAD12-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 stripe.js Show response
js.stripe.com/basil/ 877 KB
205 KB 273ms
74ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/basil/stripe.js

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/index-DK7f7xfF.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7f5f2e0a6fc0a0f7f2e885c144f4dcb3f4e127c9f01a0806908277918414ebb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

x-request-id: edccc240-ab36-4365-924f-cb6da8165fcc
content-encoding: br
etag: "06c4bdb32e72c6b9ef3488c06522e760"
age: 29
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Mon, 20 Oct 2025 20:18:04 GMT
last-modified: Mon, 20 Oct 2025 18:56:21 GMT
content-type: text/javascript; charset=utf-8
x-cache-hits: 520
x-served-by: cache-den-kden1300029-DEN
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
cache-control: max-age=120
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 209208
server: Fastly

POST
H2 401 token Show response
api.read.ai/users/me/ 30 B
280 B 258ms
257ms Fetch
application/json 34.237.127.53
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://api.read.ai/users/me/token

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.127.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-127-53.compute-1.amazonaws.com

Software

uvicorn /

Resource Hash

cfec9feffbcc0dabaa0f92491e3609eeb1e9bc8d17625cd7f043be03b609c812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-Read-App-Info: @app/webapp:v2.62.0
Referer: https://app.read.ai/
X-Read-App-Location: https://app.read.ai/analytics/settings/user/email
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://app.read.ai
content-length: 30
date: Mon, 20 Oct 2025 20:18:04 GMT
content-type: application/json
vary: Origin
server: uvicorn
x-frame-options: DENY

OPTIONS
H2 200 token
api.read.ai/users/me/ Frame 0
0 117ms
117ms Preflight
text/plain 34.237.127.53
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://api.read.ai/users/me/token

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.127.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-127-53.compute-1.amazonaws.com

Software

uvicorn /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-read-app-info,x-read-app-location
Access-Control-Request-Method: POST
Origin: https://app.read.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-read-app-info,x-read-app-location
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://app.read.ai
access-control-max-age: 600
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 20 Oct 2025 20:18:04 GMT
server: uvicorn
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 204 initialize Show response
featureassets.org/v1/ 0
151 B 102ms
100ms Fetch 34.128.128.0
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://featureassets.org/v1/initialize?k=client-5rDNQDOcT7Yt6ZTWHVfNzpkY1kHdmfijSlRx83EYj9e&st=javascript-client-react&sv=3.21.0&t=1760991484076&sid=aef33325-392e-4842-ae08-4bb0425a09c4&se=1

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.128.128.0 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

0.128.128.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://app.read.ai/

Response headers

access-control-max-age: 7200
cache-control: no-transform
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
via: 1.1 google
x-statsig-region: gke-us-west1
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 20 Oct 2025 20:18:04 GMT
access-control-allow-methods: POST, GET, DELETE, PATCH

POST
H2 202 rgstr Show response
prodregistryv2.org/v1/ 16 B
342 B 508ms
191ms Fetch
application/json 34.128.128.0
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://prodregistryv2.org/v1/rgstr?k=client-5rDNQDOcT7Yt6ZTWHVfNzpkY1kHdmfijSlRx83EYj9e&st=javascript-client-react&sv=3.21.0&t=1760991484077&sid=aef33325-392e-4842-ae08-4bb0425a09c4&ec=3&gz=1

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.128.128.0 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

0.128.128.34.bc.googleusercontent.com

Software

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

access-control-allow-credentials: true
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
permissions-policy: interest-cohort=()
x-response-time: 0 ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Mon, 20 Oct 2025 20:18:03 GMT
content-type: application/json
x-frame-options: SAMEORIGIN

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 364ms
77ms Script
application/javascript 216.198.53.3
CLOUDFLARESPECTRU...

General

Check archive.org

Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=11845bde-7c74-4711-9e4f-60ced041f56b

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/NotFoundRedirect-sCatOOTm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7bc1c531e38c4b4426fc517ea855844f31a5d8bf1c6ff7a45e32eb92dbfad6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"ab51643012bf7f527f6f8902883cf621"
x-amz-version-id: RTwFLgtzxsenB5BRizZThKM6ycEhuUDi
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZOoGG%2B2Dd3KFH5HXate0ulJDI7UuXwsPV2QG2UtjNdxcFK2ArsUuhwiSGJaUQnbT2N993Cux6rJ0YKV7B0ALAONAO8n6pc3UBBtrwlqvCFwdYGyR0K9RDVdn3oNycfxEg0tdNhU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
date: Mon, 20 Oct 2025 20:18:04 GMT
content-type: application/javascript
last-modified: Wed, 16 Jul 2025 12:06:11 GMT
vary: Accept-Encoding
x-amz-id-2: ssjg2F4IwMF+78rA9E1lHEz18H3z7WUpXRK+ms6fjtRpTEx4MUZCuxJy3HkxxigMztA6iEC43TJByhZwuyU6qg==
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=3600, s-maxage=60
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 037S2EC6XCM670E7
cf-ray: 991b33c99f223203-SLC
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 service-status Show response
api.read.ai/public/ 230 B
477 B 133ms
125ms Fetch
application/json 34.237.127.53
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://api.read.ai/public/service-status

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.127.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-127-53.compute-1.amazonaws.com

Software

uvicorn /

Resource Hash

a473a4904271224952171174c2c41740a9f60ab2c10a561f3210c793522bde54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-Read-App-Info: @app/webapp:v2.62.0
Referer: https://app.read.ai/
X-Read-App-Location: https://app.read.ai/analytics/settings/user/email
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://app.read.ai
content-length: 230
date: Mon, 20 Oct 2025 20:18:04 GMT
content-type: application/json
vary: Origin
server: uvicorn
x-frame-options: DENY

GET
H2 200 plans Show response
api.read.ai/billing/ 3 KB
721 B 224ms
217ms Fetch
application/json 34.237.127.53
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://api.read.ai/billing/plans

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.127.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-127-53.compute-1.amazonaws.com

Software

uvicorn /

Resource Hash

6de849c4fd2c1f6ababf48644d8583d018349ec63024b7e9580f055ecce3a831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-Read-App-Info: @app/webapp:v2.62.0
Referer: https://app.read.ai/
X-Read-App-Location: https://app.read.ai/analytics/settings/user/email
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://app.read.ai
content-length: 445
date: Mon, 20 Oct 2025 20:18:04 GMT
content-type: application/json
vary: Origin, Accept-Encoding
server: uvicorn
x-frame-options: DENY

GET
H2 401 me Show response
api.read.ai/users/ 30 B
280 B 273ms
271ms Fetch
application/json 34.237.127.53
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://api.read.ai/users/me

