app.btscoach.com Open in urlscan Pro
5.2.19.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.btscoach.com/
Effective URL:
https://app.btscoach.com/users/sign_in
Submission: On November 23 via manual (November 23rd 2018, 2:00:26 pm UTC) from US

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 25 HTTP transactions. The main IP is 5.2.19.26, located in Southampton, United Kingdom and belongs to SERVERHOUSE, GB. The main domain is app.btscoach.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on November 19th 2018. Valid for: a year.

This is the only time app.btscoach.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	5.2.19.26 5.2.19.26	21472 (SERVERHOUSE) (SERVERHOUSE)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
2	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
25	4

22 5.2.19.26 (Southampton, United Kingdom) 1 redirects

ASN21472 (SERVERHOUSE, GB)

app.btscoach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	btscoach.com 1 redirects app.btscoach.com	836 KB
2	google-analytics.com www.google-analytics.com	17 KB
2	fontawesome.com use.fontawesome.com	17 KB
25	3

	Domain	Requested by
22	app.btscoach.com	1 redirects app.btscoach.com
2	www.google-analytics.com	app.btscoach.com
2	use.fontawesome.com	app.btscoach.com
25	3

This site contains no links.

Subject Issuer	Validity	Valid
*.btscoach.com Entrust Certification Authority - L1K	`2018-11-19` - `2019-11-19`	a year	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2018-09-17` - `2019-11-21`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-10-30` - `2019-01-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://app.btscoach.com/users/sign_in
Frame ID: DA957A152A19A32BFFB3FCFAB4220E38
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://app.btscoach.com/ HTTP 302
http://app.btscoach.com/users/sign_in HTTP 307
https://app.btscoach.com/users/sign_in Page URL

Detected technologies

TinyMCE (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

env /^tinyMCE$/i

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /authenticity_token/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /authenticity_token/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

25
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

867 kB
Transfer

3111 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app.btscoach.com/ HTTP 302
http://app.btscoach.com/users/sign_in HTTP 307
https://app.btscoach.com/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set sign_in Show response
app.btscoach.com/users/
Redirect Chain

https://app.btscoach.com/
http://app.btscoach.com/users/sign_in
https://app.btscoach.com/users/sign_in

6 KB
5 KB

58ms
58ms

Document
text/html

5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.btscoach.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

a9f72d80dd56cce98c340e02a693371acf42bee4bc655f50541620113956df54

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: app.btscoach.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Cookie: _coach_in_a_box_session=aFkrSUhIallQcStQUFBwek1sTHlrU0d6VU9aM2NUeWczbUFGL3VybnZvemllQ2RHejZESzVZMVVnVzVjeDgxMlluWDdwSEtVcnBNYnV1cUZPOXhrL0xFeW5JNkdXaEVWSjZNY2MyZzJHVkxLZlV6bis1cFJtMHVJTUd5c0hTRG45azNnK2xVVURiRUtZOWlHYUE3ZnAzTTF1SVF5TS9xM20xOXJaQ2RyclFoZFZZRFJhdU1UcVhyT3MyY0NaMGhLLS1XWkdsanFPMXI0QWo1TjFIOTFydFV3PT0%3D--6d9048552b096aaed57999c4fbb927254b14ab7e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx
Date: Fri, 23 Nov 2018 14:00:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2601
Connection: keep-alive
Cache-Control: must-revalidate, private, max-age=0
X-XSS-Protection: 1; mode=block 1; mode=block
X-Request-Id: 4e18cc4b-ad0c-44f1-953f-84b863e581a6
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-Content-Type-Options: nosniff nosniff
X-Rack-Cache: miss
Set-Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223; path=/; expires=Sat, 24 Nov 2018 14:00:10 -0000; HttpOnly
ETag: W/"a9f72d80dd56cce98c340e02a693371a-gzip"
Status: 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=86400; includeSubdomains;
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Access-Control-Request-Method: *

