jotopr.com Open in urlscan Pro
2606:4700:3032::6818:71d2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mx8.inboxgateway.com/ec/c/58987184-33712-0-190992
Effective URL:
https://jotopr.com/team/karla-jo-helms/
Submission Tags: phishing malicious Search All
Submission: On January 07 via api (January 7th 2021, 7:12:45 pm UTC) from US

Summary HTTP 84 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 25 domains to perform 84 HTTP transactions. The main IP is 2606:4700:3032::6818:71d2, located in United States and belongs to CLOUDFLARENET, US. The main domain is jotopr.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 29th 2020. Valid for: a year.

This is the only time jotopr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	107.181.94.102 107.181.94.102	55106 (DATACATE-AS1) (DATACATE-AS1)
11	2606:4700:303... 2606:4700:3032::6818:71d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
2	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	104.245.4.12 104.245.4.12	33561 (LUNAVI-WY) (LUNAVI-WY)
5	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	174.138.190.165 174.138.190.165	19318 (IS-AS-1) (IS-AS-1)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	65.9.7.36 65.9.7.36	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7fab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:74b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eecc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.7.13 65.9.7.13	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.7.125 65.9.7.125	16509 (AMAZON-02) (AMAZON-02)
1	52.19.70.84 52.19.70.84	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
84	29

1 107.181.94.102 (Rancho Cordova, United States) 1 redirects

ASN55106 (DATACATE-AS1, US)

mx8.inboxgateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3032::6818:71d2 (United States)

ASN13335 (CLOUDFLARENET, US)

jotopr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.245.4.12 (Canada)

ASN33561 (LUNAVI-WY, US)

track.cbdatatracker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 174.138.190.165 (Ridgefield Park, United States)

ASN19318 (IS-AS-1, US)

leadtracker.melenlab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7fab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.13 (Seattle, United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.125 (Seattle, United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.70.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-70-84.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	jotopr.com jotopr.com	502 KB
7	google.de www.google.de	795 B
6	facebook.com www.facebook.com	919 B
6	facebook.net connect.facebook.net	292 KB
5	hubspot.com forms.hubspot.com api.hubspot.com app.hubspot.com track.hubspot.com	3 KB
5	google.com www.google.com	465 B
5	gstatic.com fonts.gstatic.com www.gstatic.com	54 KB
5	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	5 KB
5	googleadservices.com 2 redirects www.googleadservices.com	37 KB
5	googletagmanager.com www.googletagmanager.com	191 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	61 KB
4	melenlab.com leadtracker.melenlab.com	41 KB
4	googleapis.com fonts.googleapis.com	2 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	licdn.com snap.licdn.com	4 KB
1	hs-scripts.com js.hs-scripts.com	993 B
1	hubapi.com api.hubapi.com	709 B
1	usemessages.com js.usemessages.com	20 KB
1	hs-analytics.net js.hs-analytics.net	18 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hscollectedforms.net js.hscollectedforms.net	25 KB
1	hs-banner.com js.hs-banner.com	14 KB
1	cbdatatracker.com track.cbdatatracker.com	246 B
1	inboxgateway.com 1 redirects mx8.inboxgateway.com	257 B
84	25

	Domain	Requested by
11	jotopr.com	jotopr.com
7	www.google.de	jotopr.com
6	www.facebook.com	jotopr.com connect.facebook.net
6	connect.facebook.net	jotopr.com connect.facebook.net
5	www.google.com	jotopr.com
5	www.googleadservices.com	2 redirects jotopr.com www.googletagmanager.com
5	www.googletagmanager.com	jotopr.com js.hsadspixel.net www.googletagmanager.com
4	leadtracker.melenlab.com	www.googletagmanager.com leadtracker.melenlab.com
4	fonts.googleapis.com	jotopr.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	googleads.g.doubleclick.net	www.googleadservices.com
2	api.hubspot.com	js.usemessages.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	px.ads.linkedin.com	1 redirects jotopr.com
2	snap.licdn.com	www.googletagmanager.com js.hsadspixel.net
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
1	track.hubspot.com
1	js.hs-scripts.com	js.hs-analytics.net
1	api.hubapi.com	js.hsadspixel.net
1	app.hubspot.com	js.usemessages.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	forms.hubspot.com	js.hscollectedforms.net
1	script.hotjar.com	static.hotjar.com
1	js.usemessages.com	jotopr.com
1	js.hs-analytics.net	jotopr.com
1	js.hsadspixel.net	jotopr.com
1	js.hscollectedforms.net	jotopr.com
1	js.hs-banner.com	jotopr.com
1	static.hotjar.com	jotopr.com
1	www.linkedin.com	1 redirects
1	track.cbdatatracker.com	jotopr.com
1	mx8.inboxgateway.com	1 redirects
84	34

This site contains links to these domains. Also see Links.