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.127.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-127-53.compute-1.amazonaws.com

Software

uvicorn /

Resource Hash

cfec9feffbcc0dabaa0f92491e3609eeb1e9bc8d17625cd7f043be03b609c812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-Read-App-Info: @app/webapp:v2.62.0
Referer: https://app.read.ai/
X-Read-App-Location: https://app.read.ai/analytics/settings/user/email
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://app.read.ai
content-length: 30
date: Mon, 20 Oct 2025 20:18:04 GMT
content-type: application/json
vary: Origin
server: uvicorn
x-frame-options: DENY

OPTIONS
H2 200 service-status
api.read.ai/public/ Frame 0
0 268ms
265ms Preflight
text/plain 34.237.127.53
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://api.read.ai/public/service-status

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.127.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-127-53.compute-1.amazonaws.com

Software

uvicorn /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-read-app-info,x-read-app-location
Access-Control-Request-Method: GET
Origin: https://app.read.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-read-app-info,x-read-app-location
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://app.read.ai
access-control-max-age: 600
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 20 Oct 2025 20:18:04 GMT
server: uvicorn
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

OPTIONS
H2 200 plans
api.read.ai/billing/ Frame 0
0 268ms
266ms Preflight
text/plain 34.237.127.53
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://api.read.ai/billing/plans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.127.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-127-53.compute-1.amazonaws.com

Software

uvicorn /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-read-app-info,x-read-app-location
Access-Control-Request-Method: GET
Origin: https://app.read.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-read-app-info,x-read-app-location
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://app.read.ai
access-control-max-age: 600
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 20 Oct 2025 20:18:04 GMT
server: uvicorn
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 329 KB
113 KB 226ms
226ms Script
application/javascript 142.251.167.97
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MSG69NB

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/index-DK7f7xfF.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

dbed5490e250db65cb9b491cb79970465c33900df73592cf3595b19ef4e163bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

content-encoding: zstd
expires: Mon, 20 Oct 2025 20:18:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 20 Oct 2025 20:18:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 20 Oct 2025 19:06:33 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 115888
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 client Show response
accounts.google.com/gsi/ 236 KB
89 KB 565ms
162ms Script
application/javascript 142.250.31.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/NotFoundRedirect-sCatOOTm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f84.1e100.net

Software

ESF /

Resource Hash

265e664581a68b2e2e4c1bf7b76406e9f3fecf63d1b60ccdfaf475bb8f9297be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2JuH7ain6Wg1OCRLpC-pIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

content-security-policy: script-src 'report-sample' 'nonce-2JuH7ain6Wg1OCRLpC-pIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=1800
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Mon, 20 Oct 2025 20:18:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Mon, 20 Oct 2025 20:18:04 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 search_copilot_hero-DPyzaY57.png
app.read.ai/assets/ 126 KB
128 KB 235ms
231ms Image
image/png 3.171.100.83
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://app.read.ai/assets/search_copilot_hero-DPyzaY57.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.171.100.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-171-100-83.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e6cfe1775ac47b232aba1bd67631e8e9923580a30477d992094c1f87e55802b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com .redditstatic.com connect.facebook.net .cookiebot.com .gstatic.com gstatic.com .google.com .googletagmanager.com .stripe.com .zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com .reddit.com .google.com .google-analytics.com .googletagmanager.com .read.ai blob: .googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org .sentry.io .zdassets.com .zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com .run.app conversionsapigateway.com .cookiebot.com .facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: .read.ai .linkedin.com .facebook.com connect.facebook.net .reddit.com reddit.com .google-analytics.com .googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com .atlassian.net 'unsafe-inline'; media-src 'self' blob: data: .read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: .read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' .facebook.com .read.ai .sharepoint.com .live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com .teams.microsoft.com .cloud.microsoft .skype.com login.microsoftonline.com .twitter.com twitter.com .x.com x.com meet.google.com .meet.google.com .live.com; frame-src 'self' consentcdn.cookiebot.com .facebook.com .google.com content.googleapis.com .stripe.com player.vimeo.com login.microsoftonline.com .live.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/analytics/signin?redirectTo=https%3A%2F%2Fapp.read.ai%2Fanalytics%2Fsettings%2Fuser%2Femail

Response headers

etag: "2cdf1d188f033e41756c42cab658d9b1"
age: 2425
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Feb6jeyHVgCAxNtSyrWVIIk6V2HNjCiDgseuRqxl3EEBPURWecXOZw==
date: Mon, 20 Oct 2025 19:37:40 GMT
content-type: image/png
vary: accept-encoding, Origin
last-modified: Fri, 17 Oct 2025 23:27:58 GMT
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' *.read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com *.redditstatic.com connect.facebook.net *.cookiebot.com *.gstatic.com gstatic.com *.google.com *.googletagmanager.com *.stripe.com *.zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com *.reddit.com *.google.com *.google-analytics.com *.googletagmanager.com *.read.ai blob: *.googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org *.sentry.io *.zdassets.com *.zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com *.run.app conversionsapigateway.com *.cookiebot.com *.facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: *.read.ai *.linkedin.com *.facebook.com connect.facebook.net *.reddit.com reddit.com *.google-analytics.com *.googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com *.atlassian.net 'unsafe-inline'; media-src 'self' blob: data: *.read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: *.read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' *.facebook.com *.read.ai *.sharepoint.com *.live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com *.teams.microsoft.com *.cloud.microsoft *.skype.com login.microsoftonline.com *.twitter.com twitter.com *.x.com x.com meet.google.com *.meet.google.com *.live.com; frame-src 'self' consentcdn.cookiebot.com *.facebook.com *.google.com content.googleapis.com *.stripe.com player.vimeo.com login.microsoftonline.com *.live.com;
referrer-policy: strict-origin-when-cross-origin
via: 1.1 336702a3fb556c2c02b604e07553dd94.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 129516
x-xss-protection: 1
x-amz-cf-pop: IAD12-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 auth_rss-2Jl4i8T-.png
app.read.ai/assets/ 417 KB
419 KB 236ms
232ms Image
image/png 3.171.100.83
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://app.read.ai/assets/auth_rss-2Jl4i8T-.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.171.100.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-171-100-83.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ee80d649f7214975419d02e01ed7b4f823303393186efe495284cfafc8afd35d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com .redditstatic.com connect.facebook.net .cookiebot.com .gstatic.com gstatic.com .google.com .googletagmanager.com .stripe.com .zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com .reddit.com .google.com .google-analytics.com .googletagmanager.com .read.ai blob: .googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org .sentry.io .zdassets.com .zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com .run.app conversionsapigateway.com .cookiebot.com .facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: .read.ai .linkedin.com .facebook.com connect.facebook.net .reddit.com reddit.com .google-analytics.com .googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com .atlassian.net 'unsafe-inline'; media-src 'self' blob: data: .read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: .read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' .facebook.com .read.ai .sharepoint.com .live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com .teams.microsoft.com .cloud.microsoft .skype.com login.microsoftonline.com .twitter.com twitter.com .x.com x.com meet.google.com .meet.google.com .live.com; frame-src 'self' consentcdn.cookiebot.com .facebook.com .google.com content.googleapis.com .stripe.com player.vimeo.com login.microsoftonline.com .live.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/analytics/signin?redirectTo=https%3A%2F%2Fapp.read.ai%2Fanalytics%2Fsettings%2Fuser%2Femail