Redirect headers

Location: https://app.btscoach.com/users/sign_in
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK googleapis_fonts-eb9b30244c323fedd13b9d3286b353ee091560169ff67d6aac0c55c7e915dfa4.css
app.btscoach.com/assets/ 5 KB
2 KB 27ms
26ms Stylesheet
text/css 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.btscoach.com/assets/googleapis_fonts-eb9b30244c323fedd13b9d3286b353ee091560169ff67d6aac0c55c7e915dfa4.css

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

eb9b30244c323fedd13b9d3286b353ee091560169ff67d6aac0c55c7e915dfa4

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://app.btscoach.com/users/sign_in
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Request-Method: *
Strict-Transport-Security: max-age=86400; includeSubdomains;
Content-Length: 524
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 15 Sep 2017 14:07:45 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "1273-5593aeac04e40-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Connection: keep-alive
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H/1.1 200
OK screen-51d925062e5550afaaa2649006c02797e68f59bfb2cf815e63e5d53641e939a6.css
app.btscoach.com/assets/ 143 KB
29 KB 87ms
59ms Stylesheet
text/css 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.btscoach.com/assets/screen-51d925062e5550afaaa2649006c02797e68f59bfb2cf815e63e5d53641e939a6.css

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

51d925062e5550afaaa2649006c02797e68f59bfb2cf815e63e5d53641e939a6

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://app.btscoach.com/users/sign_in
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Request-Method: *
Strict-Transport-Security: max-age=86400; includeSubdomains;
Content-Length: 27499
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 05 Nov 2018 11:29:13 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "23aac-579e931c6b440-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Connection: keep-alive
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H/1.1 200
OK application-c69d53710f8cf50dfb7085a2652bf99bbe2b9c756bcccaafb228387364761ce5.css
app.btscoach.com/assets/ 194 KB
39 KB 207ms
123ms Stylesheet
text/css 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.btscoach.com/assets/application-c69d53710f8cf50dfb7085a2652bf99bbe2b9c756bcccaafb228387364761ce5.css

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff58ad6054685d25a5cfe8cc2c33086eafbbd95345f556ce3a6cfa79a1350e05

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://app.btscoach.com/users/sign_in
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Request-Method: *
Strict-Transport-Security: max-age=86400; includeSubdomains;
Content-Length: 38287
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 05 Nov 2018 11:29:13 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "3074a-579e931c6b440-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Connection: keep-alive
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H/1.1 200
OK jquery-ui-1.10.3.custom.min-855af50b30905b29cc6dc0a222df6718cfdebe755efed4e7ae3cbb086f30f6d2.css
app.btscoach.com/assets/jquery-ui/smoothness/ 26 KB
7 KB 151ms
67ms Stylesheet
text/css 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.btscoach.com/assets/jquery-ui/smoothness/jquery-ui-1.10.3.custom.min-855af50b30905b29cc6dc0a222df6718cfdebe755efed4e7ae3cbb086f30f6d2.css

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

855af50b30905b29cc6dc0a222df6718cfdebe755efed4e7ae3cbb086f30f6d2

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://app.btscoach.com/users/sign_in
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Request-Method: *
Strict-Transport-Security: max-age=86400; includeSubdomains;
Content-Length: 5314
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 15 Sep 2017 14:07:45 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "6985-5593aeac04e40-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Connection: keep-alive
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H/1.1 200
OK jquery.autocomplete-ffbc4d675193403ff99f05310040d34fb4765bd1551bf3d8fa099f71e2ed8c07.css
app.btscoach.com/assets/ 463 B
2 KB 149ms
64ms Stylesheet
text/css 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.btscoach.com/assets/jquery.autocomplete-ffbc4d675193403ff99f05310040d34fb4765bd1551bf3d8fa099f71e2ed8c07.css