Domain
ifyoumarkettheywillcome.com
twitter.com
www.facebook.com
www.linkedin.com
www.instagram.com
staging.jotopr.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-29` - `2021-10-28`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
track.cbdatatracker.com RapidSSL RSA CA 2018	`2020-03-20` - `2021-04-19`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
leadtracker.melenlab.com cPanel, Inc. Certification Authority	`2020-12-31` - `2021-03-31`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://jotopr.com/team/karla-jo-helms/
Frame ID: B1B3C1FE680A448426B1010D99927784
Requests: 81 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 918A59ED34E61493CFF74F2D2CE43FDD
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/6588395/threads/utk/6beceede40d5414fba72d35b6806352a?uuid=1bd2b51e7455433f9102479ee96639fc&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=jotopr.com&inApp53=false&messagesUtk=6beceede40d5414fba72d35b6806352a&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: C051949F8BB0C5D42FBE68D44B98C346
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mx8.inboxgateway.com/ec/c/58987184-33712-0-190992 HTTP 302
https://jotopr.com/team/karla-jo-helms/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

84
Requests

100 %
HTTPS

74 %
IPv6

25
Domains

34
Subdomains

29
IPs

6
Countries

1294 kB
Transfer

4393 kB
Size

4
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://ifyoumarkettheywillcome.com/category/if-you-market-podcast/
Title: If You Market Podcast

Search URL Search Domain Scan URL

URL: https://twitter.com/jotopr

Search URL Search Domain Scan URL

URL: https://www.facebook.com/jotoextremepr/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/joto-pr

Search URL Search Domain Scan URL

URL: https://www.instagram.com/jotopr/

Search URL Search Domain Scan URL

URL: https://staging.jotopr.com/privacy-policy/
Title: click here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mx8.inboxgateway.com/ec/c/58987184-33712-0-190992 HTTP 302
https://jotopr.com/team/karla-jo-helms/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1020754&time=1610046746476&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1020754%26time%3D1610046746476%26url%3Dhttps%253A%252F%252Fjotopr.com%252Fteam%252Fkarla-jo-helms%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1020754&time=1610046746476&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&liSync=true

Request Chain 42

https://www.googleadservices.com/pagead/conversion/803723865/wcm?cc=ZZ&dn=8774690332&cl=UHPwCN-Tqa4BENm0n_8C&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774690332&cl=UHPwCN-Tqa4BENm0n_8C

Request Chain 45

https://www.googleadservices.com/pagead/conversion/803723865/wcm?cc=ZZ&dn=8774690332&cl=P6_uCNyd7LQBENm0n_8C&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774690332&cl=P6_uCNyd7LQBENm0n_8C

84 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
jotopr.com/team/karla-jo-helms/
Redirect Chain

https://mx8.inboxgateway.com/ec/c/58987184-33712-0-190992
https://jotopr.com/team/karla-jo-helms/

66 KB
15 KB

405ms
373ms

Document
text/html

2606:4700:3032::6818:71d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jotopr.com/team/karla-jo-helms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:71d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d72ff14325b01601c093b74392a305a31e3539c0a8de20435f023de7cea8364a

Request headers

:method: GET
:authority: jotopr.com
:scheme: https
:path: /team/karla-jo-helms/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:25 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d10af5f25514656afedbcbbbc30cd966b1610046745; expires=Sat, 06-Feb-21 19:12:25 GMT; path=/; domain=.jotopr.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding,User-Agent
last-modified: Thu, 07 Jan 2021 11:12:13 GMT
cache-control: max-age=600
expires: Thu, 07 Jan 2021 19:22:25 GMT
cf-cache-status: DYNAMIC
cf-request-id: 077fdcc31700002b41bc109000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Cta4qzBuA60lAnAXXxt2VSp3ZGglBZ2%2BORIcnx639x3FXPqYpkq5rAlAnpFN9YROVVTV%2FkKj%2B1im%2FqQK3WL8LM4MitBkq2%2B1XZfl5PYyFcZeP02vQam7"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60dffd7e7cc92b41-FRA
content-encoding: br