Response headers

etag: "4374607dd82ac0fc47d2e53491a456e4"
age: 2425
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 7d9e7Cz4Aiz1U3vZ-7Tz8mCaLXOY52gdzTKrPxUeFByiExrANed9sA==
date: Mon, 20 Oct 2025 19:37:40 GMT
content-type: image/png
vary: accept-encoding, Origin
last-modified: Fri, 17 Oct 2025 23:27:55 GMT
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' *.read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com *.redditstatic.com connect.facebook.net *.cookiebot.com *.gstatic.com gstatic.com *.google.com *.googletagmanager.com *.stripe.com *.zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com *.reddit.com *.google.com *.google-analytics.com *.googletagmanager.com *.read.ai blob: *.googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org *.sentry.io *.zdassets.com *.zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com *.run.app conversionsapigateway.com *.cookiebot.com *.facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: *.read.ai *.linkedin.com *.facebook.com connect.facebook.net *.reddit.com reddit.com *.google-analytics.com *.googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com *.atlassian.net 'unsafe-inline'; media-src 'self' blob: data: *.read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: *.read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' *.facebook.com *.read.ai *.sharepoint.com *.live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com *.teams.microsoft.com *.cloud.microsoft *.skype.com login.microsoftonline.com *.twitter.com twitter.com *.x.com x.com meet.google.com *.meet.google.com *.live.com; frame-src 'self' consentcdn.cookiebot.com *.facebook.com *.google.com content.googleapis.com *.stripe.com player.vimeo.com login.microsoftonline.com *.live.com;
referrer-policy: strict-origin-when-cross-origin
via: 1.1 336702a3fb556c2c02b604e07553dd94.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 426889
x-xss-protection: 1
x-amz-cf-pop: IAD12-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 favicon.ico
app.read.ai/ 15 KB
0 3ms
3ms Other
image/vnd.microsoft.icon 3.171.100.83
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://app.read.ai/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.171.100.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-171-100-83.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

21e3f2c31ba605a773a378d10e5d2921725192937933583f291cf2b3b2f2376b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com .redditstatic.com connect.facebook.net .cookiebot.com .gstatic.com gstatic.com .google.com .googletagmanager.com .stripe.com .zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com .reddit.com .google.com .google-analytics.com .googletagmanager.com .read.ai blob: .googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org .sentry.io .zdassets.com .zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com .run.app conversionsapigateway.com .cookiebot.com .facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: .read.ai .linkedin.com .facebook.com connect.facebook.net .reddit.com reddit.com .google-analytics.com .googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com .atlassian.net 'unsafe-inline'; media-src 'self' blob: data: .read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: .read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' .facebook.com .read.ai .sharepoint.com .live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com .teams.microsoft.com .cloud.microsoft .skype.com login.microsoftonline.com .twitter.com twitter.com .x.com x.com meet.google.com .meet.google.com .live.com; frame-src 'self' consentcdn.cookiebot.com .facebook.com .google.com content.googleapis.com .stripe.com player.vimeo.com login.microsoftonline.com .live.com;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/analytics/signin?redirectTo=https%3A%2F%2Fapp.read.ai%2Fanalytics%2Fsettings%2Fuser%2Femail

Response headers

etag: "cb681e65721db81d34576cfe39a37dac"
age: 229
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: UcdcpnuWLdghiqpZq17P1bWvUZw-JaSvKxRBOu6cPrPtj2hbjJTY-Q==
date: Mon, 20 Oct 2025 20:14:14 GMT
content-type: image/vnd.microsoft.icon
vary: accept-encoding, Origin
last-modified: Fri, 17 Oct 2025 23:27:58 GMT
x-frame-options: DENY
content-security-policy: default-src 'self' *.read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com *.redditstatic.com connect.facebook.net *.cookiebot.com *.gstatic.com gstatic.com *.google.com *.googletagmanager.com *.stripe.com *.zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com *.reddit.com *.google.com *.google-analytics.com *.googletagmanager.com *.read.ai blob: *.googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org *.sentry.io *.zdassets.com *.zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com *.run.app conversionsapigateway.com *.cookiebot.com *.facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: *.read.ai *.linkedin.com *.facebook.com connect.facebook.net *.reddit.com reddit.com *.google-analytics.com *.googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com *.atlassian.net 'unsafe-inline'; media-src 'self' blob: data: *.read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: *.read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' *.facebook.com *.read.ai *.sharepoint.com *.live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com *.teams.microsoft.com *.cloud.microsoft *.skype.com login.microsoftonline.com *.twitter.com twitter.com *.x.com x.com meet.google.com *.meet.google.com *.live.com; frame-src 'self' consentcdn.cookiebot.com *.facebook.com *.google.com content.googleapis.com *.stripe.com player.vimeo.com login.microsoftonline.com *.live.com;
referrer-policy: strict-origin-when-cross-origin
via: 1.1 336702a3fb556c2c02b604e07553dd94.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 15406
x-xss-protection: 1
x-amz-cf-pop: IAD12-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 collect
analytics.google.com/g/ 0
0 507ms
249ms Fetch
text/plain 142.251.16.100
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-2Y1H5ZJMBK&gtm=45je5ag0v882048435za200zd882048435&_p=1760991484153&_gaz=1&gcd=13l3l3l3l1l1&npa=0&_ng=1&dma=0&cid=487472678.1760991484&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~115480709~115938465~115938469~116110425~116110427&sid=1760991483&sct=1&seg=0&dl=https%3A%2F%2Fapp.read.ai%2Fanalytics%2Fsignin%3FredirectTo%3Dhttps%253A%252F%252Fapp.read.ai%252Fanalytics%252Fsettings%252Fuser%252Femail&dt=Read%20-%20Sign%20in&en=scroll&_fv=1&_nsi=1&_ss=1&ep.debug=false&epn.percent_scrolled=90&tfd=3872
Requested by: Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.16.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f100.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:158:0
report-to: {"group":"ascnsrsggc:158:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:158:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://app.read.ai
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:158:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 20 Oct 2025 20:18:04 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
554 B 366ms
152ms Ping
text/plain 142.251.167.154
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-2Y1H5ZJMBK&cid=487472678.1760991484&gtm=45je5ag0v882048435za200zd882048435&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~115480709~115938465~115938469~116110425~116110427
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2Y1H5ZJMBK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ww-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:127:0
report-to: {"group":"ascnsrsggc:127:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:127:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://app.read.ai
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:127:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 20 Oct 2025 20:18:04 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 119 KB
37 KB 653ms
188ms Script
application/javascript 23.212.251.22
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=997ea23f-3229-4b81-b457-e9c33be1daeb&implementation=gtm&consentmode-dataredaction=dynamic
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSG69NB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.251.22 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-251-22.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d7ba610864f55019010a006c2d14b01be139ce51d372894e7b992d5e7e9eaa62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