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

ffbc4d675193403ff99f05310040d34fb4765bd1551bf3d8fa099f71e2ed8c07

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://app.btscoach.com/users/sign_in
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Request-Method: *
Strict-Transport-Security: max-age=86400; includeSubdomains;
Content-Length: 291
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 15 Sep 2017 14:07:45 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "1cf-5593aeac04e40-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Connection: keep-alive
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H/1.1 200
OK jquery.tree-5c50d399d6543f29be8a5d0e20e5d1f00365db3827e063c1fcf5f4c57c5ed66c.css
app.btscoach.com/assets/ 624 B
2 KB 148ms
63ms Stylesheet
text/css 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.btscoach.com/assets/jquery.tree-5c50d399d6543f29be8a5d0e20e5d1f00365db3827e063c1fcf5f4c57c5ed66c.css

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

5c50d399d6543f29be8a5d0e20e5d1f00365db3827e063c1fcf5f4c57c5ed66c

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://app.btscoach.com/users/sign_in
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Request-Method: *
Strict-Transport-Security: max-age=86400; includeSubdomains;
Content-Length: 269
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 15 Sep 2017 14:07:45 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "270-5593aeac04e40-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Connection: keep-alive
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
S 200 v4-shims.css
use.fontawesome.com/releases/v5.2.0/css/ 26 KB
5 KB 16ms
15ms Stylesheet
text/css 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/v4-shims.css
Requested by: Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a87ada0ef6e37011f09cfd265e2fd4571edff7c7c981b20cdd9946ef616b06db

Request headers

Referer: https://app.btscoach.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 23 Nov 2018 14:00:10 GMT
content-encoding: gzip
last-modified: Mon, 23 Jul 2018 17:07:01 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"4ee3c6f5911f21e55fef7b98b80c06f4"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
S 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
12 KB 15ms
14ms Stylesheet
text/css 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://app.btscoach.com/
Origin: https://app.btscoach.com

Response headers

date: Fri, 23 Nov 2018 14:00:10 GMT
content-encoding: gzip
last-modified: Mon, 23 Jul 2018 17:06:58 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H/1.1 200
OK application-b2645dc18f22376f2a42258eca7c3befb105a8edd6188a9b31738bc0d5a69a87.js Show response
app.btscoach.com/assets/ 2 MB
547 KB 207ms
121ms Script
application/javascript 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.btscoach.com/assets/application-b2645dc18f22376f2a42258eca7c3befb105a8edd6188a9b31738bc0d5a69a87.js

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

b2645dc18f22376f2a42258eca7c3befb105a8edd6188a9b31738bc0d5a69a87

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://app.btscoach.com/users/sign_in
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Access-Control-Request-Method: *
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 08 Nov 2018 11:00:08 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "252e3f-57a25234a3e00-gzip"
Strict-Transport-Security: max-age=86400; includeSubdomains;
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H/1.1 200
OK BTS_Coach_Logo_White-9aa0463ad26662b8376610a050e47405a17b241a48f4a8d95d58da3181ee5778.png
app.btscoach.com/assets/ 43 KB
45 KB 26ms
26ms Image
image/png 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.btscoach.com/assets/BTS_Coach_Logo_White-9aa0463ad26662b8376610a050e47405a17b241a48f4a8d95d58da3181ee5778.png

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

9aa0463ad26662b8376610a050e47405a17b241a48f4a8d95d58da3181ee5778

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://app.btscoach.com/users/sign_in
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:10 GMT
Access-Control-Request-Method: *
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43633
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 12 Mar 2018 16:23:26 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "aa71-567398fbedb80"
Strict-Transport-Security: max-age=86400; includeSubdomains;
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H/1.1 200
OK print-079d1d3a554794c56c4782cdc54f815a379bb9f942afacf53ee4571ff0cc5f64.css
app.btscoach.com/assets/ 5 KB
4 KB 36ms
35ms Stylesheet
text/css 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.btscoach.com/assets/print-079d1d3a554794c56c4782cdc54f815a379bb9f942afacf53ee4571ff0cc5f64.css