Redirect headers

Date: Thu, 07 Jan 2021 19:12:25 GMT
Server: Apache/2.4.25 (Debian)
Location: https://jotopr.com/team/karla-jo-helms/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 fontawesome-webfont.woff2
jotopr.com/wp-content/themes/agile-child-theme/fonts/ 75 KB
76 KB 289ms
289ms Font
font/woff2 2606:4700:3032::6818:71d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jotopr.com/wp-content/themes/agile-child-theme/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:71d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://jotopr.com
Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Oct 2020 10:36:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WGdjK7h1MfX6W4PLO8t6Glwr00vQt3o7i2UFsboBQGAwooVTMNeEgjDTE7B9tb7iaU0PIDuazkBBhOnF4q7ByVyJTg7vLUjl1q6ZtXzPsMcyE8fUtBJ9"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, s-maxage=2628000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 60dffd80cb262b41-FRA
cf-request-id: 077fdcc48100002b41cc2cb000000001
expires: Fri, 07 May 2021 19:12:25 GMT

GET
H2 200 86752cadb3e931dc7bcf98f5f9f6b142.css
jotopr.com/wp-content/cache/min/1/ 976 KB
136 KB 548ms
546ms Stylesheet
text/css 2606:4700:3032::6818:71d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jotopr.com/wp-content/cache/min/1/86752cadb3e931dc7bcf98f5f9f6b142.css
Requested by: Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:71d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c0814d87bf754e0dd1a6aa992f1fd7450a9cd5715ae05f225aaf0ccb3839100

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Jan 2021 01:05:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8gdM6ZDLY1ef0u%2BCurPBoFI20nuqYoqeKB%2FC91RcCYosFb71YYitQFv4FxI3x9o2MxsOq1zBQ8iQQCKfK6y2z8UzAQM13X7XJvyp5Tchbhk9OGDp1RS8"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, s-maxage=2628000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 60dffd80db422b41-FRA
cf-request-id: 077fdcc48700002b41bc136000000001
expires: Sat, 06 Feb 2021 19:12:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
646 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans|Open+Sans

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Jan 2021 19:11:06 GMT
server: ESF
date: Thu, 07 Jan 2021 19:12:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Jan 2021 19:12:25 GMT

GET
H2 200 jquery.min-3.5.1.js Show response
jotopr.com/wp-content/cache/busting/1/wp-includes/js/jquery/ 87 KB
30 KB 372ms
371ms Script
application/javascript 2606:4700:3032::6818:71d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jotopr.com/wp-content/cache/busting/1/wp-includes/js/jquery/jquery.min-3.5.1.js
Requested by: Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:71d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 06 Jan 2021 16:49:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FE8qELOPa0sGjh1qhB65zWq5cpdCQPEre8KDBbKbv0tw%2Fspr5u0OcRCACswADiuqGmeehMoGvsUgt2Gs1Yp%2FFgqP8L4%2FrJ11PhCiMBm03MJ0Szh4vxOA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, s-maxage=2628000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 60dffd80db432b41-FRA
cf-request-id: 077fdcc48700002b41ad84e000000001
expires: Sat, 06 Feb 2021 19:12:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-8666429-1

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c99a4730ed4e5b81301c6066a9be8fccf34522be4685b0ee8d14897c2d00433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38969
x-xss-protection: 0
last-modified: Thu, 07 Jan 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Jan 2021 19:12:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
590 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:400,500

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f0da6ae75cc1f32c2955cbd1b4b3b81e7ca3ba3fdf7c72611337d63aff484e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Jan 2021 17:35:53 GMT
server: ESF
date: Thu, 07 Jan 2021 19:12:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Jan 2021 19:12:25 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 35ms
34ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11865
x-xss-protection: 0
server: cafe
etag: 18432201170715473949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Jan 2021 19:12:25 GMT

GET
H2 200 JoTo_Logo.jpg
jotopr.com/wp-content/uploads/ 4 KB
4 KB 268ms
267ms Image
image/jpeg 2606:4700:3032::6818:71d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jotopr.com/wp-content/uploads/JoTo_Logo.jpg
Requested by: Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:71d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ece7773e71441006bafac047bf261ad42aaf3437447c574ed7a58ea74fec4d6