access-control-expose-headers: Request-Context
cache-control: public, max-age=1123
content-encoding: gzip
etag: "d491fbfe1b27dc1:0"
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
expires: Mon, 20 Oct 2025 20:36:48 GMT
accept-ranges: bytes
content-length: 37405
date: Mon, 20 Oct 2025 20:18:05 GMT
content-type: application/javascript
last-modified: Tue, 16 Sep 2025 15:10:10 GMT
vary: Accept-Encoding

GET
H2 200 11845bde-7c74-4711-9e4f-60ced041f56b Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 273ms
70ms Fetch
application/json 216.198.53.3
CLOUDFLARESPECTRU...

General

Check archive.org

Download Go to

Full URL

https://ekr.zdassets.com/compose/11845bde-7c74-4711-9e4f-60ced041f56b

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a5304aff1c7abc5f9ad20a118d2ba83d084ae578aea0f9c155478797e0cc961

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

access-control-max-age: 7200
x-request-id: 9912fc05effe6b1c-SEA
access-control-expose-headers
content-encoding: br
cf-cache-status: HIT
etag: W/"4a5304aff1c7abc5f9ad20a118d2ba83"
age: 40
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O6dvEKz0l%2BZz12akXyd7zduSIe62hhD2FzvzM%2BKhYDSVA44PdlLNbsLGWvov0TdzGxnAP8W7eGJzt7FbOtyOKfXYeTrkEUwDeLy5HP6tRxeg%2F6GzejP7ttPLPDDu4Do7UDg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
date: Mon, 20 Oct 2025 20:18:04 GMT
content-type: application/json; charset=utf-8
vary: Accept,Origin, Accept-Encoding
x-runtime: 0.012351
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
cdn-cache-control: max-age=60
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
zendesk-service: embed-key-registry
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 14
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: zorg
cf-ray: 991b33cb89ef7b25-SLC
access-control-allow-origin: *
x-zendesk-zorg: yes
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 controller-with-preconnect-5c9c4b3062885b0eda86b2be1f7a7a10.html Show response
js.stripe.com/v3/ Frame 3A84 667 B
1 KB 331ms
132ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-5c9c4b3062885b0eda86b2be1f7a7a10.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/basil/stripe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

39c2009dd33c30b7d01dcd22b2b1f4595099eff186c394fdb3572042ec163354

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.read.ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 260091
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 407
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 20 Oct 2025 20:18:04 GMT
etag: "5c9c4b3062885b0eda86b2be1f7a7a10"
last-modified: Fri, 17 Oct 2025 20:02:00 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 31106
x-content-type-options: nosniff
x-request-id: 60b114ca-2dd9-4d77-80e4-0d7865223941
x-served-by: cache-den-kden1300080-DEN

GET
H2 200 web-widget-main-dc053fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame C15E 834 KB
269 KB 81ms
81ms Script
application/javascript 216.198.53.3
CLOUDFLARESPECTRU...

General

Check archive.org

Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-dc053fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=11845bde-7c74-4711-9e4f-60ced041f56b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80cf3eff33e885c488a0ed496dbaf8239302d5fb99a1543d0a1c23aed97602ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"21845129da14508e723bde8f1a4788a1"
x-amz-version-id: .bWXywqKlZVSHUpK8SryT797MpZCtoYw
age: 118221
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uj2igFp4cjw4zT3%2BtR7vI4IMpi7D1yvj%2FjOlD%2FDBWAj8ny09yRuLKwLdG2LOM6X4BKlfTEOHBSN8F0SBkqYpEElOesoGD4wzG7ulZh1zyisk36p7w8yiIT2wm7m0rnCplt%2FpTBM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
expires: Sat, 10 Oct 2026 11:09:24 GMT
date: Mon, 20 Oct 2025 20:18:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 10 Oct 2025 11:09:25 GMT
vary: Accept-Encoding
x-amz-id-2: Oiorfj0sg7jXT8ZdMysV652K4MunZ0E7coQuiRePacuk5lRfDjFh5PtfB6kymzXU/0wo24a558s=
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M6H5S777VAAT46H7
cf-ray: 991b33cc48943203-SLC
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 web-identity
google.com/.well-known/ 0
131 B FedCM
application/json 172.253.63.106
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://google.com/.well-known/web-identity

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f106.1e100.net

Software

sffe /

Resource Hash

449a05234c179f92cedda0b99b2f16d311214393fcae0313dcd39f228d7c624f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json

Response headers

accept-ranges: bytes
age: 18098
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 107
content-type: application/json
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
date: Mon, 20 Oct 2025 15:16:27 GMT
expires: Tue, 21 Oct 2025 15:16:27 GMT
last-modified: Thu, 06 Jun 2024 18:30:00 GMT
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fedcm.json
accounts.google.com/gsi/ 0
1 KB FedCM
application/json 142.250.31.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/fedcm.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f84.1e100.net

Software

ESF /

Resource Hash

3ceb3d73867b1e6b7afd0ab69e54fc13efa43802621d11d59582e04f477012ff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-25mhT8z0jZ9s5yt-04CIzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-25mhT8z0jZ9s5yt-04CIzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: application/json; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Mon, 20 Oct 2025 20:18:05 GMT
expires: Mon, 20 Oct 2025 20:18:05 GMT
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 style
accounts.google.com/gsi/ 722 B
648 B 145ms
144ms Stylesheet
text/css 142.250.31.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f84.1e100.net