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

079d1d3a554794c56c4782cdc54f815a379bb9f942afacf53ee4571ff0cc5f64

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://app.btscoach.com/users/sign_in
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Request-Method: *
Strict-Transport-Security: max-age=86400; includeSubdomains;
Content-Length: 1965
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 05 Apr 2018 20:05:35 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "1532-5691f766841c0-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Connection: keep-alive
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H/1.1 200
OK select2.css
app.btscoach.com/assets/ 15 KB
4 KB 56ms
55ms Stylesheet
text/css 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.btscoach.com/assets/select2.css

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

45688abf1f7b9c3ae56902596c67e27bc1b59cf082702f7abc2483b51cbdbc64

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://app.btscoach.com/users/sign_in
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Status: 200 OK
X-Content-Digest: 78cc1a6ff5ab91409d1be99fd10f6a1f2d707d6b
Connection: keep-alive
Strict-Transport-Security: max-age=86400; includeSubdomains;
Vary: Accept-Encoding
Content-Length: 1984
Access-Control-Request-Method: *
X-Request-Id: 6f03daeb-3f01-4c6a-a810-19bc5bddea5b
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
ETag: "45688abf1f7b9c3ae56902596c67e27bc1b59cf082702f7abc2483b51cbdbc64-gzip"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Cache-Control: public, must-revalidate
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
X-Rack-Cache: stale, valid, store
Access-Control-Expose-Headers: Authorization

GET
H/1.1 200
OK jquery-ui.css
app.btscoach.com/assets/ 34 KB
10 KB 83ms
82ms Stylesheet
text/css 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.btscoach.com/assets/jquery-ui.css

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

1a66ac13ac289d447a0e0044ccd7c6e5eb24396fb25ee69c69b3986f3aedcf10

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://app.btscoach.com/users/sign_in
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Status: 200 OK
X-Content-Digest: cf5ca9f797f3830930e3ad1d922d3d33e876ea04
Connection: keep-alive
Strict-Transport-Security: max-age=86400; includeSubdomains;
Vary: Accept-Encoding
Content-Length: 7745
Access-Control-Request-Method: *
X-Request-Id: b08e6fd0-7247-4a3c-a7fd-6d015fa02180
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
ETag: "1a66ac13ac289d447a0e0044ccd7c6e5eb24396fb25ee69c69b3986f3aedcf10-gzip"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Cache-Control: public, must-revalidate
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
X-Rack-Cache: stale, valid, store
Access-Control-Expose-Headers: Authorization

GET
H/1.1 200
OK bootstrap-tagsinput.css
app.btscoach.com/assets/ 925 B
3 KB 85ms
84ms Stylesheet
text/css 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.btscoach.com/assets/bootstrap-tagsinput.css

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

ea1d62cdbbada91353048b9d463104d9871763a35f4dae9730aa468939eea87e

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://app.btscoach.com/users/sign_in
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Status: 200 OK
X-Content-Digest: ede8abf3aa9db5b4fa3f630aab8ae4e0a81d18d4
Connection: keep-alive
Strict-Transport-Security: max-age=86400; includeSubdomains;
Vary: Accept-Encoding
Content-Length: 399
Access-Control-Request-Method: *
X-Request-Id: e34b0dd6-f55e-4faa-b945-2fa26db73510
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
ETag: "ea1d62cdbbada91353048b9d463104d9871763a35f4dae9730aa468939eea87e-gzip"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Cache-Control: public, must-revalidate
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
X-Rack-Cache: stale, valid, store
Access-Control-Expose-Headers: Authorization

GET
H/1.1 200
OK application.css
app.btscoach.com/assets/buginabox/ 35 KB
9 KB 55ms
54ms Stylesheet
text/css 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.btscoach.com/assets/buginabox/application.css