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 4217
cf-request-id: 077fdcc6b600002b41b6b49000000001
last-modified: Thu, 29 Oct 2020 10:46:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xcOKglsVCmLvCpso0IRvxZENc9mk6S13PzuD7E1P0CKFB1B0OenrX57vU%2FlKIvHqEk88T8pEbL3OQF3vyGw4G8hMg7iAqrzM0xnU%2FqWzRE9aBMBDfDg2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, s-maxage=2628000
accept-ranges: bytes
cf-ray: 60dffd845da92b41-FRA
expires: Fri, 07 Jan 2022 19:12:26 GMT

GET
H2 200 EX-LOGO.png
jotopr.com/wp-content/uploads/ 9 KB
9 KB 270ms
269ms Image
image/png 2606:4700:3032::6818:71d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jotopr.com/wp-content/uploads/EX-LOGO.png
Requested by: Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:71d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e037b52033992f433263bc0e5c64af7cdfea4216b06072d1ef529a9dc2c2defb

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 9392
cf-request-id: 077fdcc6e700002b41ea05d000000001
last-modified: Tue, 03 Nov 2020 06:13:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f8XHJEL9rDamxfH4kcRVJvJMXHrcv%2FFxQmGfad6gvbUS8VI6XUVf4wg%2Bq2nPvlOZTodqaz0eUKzlsDHo245M28FrYSum7kaxNFYCjE4pwPDmnmMyHF7i"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, s-maxage=2628000
accept-ranges: bytes
cf-ray: 60dffd84ae802b41-FRA
expires: Fri, 07 Jan 2022 19:12:26 GMT

GET
H2 200 lazyload.min.js Show response
jotopr.com/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/ 5 KB
2 KB 273ms
272ms Script
application/javascript 2606:4700:3032::6818:71d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jotopr.com/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js
Requested by: Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:71d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 29 Oct 2020 04:55:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zuKRjXJTvI1bY66wilSHKd2F24I1Z740drT57m0e7Z0xgMzpB2ke0EFdcyWVuz7X3F2FW8ioqyZy37rVYalG4lZ5SvapDZBaa%2B32WwZ3s0j1K85OIvZl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, s-maxage=2628000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 60dffd84ae842b41-FRA
cf-request-id: 077fdcc6e800002b41ac3b4000000001
expires: Sat, 06 Feb 2021 19:12:26 GMT

GET
H2 200 26d656b94055792cb566158fe0b2e791.js Show response
jotopr.com/wp-content/cache/min/1/ 705 KB
185 KB 549ms
548ms Script
application/javascript 2606:4700:3032::6818:71d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jotopr.com/wp-content/cache/min/1/26d656b94055792cb566158fe0b2e791.js
Requested by: Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:71d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea87d866f647540f3cf749f7536d2571de8233f5eae46057653e73cfe133538c

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Jan 2021 01:05:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2k4%2FXJO5L%2BjuYxF0BMTy8uoXoC43Lo65EiDaTTzEjsWCBxDNyQDuqA3e7uk8OvaIz7r70xGMQt%2BMcrfXMQNjgqFIBwvTBhL3hBg8RxyCckoJoIPsqevz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, s-maxage=2628000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 60dffd84ae862b41-FRA
cf-request-id: 077fdcc6e800002b4104047000000001
expires: Sat, 06 Feb 2021 19:12:26 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 3 KB
519 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900&display=swap

Requested by

Host: jotopr.com
URL: https://jotopr.com/wp-content/cache/min/1/86752cadb3e931dc7bcf98f5f9f6b142.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09d402a96813e87ea5a318659cc56043a7b8851e6103e014ffe850361f22cb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/wp-content/cache/min/1/86752cadb3e931dc7bcf98f5f9f6b142.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Jan 2021 17:56:20 GMT
server: ESF
date: Thu, 07 Jan 2021 19:12:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Jan 2021 19:12:26 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 7 KB
758 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,400italic,700,700italic&display=swap

Requested by

Host: jotopr.com
URL: https://jotopr.com/wp-content/cache/min/1/86752cadb3e931dc7bcf98f5f9f6b142.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cde9a4fc4e77ebb6182825d9627c7efc5e5bdb79403f073f75f0596661b653ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/wp-content/cache/min/1/86752cadb3e931dc7bcf98f5f9f6b142.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Jan 2021 19:12:26 GMT
server: ESF
date: Thu, 07 Jan 2021 19:12:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Jan 2021 19:12:26 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23470
x-fb-rlafr: 0
pragma: public
x-fb-debug: M+jPnK72VufKA6OEwVHkOHSRdL+MtvULTqjzuryiy7ws3qEHYexwDXeJOpCIzpJnl8HT7gTZy9yeWKzsxdyD8Q==
x-fb-trip-id: 1814657579
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 07 Jan 2021 19:12:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 71 KB
28 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W54KBSW