Software

ESF /

Resource Hash

a45935de74ef635a8e48dc4054b5802f8310f6f59a0fc6e2bc580df4f101c801

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-nj0B_ehOGiENjdy0aofevA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-nj0B_ehOGiENjdy0aofevA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=86400
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Mon, 20 Oct 2025 20:18:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Mon, 20 Oct 2025 20:18:04 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 shared-6cdf97bbd312f19b58ba5eb7badeb3f8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3A84 767 KB
167 KB 67ms
66ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-6cdf97bbd312f19b58ba5eb7badeb3f8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-with-preconnect-5c9c4b3062885b0eda86b2be1f7a7a10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e61a70499c45e64179d0bff47f55571c7ea94ea2d5d0a246f587aec11c39dc3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://js.stripe.com/v3/controller-with-preconnect-5c9c4b3062885b0eda86b2be1f7a7a10.html

Response headers

x-request-id: 35343166-2b0d-4099-8c35-50880641d10a
content-encoding: br
etag: "b4215719ba59302b6812963b3da06c32"
age: 260090
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Mon, 20 Oct 2025 20:18:05 GMT
last-modified: Fri, 17 Oct 2025 20:02:14 GMT
content-type: text/javascript; charset=utf-8
x-cache-hits: 1378
x-served-by: cache-den-kden1300080-DEN
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 170250
server: Fastly

GET
H2 200 controller-with-preconnect-0cf7c0efb25e9b847150e1b409eeb0fe.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3A84 1022 KB
222 KB 250ms
249ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-with-preconnect-0cf7c0efb25e9b847150e1b409eeb0fe.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-with-preconnect-5c9c4b3062885b0eda86b2be1f7a7a10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

896c1bb45f850a29b0b4621be2bd27c072d7c6386e293782cbf2c1dfe29fb353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://js.stripe.com/v3/controller-with-preconnect-5c9c4b3062885b0eda86b2be1f7a7a10.html

Response headers

x-request-id: b4e86145-0d93-4806-bdd2-0704440bf35c
content-encoding: br
etag: "fa5369cd309aeeedf0e28f32e69d270b"
age: 260091
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Mon, 20 Oct 2025 20:18:05 GMT
last-modified: Fri, 17 Oct 2025 20:02:11 GMT
content-type: text/javascript; charset=utf-8
x-cache-hits: 28872
x-served-by: cache-den-kden1300080-DEN
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 227581
server: Fastly

GET
H2 200 en-us-json-dc053fa.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame C15E 25 KB
6 KB 87ms
86ms Script
application/javascript 216.198.53.3
CLOUDFLARESPECTRU...

General

Check archive.org

Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-dc053fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-dc053fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9cc9a0c33e8f0a92ae6b066dffd5f6f1dbb8da33010b8898297e44e4a66334a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"ab9bdda3847e8d3b65353203cfa2118a"
x-amz-version-id: PEDjoe4hWLFMLvN1Ai0jIPWzE.0WdYh4
age: 221724
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLcH5w3TQfGufTFSV1bJK82SQecsyCp5rP4WC0Qr%2BQS0jAWBmVjquLWPF3gTpK%2FaH4yH%2FmNV%2B%2B%2F9hW0amEq3PDrG21lmo0l0V7fTghsFnI1qW9fUX9j5bcp8MfO0kDA3GQj54JQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
expires: Sat, 10 Oct 2026 11:09:26 GMT
date: Mon, 20 Oct 2025 20:18:05 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 10 Oct 2025 11:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: VM8YCFQb9FMghkca9OnftL+lyWbVA6MLViV2M+B+GewczvEDGpvw29UdiWAGld0Iat4JCui0hlv0batGiCTYYKaDfwFw98vqiaXwv1KbGJM=
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M6H2XF8T50W46M3H
cf-ray: 991b33cf4bc43203-SLC
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 config Show response
readinc.zendesk.com/embeddable/ Frame C15E 641 B
1 KB 278ms
78ms Fetch
application/json 216.198.54.6
CLOUDFLARESPECTRU...

General

Check archive.org

Download Go to

Full URL: https://readinc.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-dc053fa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.198.54.6 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4873cec6f062aaaf5bb61171c0501f65b579d1b50334f8c6c897a28269f199

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 7200
x-request-id: 991b31261a91ddb3-SJC
access-control-expose-headers
x-zendesk-origin-server: embeddable-app-server-699b995bf7-m5887
cf-cache-status: HIT
age: 41
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A8WJ5Fnnb1mgvoTNOMFZwr36f8DAisH7Zr83xJKXRON45FQlPvq4DZN0Ee8mi6xc5Bnbk%2B9kT3bEjlZANl8lVizVoSBpRDxS4qzyg57MJAhNP70IVk7CWVLiQmVa8ouDe%2F5JsIU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
date: Mon, 20 Oct 2025 20:18:05 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
x-runtime: 0.001605
last-modified: Mon, 20 Oct 2025 20:16:16 GMT
x-cache-status: EXPIRED
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
zendesk-service: embeddable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 6
x-envoy-decorator-operation: /embeddable
via: zorg
cf-ray: 991b33d0885b38e9-SLC
access-control-allow-origin: *
x-zendesk-zorg: yes
server: cloudflare

GET
H3 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 3A84 474 B
605 B 132ms
66ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-6cdf97bbd312f19b58ba5eb7badeb3f8.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f85f207aaf9d17df0c624cbc1f19b58a223b1bf6a9526830d48c58ceb573596e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/controller-with-preconnect-5c9c4b3062885b0eda86b2be1f7a7a10.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/x-www-form-urlencoded

Response headers

x-request-id: 39fc1df8-9e3e-44e3-bd91-09cf5591d322
content-encoding: br
etag: "53e06574320595c9247c313c72b2a1fc"
age: 39
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Mon, 20 Oct 2025 20:18:05 GMT
last-modified: Mon, 20 Oct 2025 18:56:27 GMT
content-type: application/json
x-cache-hits: 4781
x-served-by: cache-den-kden1300084-DEN
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 280
server: Fastly

GET
H3 200 stripe-cookies-0365765a4afa0da4fe353e8fa3bd8a03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3A84 65 KB
14 KB 67ms
66ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/stripe-cookies-0365765a4afa0da4fe353e8fa3bd8a03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-with-preconnect-0cf7c0efb25e9b847150e1b409eeb0fe.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

36cd7308f5141e7e2be67a3090ba479012d3e16a1b8e4a8456874caddd3dbf98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://js.stripe.com/v3/controller-with-preconnect-5c9c4b3062885b0eda86b2be1f7a7a10.html