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

dde83f8d0dab80005022d03c130db516c2923c1db5172c2612e8f6c80e8d4559

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://app.btscoach.com/users/sign_in
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Status: 200 OK
X-Content-Digest: 4c5eceacab18adf47d6283e676e4410ea43a1196
Connection: keep-alive
Strict-Transport-Security: max-age=86400; includeSubdomains;
Vary: Accept-Encoding
Content-Length: 7075
Access-Control-Request-Method: *
X-Request-Id: f85c60cc-35ae-4fbd-b358-87e6046c8983
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
ETag: "dde83f8d0dab80005022d03c130db516c2923c1db5172c2612e8f6c80e8d4559-gzip"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Cache-Control: public, must-revalidate
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
X-Rack-Cache: stale, valid, store
Access-Control-Expose-Headers: Authorization

GET
H/1.1 200
OK application.css
app.btscoach.com/assets/progbld/ 369 B
2 KB 53ms
53ms Stylesheet
text/css 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.btscoach.com/assets/progbld/application.css

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

aab96105b6f545926c899c219353edd551e9454d2e9236d8c5768b7002386757

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://app.btscoach.com/users/sign_in
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Status: 200 OK
X-Content-Digest: 703ea8a712eb076b3c5272c0bbe60edd8f5367d5
Connection: keep-alive
Strict-Transport-Security: max-age=86400; includeSubdomains;
Vary: Accept-Encoding
Content-Length: 262
Access-Control-Request-Method: *
X-Request-Id: ff8dcbc6-7f7d-4972-98dc-1ae7ec551829
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
ETag: "aab96105b6f545926c899c219353edd551e9454d2e9236d8c5768b7002386757-gzip"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Cache-Control: public, must-revalidate
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
X-Rack-Cache: stale, valid, store
Access-Control-Expose-Headers: Authorization

GET
S 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.btscoach.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 331
date: Fri, 23 Nov 2018 13:54:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Fri, 23 Nov 2018 15:54:40 GMT

GET
H/1.1 200
OK light-pattern-3fd54d3a56ab85dc91edd997b6ccd262ecb22237b868fe6cdd3f523ffe2b9567.png
app.btscoach.com/assets/ 26 KB
28 KB 28ms
27ms Image
image/png 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.btscoach.com/assets/light-pattern-3fd54d3a56ab85dc91edd997b6ccd262ecb22237b868fe6cdd3f523ffe2b9567.png

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/assets/application-b2645dc18f22376f2a42258eca7c3befb105a8edd6188a9b31738bc0d5a69a87.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

3fd54d3a56ab85dc91edd997b6ccd262ecb22237b868fe6cdd3f523ffe2b9567

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://app.btscoach.com/assets/screen-51d925062e5550afaaa2649006c02797e68f59bfb2cf815e63e5d53641e939a6.css
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/assets/screen-51d925062e5550afaaa2649006c02797e68f59bfb2cf815e63e5d53641e939a6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:11 GMT
Access-Control-Request-Method: *
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 26697
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 15 Sep 2017 14:07:45 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "6849-5593aeac04e40"
Strict-Transport-Security: max-age=86400; includeSubdomains;
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H/1.1 200
OK latin1.woff2
app.btscoach.com/assets/ 10 KB
12 KB 47ms
47ms Font
text/plain 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.btscoach.com/assets/latin1.woff2

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/assets/application-b2645dc18f22376f2a42258eca7c3befb105a8edd6188a9b31738bc0d5a69a87.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://app.btscoach.com
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://app.btscoach.com/assets/googleapis_fonts-eb9b30244c323fedd13b9d3286b353ee091560169ff67d6aac0c55c7e915dfa4.css
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://app.btscoach.com/assets/googleapis_fonts-eb9b30244c323fedd13b9d3286b353ee091560169ff67d6aac0c55c7e915dfa4.css
Origin: https://app.btscoach.com

Response headers

Date: Fri, 23 Nov 2018 14:00:11 GMT
Access-Control-Request-Method: *
X-Content-Type-Options: nosniff
Age: 0
Status: 200 OK
X-Content-Digest: 0477e48f455cbfe729f90389d3fd8aaca6cc483b
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Connection: keep-alive
Content-Length: 10352
X-XSS-Protection: 1; mode=block
X-Request-Id: c5cc6a57-969c-41c5-878f-4f1641b9c4cc
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400; includeSubdomains;
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Cache-Control: public, must-revalidate
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
X-Rack-Cache: stale, valid, store