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ba7bdcec503f82fc43c3992f187805e4ea171c05b42f238eebd44c0c6645e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28850
x-xss-protection: 0
last-modified: Thu, 07 Jan 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Jan 2021 19:12:26 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 139 KB
48 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWCDQZQ

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c88e3eaae7bdacf96327eebef75c5a7979513c7fb0ea62344af543ce04b1299

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49583
x-xss-protection: 0
expires: Thu, 07 Jan 2021 19:12:26 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/837125376/ 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/837125376/?random=1610046746342&cv=9&fst=1610046746342&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&tiba=Karla%20Jo%20Helms%20%7C%20JoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20FirmJoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20Firm&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

749fbdc5adba049850d006a6accf098eb7ac6610a401064beea127305b22a012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 19:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1033
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 JoTo_Red-Header.jpg
jotopr.com/wp-content/themes/agile/custom-style-images/ 13 KB
14 KB 348ms
348ms Image
image/jpeg 2606:4700:3032::6818:71d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jotopr.com/wp-content/themes/agile/custom-style-images/JoTo_Red-Header.jpg
Requested by: Host: jotopr.com
URL: https://jotopr.com/wp-content/cache/min/1/86752cadb3e931dc7bcf98f5f9f6b142.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:71d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e73881eff1979fdc87d88bc8f0807ff25aef0603eca89fa858ed081807c2a98e

Request headers

Referer: https://jotopr.com/wp-content/cache/min/1/86752cadb3e931dc7bcf98f5f9f6b142.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 13820
cf-request-id: 077fdcc6fb00002b41e710b000000001
last-modified: Thu, 29 Oct 2020 10:43:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T9GQMEPvgdKgsQwTAshKEnSVSy143W5BG1Aj9DAoKPLpx4LKhZTeUgeitI2nwP6EOmgo3zCCtZmI0PDZ1TBEYkw3ow8r43gg5MbJcXQZCbGmv9Ef4BNV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, s-maxage=2628000
accept-ranges: bytes
cf-ray: 60dffd84ced82b41-FRA
expires: Fri, 07 Jan 2022 19:12:26 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://jotopr.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans|Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 20:12:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 601209
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Fri, 31 Dec 2021 20:12:17 GMT

GET
H2 200 open-sans-v15-latin-700.woff2
jotopr.com/wp-content/themes/agile/fonts/opensans/ 14 KB
15 KB 351ms
351ms Font
font/woff2 2606:4700:3032::6818:71d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jotopr.com/wp-content/themes/agile/fonts/opensans/open-sans-v15-latin-700.woff2
Requested by: Host: jotopr.com
URL: https://jotopr.com/wp-content/cache/min/1/86752cadb3e931dc7bcf98f5f9f6b142.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:71d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc

Request headers

Origin: https://jotopr.com
Referer: https://jotopr.com/wp-content/cache/min/1/86752cadb3e931dc7bcf98f5f9f6b142.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Oct 2020 10:36:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m0bXc8L90EHUedbvqJGe1q17k3RwcGv7lAYFL2AGbe138X%2BXRTqPAkpvJ%2FZmSF406ZlCesXEUsEOcA0Kcrc1lTmovtnaoDnFJlr49IWa4nFJQS44kngp"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, s-maxage=2628000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 60dffd84cedc2b41-FRA
cf-request-id: 077fdcc6fc00002b41a519d000000001
expires: Fri, 07 May 2021 19:12:26 GMT

GET
H2 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-LVrPHp.woff2
fonts.gstatic.com/s/merriweather/v22/ 12 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4m0qyriQwlOrhSvowK_l5-eRZOf-LVrPHp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400italic,700,700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75560fc1985882674f53eff22da403b42e7f0bb5c04859041966c2a4718866e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://jotopr.com
Referer: https://fonts.googleapis.com/css?family=Merriweather:400,400italic,700,700italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 11:28:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:07:28 GMT
server: sffe
age: 114245
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12700
x-xss-protection: 0
expires: Thu, 06 Jan 2022 11:28:21 GMT