Response headers

x-request-id: e1390beb-c244-4dc0-a90e-ce3031d82216
content-encoding: br
etag: "77d43802abe03e19a8a1d1c4594cc253"
age: 1997367
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Mon, 20 Oct 2025 20:18:05 GMT
last-modified: Wed, 16 Apr 2025 20:38:21 GMT
content-type: text/javascript; charset=utf-8
x-cache-hits: 157981
x-served-by: cache-den-kden1300061-DEN
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13874
server: Fastly

GET
H3 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 3A84 474 B
0 130ms
130ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-6cdf97bbd312f19b58ba5eb7badeb3f8.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: f85f207aaf9d17df0c624cbc1f19b58a223b1bf6a9526830d48c58ceb573596e

Request headers

Referer: https://js.stripe.com/v3/controller-with-preconnect-5c9c4b3062885b0eda86b2be1f7a7a10.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/x-www-form-urlencoded

Response headers

x-request-id: 39fc1df8-9e3e-44e3-bd91-09cf5591d322
content-encoding: br
etag: "53e06574320595c9247c313c72b2a1fc"
age: 39
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Mon, 20 Oct 2025 20:18:05 GMT
last-modified: Mon, 20 Oct 2025 18:56:27 GMT
content-type: application/json
x-cache-hits: 4781
x-served-by: cache-den-kden1300084-DEN
vary: Accept-Encoding
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 280
server: Fastly

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 9125 627 B
813 B 683ms
409ms Document
text/html 184.24.67.161
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=997ea23f-3229-4b81-b457-e9c33be1daeb&implementation=gtm&consentmode-dataredaction=dynamic
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.67.161 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-67-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://app.read.ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=31535999
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Oct 2025 20:18:06 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Tue, 20 Oct 2026 20:18:05 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1760991485655_400321418_965640544_29_1081_48_160_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/997ea23f-3229-4b81-b457-e9c33be1daeb/ 418 KB
155 KB 344ms
338ms Script
application/x-javascript 23.212.251.22
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://consent.cookiebot.com/997ea23f-3229-4b81-b457-e9c33be1daeb/cc.js?renew=false&referer=app.read.ai&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=997ea23f-3229-4b81-b457-e9c33be1daeb&implementation=gtm&consentmode-dataredaction=dynamic
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.251.22 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-251-22.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 519cfe5aca1043a6c39982e4072fd0a7d96d56d44fa8d52ee0e95e2d410b7f62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://app.read.ai/

Response headers

cache-control: private, max-age=1200
access-control-expose-headers: Request-Context
content-encoding: gzip
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
content-length: 158225
date: Mon, 20 Oct 2025 20:18:05 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 20 Oct 2025 20:18:05 GMT
vary: Accept-Encoding

GET
H2 200 listaccounts
accounts.google.com/gsi/fedcm/ 0
886 B FedCM
application/json 142.250.31.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/fedcm/listaccounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f84.1e100.net

Software

ESF /

Resource Hash

f80c7a28c7780081af8b273543b91fc9a1f29fbe2891e5f67218e4952bd2154a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-mNEIiiq38-YRGeFuhmcq8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-mNEIiiq38-YRGeFuhmcq8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: application/json; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Mon, 20 Oct 2025 20:18:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 538C 200 B
987 B 66ms
66ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/basil/stripe.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.read.ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2032884
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 20 Oct 2025 20:18:05 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Mon, 16 Dec 2024 21:06:18 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 465894
x-content-type-options: nosniff
x-request-id: 8cc81a16-a8d2-40d8-81d7-056c8ef7fd06
x-served-by: cache-den-kden1300061-DEN

GET
H3 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 538C 526 B
617 B 67ms
66ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Response headers

x-request-id: 0a93191f-8d28-4aac-973f-ab0f5f4818f1
content-encoding: br
etag: "d96c709017743c0759cf3853d1806ba5"
age: 2040682
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Mon, 20 Oct 2025 20:18:05 GMT
last-modified: Mon, 16 Dec 2024 21:06:17 GMT
content-type: text/javascript; charset=utf-8
x-cache-hits: 441778
x-served-by: cache-den-kden1300061-DEN
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 256
server: Fastly

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 3B8A 930 B
1 KB 114ms
66ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

92844e6b1ad5890a9e5e4b9dfb7abdb37dca64e8ca7365052c9d2fc8103c349d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e357n1PxCJ8d03/QCSKaHFmHF1JADyvSHdSfshxM494=' 'sha256-5DA+a07wxWmEka9IdoWjSPVHb17Cp5284/lJzfbl8KA=' 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 251
cache-control: max-age=300, public
content-encoding: br
content-length: 438
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e357n1PxCJ8d03/QCSKaHFmHF1JADyvSHdSfshxM494=' 'sha256-5DA+a07wxWmEka9IdoWjSPVHb17Cp5284/lJzfbl8KA=' 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 20 Oct 2025 20:18:05 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 251
x-content-type-options: nosniff
x-request-id: 0f200303-5191-45bd-aa11-c91d96a9b802
x-served-by: cache-den-kden1300080-DEN
x-timer: S1760991486.838870,VS0,VE0

GET
H2 200 out-4.5.45.js Show response
m.stripe.network/ Frame 3B8A 87 KB
14 KB 103ms
65ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://m.stripe.network/out-4.5.45.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f2a8a36c74c59cfbe7a73d441cfd180ca6e6a9942a74ef9b240191d1c6056a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://m.stripe.network/inner.html

Response headers

x-request-id: ce8db809-c2b9-4c44-aa59-48b31a475946
content-encoding: br
age: 202
x-content-type-options: nosniff
x-cache: HIT
date: Mon, 20 Oct 2025 20:18:05 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-den-kden1300080-DEN
x-cache-hits: 214
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=300, public
x-timer: S1760991486.997588,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
content-length: 14184
server: Fastly

POST
H2 200 6 Show response
m.stripe.com/ Frame 3B8A 156 B
579 B 440ms
135ms XHR
application/json 35.163.50.127
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.45.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.163.50.127 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-163-50-127.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d165a255b3eaaabe0c473fd9ad2d9c91814b431a655e8b5449599e7813087e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://m.stripe.network/

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
x-stripe-proxy-response: upstream
access-control-allow-credentials: true
x-content-type-options: nosniff
x-stripe-server-rpc-duration-micros: 2018
access-control-allow-origin: https://m.stripe.network
content-length: 156
date: Mon, 20 Oct 2025 20:18:06 GMT
content-type: application/json;charset=utf-8
server: nginx
access-control-allow-headers: Content-Type

GET
DATA 200
OK truncated
/ 37 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d46d54aca0f0344e1d99e475ddb37760ccca0c7a3bb179b2374aed9eb4525222