GET
H/1.1 200
OK pattern-overlay-transparent-65843a7246172d285571e60509889e5b10fc6d365d6435d544c4b104fe342ec7.png
app.btscoach.com/assets/ 57 KB
59 KB 50ms
50ms Image
image/png 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.btscoach.com/assets/pattern-overlay-transparent-65843a7246172d285571e60509889e5b10fc6d365d6435d544c4b104fe342ec7.png

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/assets/application-b2645dc18f22376f2a42258eca7c3befb105a8edd6188a9b31738bc0d5a69a87.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

65843a7246172d285571e60509889e5b10fc6d365d6435d544c4b104fe342ec7

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://app.btscoach.com/assets/screen-51d925062e5550afaaa2649006c02797e68f59bfb2cf815e63e5d53641e939a6.css
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/assets/screen-51d925062e5550afaaa2649006c02797e68f59bfb2cf815e63e5d53641e939a6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:11 GMT
Access-Control-Request-Method: *
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 58338
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 15 Sep 2017 14:07:45 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "e3e2-5593aeac04e40"
Strict-Transport-Security: max-age=86400; includeSubdomains;
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H/1.1 200
OK latin.woff2
app.btscoach.com/assets/ 10 KB
12 KB 44ms
44ms Font
text/plain 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.btscoach.com/assets/latin.woff2

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/assets/application-b2645dc18f22376f2a42258eca7c3befb105a8edd6188a9b31738bc0d5a69a87.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://app.btscoach.com
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://app.btscoach.com/assets/googleapis_fonts-eb9b30244c323fedd13b9d3286b353ee091560169ff67d6aac0c55c7e915dfa4.css
Cookie: _coach_in_a_box_session=UXpJdUR6TCtLOTVWYkIvMFdSNXF6TWduNTVVbDFWdVlTSHIrZWdtVFdzL0ZCY3RzRm9xMUVJSzg2N0ZLMHliS2puSldiMnBhbHMwb0JhdHZNdm5zYWRPMHNFODhEQW9NNjhyeUpkRy8ySzhOVnpMVjQrRE9mQ3ZvVVBFWEVETkw0SDNnWWhyM0RKL0JEeWg4Y21zbjRjLzNpVkd3UFRrbklWQjRMMW1sNmcvZTJyWEU2djM0bDd2eFdpTVJtc0t5SVlTT3JDcS9TRjQ5NkdKTThCMS9VMEVjVWJwS2kxcVBDN3dONlE4Q3UzT3ZrWUM5cTF6aUYzc0dMVTkwbEpFMi0tY1JEL3VtM1NUeW1xS2M3aEdtSjdsZz09--1a0d24ef14f116b747ef4fd085e6a36e58b58223
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://app.btscoach.com/assets/googleapis_fonts-eb9b30244c323fedd13b9d3286b353ee091560169ff67d6aac0c55c7e915dfa4.css
Origin: https://app.btscoach.com

Response headers

Date: Fri, 23 Nov 2018 14:00:11 GMT
Access-Control-Request-Method: *
X-Content-Type-Options: nosniff
Age: 0
Status: 200 OK
X-Content-Digest: dc7dc7c6c7307a7e0bec5f14e98a8d8ee519e4df
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Connection: keep-alive
Content-Length: 10200
X-XSS-Protection: 1; mode=block
X-Request-Id: ae26189b-a413-4f51-8ffb-009ebd007833
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400; includeSubdomains;
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Cache-Control: public, must-revalidate
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
X-Rack-Cache: stale, valid, store

GET
H/1.1 200
OK ui-bg_flat_75_ffffff_40x100.png
app.btscoach.com/assets/jquery-ui/smoothness/images/ 208 B
2 KB 40ms
39ms Image
image/png 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.btscoach.com/assets/jquery-ui/smoothness/images/ui-bg_flat_75_ffffff_40x100.png

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/assets/application-b2645dc18f22376f2a42258eca7c3befb105a8edd6188a9b31738bc0d5a69a87.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

6dd2ec5b26f008dfdba0131d727a8fd2230f1af3042b6daa3161f7f84d593783

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://app.btscoach.com/assets/jquery-ui/smoothness/jquery-ui-1.10.3.custom.min-855af50b30905b29cc6dc0a222df6718cfdebe755efed4e7ae3cbb086f30f6d2.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/assets/jquery-ui/smoothness/jquery-ui-1.10.3.custom.min-855af50b30905b29cc6dc0a222df6718cfdebe755efed4e7ae3cbb086f30f6d2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:11 GMT
Access-Control-Request-Method: *
X-Content-Type-Options: nosniff
Age: 0
Status: 200 OK
X-Content-Digest: 1b1d49190741c3fd429d6ce56f49b6ddb9be9ebd
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Connection: keep-alive
Content-Length: 208
X-XSS-Protection: 1; mode=block
X-Request-Id: 67528764-a239-403a-8d7c-1580b348771c
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "6dd2ec5b26f008dfdba0131d727a8fd2230f1af3042b6daa3161f7f84d593783"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400; includeSubdomains;
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Cache-Control: public, must-revalidate
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
X-Rack-Cache: stale, valid, store

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
H/1.1 200
OK ui-icons_222222_256x240.png
app.btscoach.com/assets/jquery-ui/smoothness/images/ 7 KB
9 KB 37ms
36ms Image
image/png 5.2.19.26
SERVERHOUSE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.btscoach.com/assets/jquery-ui/smoothness/images/ui-icons_222222_256x240.png

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/assets/application-b2645dc18f22376f2a42258eca7c3befb105a8edd6188a9b31738bc0d5a69a87.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.2.19.26 Southampton, United Kingdom, ASN21472 (SERVERHOUSE, GB),

Reverse DNS

Software

nginx /

Resource Hash

3b1ac036763d3a59c88578486ae698d22a37dd2d46a553485e1eabb9fe255b3f

Security Headers

Name	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.btscoach.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://app.btscoach.com/assets/jquery-ui/smoothness/jquery-ui-1.10.3.custom.min-855af50b30905b29cc6dc0a222df6718cfdebe755efed4e7ae3cbb086f30f6d2.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://app.btscoach.com/assets/jquery-ui/smoothness/jquery-ui-1.10.3.custom.min-855af50b30905b29cc6dc0a222df6718cfdebe755efed4e7ae3cbb086f30f6d2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 23 Nov 2018 14:00:11 GMT
Access-Control-Request-Method: *
X-Content-Type-Options: nosniff
Age: 0
Status: 200 OK
X-Content-Digest: 692a53cad7f748bc7b691b98b9116ce3269cd22b
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Connection: keep-alive
Content-Length: 6922
X-XSS-Protection: 1; mode=block
X-Request-Id: 5d282cf1-b4d1-466d-a0f9-4eec12f8ce8c
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "3b1ac036763d3a59c88578486ae698d22a37dd2d46a553485e1eabb9fe255b3f"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400; includeSubdomains;
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Cache-Control: public, must-revalidate
Content-Security-Policy: default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://*.coachinabox.biz wss://*.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
X-Rack-Cache: stale, valid, store

GET
S 200 collect
www.google-analytics.com/r/ 35 B
101 B 14ms
14ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1759382668&t=pageview&_s=1&dl=https%3A%2F%2Fapp.btscoach.com%2Fusers%2Fsign_in&ul=en-us&de=UTF-8&dt=BTS%20Coach&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=15802219&gjid=1590877814&cid=973259547.1542981611&tid=UA-69645310-1&_gid=730758874.1542981611&_r=1&z=500630900