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 293 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

POST
H2 200 b Show response
r.stripe.com/ Frame 3A84 0
212 B 346ms
140ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-6cdf97bbd312f19b58ba5eb7badeb3f8.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-proxy-response: upstream
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-origin: https://js.stripe.com
x-stripe-server-rpc-duration-micros: 2501
content-length: 0
date: Mon, 20 Oct 2025 20:18:06 GMT
content-type: text/plain
server: nginx

POST
H2 200 b Show response
r.stripe.com/ Frame 3A84 0
211 B 439ms
233ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-6cdf97bbd312f19b58ba5eb7badeb3f8.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-proxy-response: upstream
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-origin: https://js.stripe.com
x-stripe-server-rpc-duration-micros: 2690
content-length: 0
date: Mon, 20 Oct 2025 20:18:06 GMT
content-type: text/plain
server: nginx

POST
H2 200 / Show response
moxy.read.ai/track/ 25 B
452 B 563ms
263ms XHR
application/json 18.213.87.253
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://moxy.read.ai/track/?verbose=1&ip=1&_=1760991487857

Requested by

Host: app.read.ai
URL: https://app.read.ai/assets/main-C8ydukrU.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.213.87.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-213-87-253.compute-1.amazonaws.com

Software

nginx/1.29.0 /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://app.read.ai/

Response headers

strict-transport-security: max-age=604800; includeSubDomains
access-control-max-age: 1728000
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
x-envoy-upstream-service-time: 18
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
access-control-allow-origin: https://app.read.ai
alt-svc: clear
content-length: 25
date: Mon, 20 Oct 2025 20:18:08 GMT
content-type: application/json
server: nginx/1.29.0
access-control-allow-headers: X-Requested-With, X-Amzn-Trace-Id, Content-Type

Verdicts & Comments Add Verdict or Comment

48 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.read.ai/	1969-12-31 23:59:59	Name: readCsrfToken Value: PbwxIt2AYmukZk0XBC7ZGMYOoTW8BwpI5SCYL2KKdVw72QYgD3B2ioauKJvYkkYW
.app.read.ai/	1970-01-21 17:55:27	Name: mp_68e743b21f2eb5cbbfd12657136457ad_mixpanel Value: %7B%22distinct_id%22%3A%22%24device%3A0efae185-829e-45ce-854f-b603513ccd78%22%2C%22%24device_id%22%3A%220efae185-829e-45ce-854f-b603513ccd78%22%2C%22%24initial_referrer%22%3A%22%24direct%22%2C%22%24initial_referring_domain%22%3A%22%24direct%22%2C%22__mps%22%3A%7B%7D%2C%22__mpso%22%3A%7B%22%24initial_referrer%22%3A%22%24direct%22%2C%22%24initial_referring_domain%22%3A%22%24direct%22%7D%2C%22__mpus%22%3A%7B%7D%2C%22__mpa%22%3A%7B%7D%2C%22__mpu%22%3A%7B%7D%2C%22__mpr%22%3A%5B%5D%2C%22__mpap%22%3A%5B%5D%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F141.0.0.0%20Safari%2F537.36%22%2C%22client_app%22%3A%22browser%22%7D
app.read.ai/	1969-12-31 23:59:59	Name: msal.cache.encryption Value: %7B%22id%22%3A%22019a0345-982a-7f69-aae2-0f6d6aebefb1%22%2C%22key%22%3A%22cgSHL4RKOID4ZKmh4caQr5Knq0_W5nNlDRYXpVlroow%22%7D
.read.ai/	1970-01-21 18:45:51	Name: _ga_2Y1H5ZJMBK Value: GS2.1.s1760991483$o1$g0$t1760991483$j60$l0$h0
.read.ai/	1970-01-21 18:45:51	Name: _ga Value: GA1.1.487472678.1760991484
.read.ai/	1970-01-21 13:29:03	Name: g_state Value: {"i_l":0,"i_ll":1760991484905,"i_b":"z5ZoeVjVd7Vz8WZY3d1KrsUrcA96Ih0KeG9ByFuzBP8"}
m.stripe.com/	1970-01-21 18:45:51	Name: m Value: 2aa368db-5bca-4b73-8802-67570a5162d9231bd8
.app.read.ai/	1970-01-21 17:55:27	Name: __stripe_mid Value: cfbaa64f-1921-45d1-b8cf-409665920658d7e325
.app.read.ai/	1970-01-21 09:09:53	Name: __stripe_sid Value: ebaf4642-9843-4159-9627-2107ded983a4f5063b