Requested by

Host: app.btscoach.com
URL: https://app.btscoach.com/users/sign_in

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.btscoach.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Nov 2018 14:00:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.btscoach.com/	1970-01-18 20:37:48	Name: _gid Value: GA1.2.730758874.1542981611
.btscoach.com/	1970-01-18 20:36:21	Name: _gat Value: 1
.btscoach.com/	1970-01-19 14:07:33	Name: _ga Value: GA1.2.973259547.1542981611

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://cdn.rawgit.com https://jawj.github.io https://www.google.com/jsapi https://maps.google.com https://maps.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://use.fontawesome.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://csi.gstatic.com https://www.google-analytics.com https://maps.gstatic.com https://maps.google.com https://cdn.rawgit.com https://raw.githubusercontent.com https://ciab-twelve-shifts-decks-live.s3.amazonaws.com https://coach-in-a-box-private-document-library.s3.amazonaws.com http://coach-in-a-box-public-docs.s3.amazonaws.com https://coach-in-a-box-public-docs.s3.amazonaws.com; font-src 'self' data: https://use.fontawesome.com https://fonts.gstatic.com; media-src 'self'; connect-src 'self' wss://.coachinabox.biz wss://.btscoach.com; object-src 'self'; frame-ancestors 'self' https://hpgrow.btscoach.com https://my.btscoach.com https://my-demo1.btscoach.com https://my-demo2.btscoach.com https://coachtest1.btspulse.com https://coachtest2.btspulse.com;
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.btscoach.com
use.fontawesome.com
www.google-analytics.com
23.111.9.35
2a00:1450:4001:81a::200e
5.2.19.26
079d1d3a554794c56c4782cdc54f815a379bb9f942afacf53ee4571ff0cc5f64
1a66ac13ac289d447a0e0044ccd7c6e5eb24396fb25ee69c69b3986f3aedcf10
3b1ac036763d3a59c88578486ae698d22a37dd2d46a553485e1eabb9fe255b3f
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3fd54d3a56ab85dc91edd997b6ccd262ecb22237b868fe6cdd3f523ffe2b9567
45688abf1f7b9c3ae56902596c67e27bc1b59cf082702f7abc2483b51cbdbc64
51d925062e5550afaaa2649006c02797e68f59bfb2cf815e63e5d53641e939a6
5c50d399d6543f29be8a5d0e20e5d1f00365db3827e063c1fcf5f4c57c5ed66c
65843a7246172d285571e60509889e5b10fc6d365d6435d544c4b104fe342ec7
6dd2ec5b26f008dfdba0131d727a8fd2230f1af3042b6daa3161f7f84d593783
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
855af50b30905b29cc6dc0a222df6718cfdebe755efed4e7ae3cbb086f30f6d2
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
9aa0463ad26662b8376610a050e47405a17b241a48f4a8d95d58da3181ee5778
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8
a87ada0ef6e37011f09cfd265e2fd4571edff7c7c981b20cdd9946ef616b06db
a9f72d80dd56cce98c340e02a693371acf42bee4bc655f50541620113956df54
aab96105b6f545926c899c219353edd551e9454d2e9236d8c5768b7002386757
b2645dc18f22376f2a42258eca7c3befb105a8edd6188a9b31738bc0d5a69a87
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
dde83f8d0dab80005022d03c130db516c2923c1db5172c2612e8f6c80e8d4559
ea1d62cdbbada91353048b9d463104d9871763a35f4dae9730aa468939eea87e
eb9b30244c323fedd13b9d3286b353ee091560169ff67d6aac0c55c7e915dfa4
ff58ad6054685d25a5cfe8cc2c33086eafbbd95345f556ce3a6cfa79a1350e05
ffbc4d675193403ff99f05310040d34fb4765bd1551bf3d8fa099f71e2ed8c07

app.btscoach.com Open in urlscan Pro 5.2.19.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

867 kBTransfer

3111 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

app.btscoach.com Open in urlscan Pro
5.2.19.26 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

867 kB
Transfer

3111 kB
Size

3
Cookies

25 HTTP transactions
1 data transactions