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.read.ai/users/me Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://api.read.ai/users/me Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://api.read.ai/users/me/token Message: Failed to load resource: the server responded with a status of 401 ()
other	error	URL: https://app.read.ai/analytics/signin?redirectTo=https%3A%2F%2Fapp.read.ai%2Fanalytics%2Fsettings%2Fuser%2Femail Message: Provider's accounts list is empty.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .read.ai; style-src 'self' accounts.google.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' snap.licdn.com .redditstatic.com connect.facebook.net .cookiebot.com .gstatic.com gstatic.com .google.com .googletagmanager.com .stripe.com .zdassets.com static.cloudflareinsights.com 'unsafe-inline'; connect-src 'self' blob: stats.g.doubleclick.net www.redditstatic.com .reddit.com .google.com .google-analytics.com .googletagmanager.com .read.ai blob: .googleapis.com featureassets.org prodregistryv2.org assetsconfigcdcn.org .sentry.io .zdassets.com .zendesk.com res.cdn.office.net beyondwickedmapping.org cloudflare-dns.com statsigapi.net px.ads.linkedin.com .run.app conversionsapigateway.com .cookiebot.com .facebook.com login.microsoftonline.com graph.microsoft.com onedrive.live.com; img-src 'self' blob: data: .read.ai .linkedin.com .facebook.com connect.facebook.net .reddit.com reddit.com .google-analytics.com .googletagmanager.com www.google.com px.ads.linkedin.com s3.amazonaws.com .atlassian.net 'unsafe-inline'; media-src 'self' blob: data: .read.ai download-video.akamaized.net player.vimeo.com read.ai readai-assets-production.s3.amazonaws.com; worker-src 'self' blob: data: .read.ai; base-uri 'self'; font-src fonts.gstatic.com; form-action 'self' .facebook.com .read.ai .sharepoint.com .live.com; frame-ancestors 'self' app.hubspot.com teams.microsoft.com .teams.microsoft.com .cloud.microsoft .skype.com login.microsoftonline.com .twitter.com twitter.com .x.com x.com meet.google.com .meet.google.com .live.com; frame-src 'self' consentcdn.cookiebot.com .facebook.com .google.com content.googleapis.com .stripe.com player.vimeo.com login.microsoftonline.com .live.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.google.com
api.read.ai
app.read.ai
consent.cookiebot.com
consentcdn.cookiebot.com
ekr.zdassets.com
featureassets.org
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
moxy.read.ai
o992397.ingest.sentry.io
prodregistryv2.org
r.stripe.com
readinc.zendesk.com
static.zdassets.com
stats.g.doubleclick.net
u25608997.ct.sendgrid.net
www.google.com
www.googletagmanager.com
142.250.31.84
142.251.111.95
142.251.16.100
142.251.16.94
142.251.167.154
142.251.167.97
151.101.128.176
151.101.64.176
172.253.63.106
18.116.152.91
18.213.87.253
184.24.67.161
216.198.53.3
216.198.54.6
23.212.251.22
3.171.100.83
34.120.195.249
34.128.128.0
34.237.127.53
35.163.50.127
54.187.159.182
068c9d71a7822d4a36f2fad53743b48cd37cb901a74f81112d1015b54a2fec58
09fc998a0ebb491fbf96911b6a391033b76f53ab9f73e8d0338182683f90b12e
0ab2885e9e573ff21add3a68a55aea39bddbad6dc144b5ee496d8c908f2b38a0
1dd49afc07fb2231b2ff686cbf007725fb2742271bb1f28ebd98f22a0d817343
21e3f2c31ba605a773a378d10e5d2921725192937933583f291cf2b3b2f2376b
265e664581a68b2e2e4c1bf7b76406e9f3fecf63d1b60ccdfaf475bb8f9297be
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
362699d56d9c7d945e1a99175423b359f2aebb6461d03135f80822347b345de3
36cd7308f5141e7e2be67a3090ba479012d3e16a1b8e4a8456874caddd3dbf98
3786181b1a6bdea885939bd26c746bbc01b3ce4610d4c6aabc09f1d450e14632
39c2009dd33c30b7d01dcd22b2b1f4595099eff186c394fdb3572042ec163354
3ceb3d73867b1e6b7afd0ab69e54fc13efa43802621d11d59582e04f477012ff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
449a05234c179f92cedda0b99b2f16d311214393fcae0313dcd39f228d7c624f
4a226df4c13be41c0807277803a18adef203bafcd6aeb9c93b587fa2712f6599
4a5304aff1c7abc5f9ad20a118d2ba83d084ae578aea0f9c155478797e0cc961
519cfe5aca1043a6c39982e4072fd0a7d96d56d44fa8d52ee0e95e2d410b7f62
54f3a15767f27295314aaa24214fb75611ea8548c959d03c0ab056f6fb02fb40
6de849c4fd2c1f6ababf48644d8583d018349ec63024b7e9580f055ecce3a831
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
7f5f2e0a6fc0a0f7f2e885c144f4dcb3f4e127c9f01a0806908277918414ebb6
80cf3eff33e885c488a0ed496dbaf8239302d5fb99a1543d0a1c23aed97602ca
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
896c1bb45f850a29b0b4621be2bd27c072d7c6386e293782cbf2c1dfe29fb353
90b34db5140a34fe71f082885a7f7d302369ec7c58f8421ae9648514712bf6cc
91ab22dea7363fd24f310c4b1bf3e7b3686c8850d7833824442efec197b5e581
92844e6b1ad5890a9e5e4b9dfb7abdb37dca64e8ca7365052c9d2fc8103c349d
9475cf731ce7ff125deb1c0124077fe051c598d90c7d2bde98a88520946371c3
96f90aa8c0e02a0f852219314988faf9d4fc0782989a30022a3c9226f878ea79
a45935de74ef635a8e48dc4054b5802f8310f6f59a0fc6e2bc580df4f101c801
a473a4904271224952171174c2c41740a9f60ab2c10a561f3210c793522bde54
b6340dafb04c6f65a70acde917656606b3062ef4d8d56cf52c7d4acc7d4789c6
b9cc9a0c33e8f0a92ae6b066dffd5f6f1dbb8da33010b8898297e44e4a66334a
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
ba4873cec6f062aaaf5bb61171c0501f65b579d1b50334f8c6c897a28269f199
c3e606051dc0106a9e30d26f110dbb1b835f7a7f2042caa0622ff01f13ef7e5e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cd415bf7ffc6e5bc56070c39fcf7bbd4a4c3e6bfd142cb44b9346f8663db3b26
cfec9feffbcc0dabaa0f92491e3609eeb1e9bc8d17625cd7f043be03b609c812
d165a255b3eaaabe0c473fd9ad2d9c91814b431a655e8b5449599e7813087e19
d46d54aca0f0344e1d99e475ddb37760ccca0c7a3bb179b2374aed9eb4525222
d62d0049117cfbfb93b2968b2e3a2867092feecb6e06ac1df35b254be9e684f0
d7ba610864f55019010a006c2d14b01be139ce51d372894e7b992d5e7e9eaa62
dbed5490e250db65cb9b491cb79970465c33900df73592cf3595b19ef4e163bc
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61a70499c45e64179d0bff47f55571c7ea94ea2d5d0a246f587aec11c39dc3c
e6cfe1775ac47b232aba1bd67631e8e9923580a30477d992094c1f87e55802b7
e7bc1c531e38c4b4426fc517ea855844f31a5d8bf1c6ff7a45e32eb92dbfad6b
e871bb71bfb534927f5f7f31383d04d01deebbeb180d40ed5f8d344794e2616d
ee80d649f7214975419d02e01ed7b4f823303393186efe495284cfafc8afd35d
f2a8a36c74c59cfbe7a73d441cfd180ca6e6a9942a74ef9b240191d1c6056a59
f30a2f101b045d24748cdbb5e2082e3216ae8ecfcc2f091af638786d3eced120
f80c7a28c7780081af8b273543b91fc9a1f29fbe2891e5f67218e4952bd2154a
f827579163615640da9151a9071aae4b19c20ba519b955afe9edf99274898fd9
f85f207aaf9d17df0c624cbc1f19b58a223b1bf6a9526830d48c58ceb573596e

app.read.ai Open in urlscan Pro 3.171.100.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

0 %IPv6

15 Domains

23 Subdomains

21 IPs

1 Countries

4402 kBTransfer

13344 kBSize

9 Cookies

19 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.read.ai Open in urlscan Pro
3.171.100.83 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

0 %
IPv6

15
Domains

23
Subdomains

21
IPs

1
Countries

4402 kB
Transfer

13344 kB
Size

9
Cookies

66 HTTP transactions
2 data transactions