GET
H2 200 Karla-Jo-Helms-Headshot-800x800-400x400-1.jpg
jotopr.com/wp-content/uploads/ 16 KB
16 KB 358ms
358ms Image
image/jpeg 2606:4700:3032::6818:71d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jotopr.com/wp-content/uploads/Karla-Jo-Helms-Headshot-800x800-400x400-1.jpg
Requested by: Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:71d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e4b4309ba1574a5281530015706b5abdb43e80e19d0990821c05fcdf4da643

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 16352
cf-request-id: 077fdcc72a00002b4109954000000001
last-modified: Thu, 29 Oct 2020 10:35:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XmvwMYKnS84lBeH%2FKsS1pRvtjJgjMOOLr5ZhIiLUPfI%2Bl4E86jgNT6K%2BQe1DUmGQGhHNCgBQ0DmJpIts4PmnslAX0iy7Bjzs8eyN2%2B8m1n4jFAz3riym"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, s-maxage=2628000
accept-ranges: bytes
cf-ray: 60dffd850f7e2b41-FRA
expires: Fri, 07 Jan 2022 19:12:26 GMT

GET
H/1.1 200
OK home Show response
track.cbdatatracker.com/ 2 B
246 B 638ms
134ms Script
text/html 104.245.4.12
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://track.cbdatatracker.com/home?id=%274553236c-ad4e-4fac-a19d-b1484e1eee06%27
Requested by: Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 104.245.4.12 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 07 Jan 2021 19:12:25 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 2

GET
H2 200 /
www.google.com/pagead/1p-user-list/837125376/ 42 B
138 B 22ms
22ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/837125376/?random=1610046746342&cv=9&fst=1610046000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&tiba=Karla%20Jo%20Helms%20%7C%20JoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20FirmJoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20Firm&fmt=3&is_vtc=1&random=871976433&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 19:12:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/837125376/ 42 B
154 B 20ms
20ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/837125376/?random=1610046746342&cv=9&fst=1610046000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&tiba=Karla%20Jo%20Helms%20%7C%20JoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20FirmJoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20Firm&fmt=3&is_vtc=1&random=871976433&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 19:12:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8666429-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6045
date: Thu, 07 Jan 2021 17:31:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 07 Jan 2021 19:31:41 GMT

GET
H2 200 2545829065715402 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 88ms
88ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2545829065715402?v=2.9.31&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f5d5cfc36fcef4400cb9a74e4dacdb51accce4e8623e12793cc0d57e932c54f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: bUJzNlhNCWiVeZRQf85MMBtjDkASIkWZ++Q+k3lltiyf6MFxyQKSQdi5ZSgnMoBRTumms8QkqDgduRpZzesJHQ==
x-fb-trip-id: 1814657579
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 07 Jan 2021 19:12:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 791213836
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 45ms
30ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W54KBSW

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Jan 2021 19:12:26 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 539 B
743 B 25ms
6ms Script
text/javascript 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWCDQZQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e05da544a93b639782cb0974f5dacbfc36b60d40622f680e3383ec581243ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 18:17:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Jun 2020 00:15:00 GMT
server: sffe
age: 3312
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 366
x-xss-protection: 0
expires: Thu, 07 Jan 2021 19:17:14 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 22ms
8ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWCDQZQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 19:12:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=72199
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H/1.1 200
OK load.js Show response
leadtracker.melenlab.com/ 673 B
849 B 376ms
99ms Script
application/javascript 174.138.190.165
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://leadtracker.melenlab.com/load.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWCDQZQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.190.165 Ridgefield Park, United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: Apache /
Resource Hash: 1ee8a01731ab7ec07c8f2a79d4b203987bf9a3f61861b8ed611c5ffa2afc454e

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 19:12:26 GMT
Content-Encoding: br
Last-Modified: Wed, 18 Oct 2017 10:36:23 GMT
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 312
Keep-Alive: timeout=3, max=30
Expires: Fri, 07 Jan 2022 19:12:26 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
62 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=783547840&t=pageview&_s=1&dl=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&ul=en-us&de=UTF-8&dt=Karla%20Jo%20Helms%20%7C%20JoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20FirmJoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20Firm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=255005749&gjid=1800489365&cid=2140534690.1610046746&tid=UA-8666429-1&_gid=824482359.1610046746&_r=1&gtm=2oubu0&z=993857648

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 19:12:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jotopr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=783547840&t=pageview&_s=1&dl=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&ul=en-us&de=UTF-8&dt=Karla%20Jo%20Helms%20%7C%20JoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20FirmJoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20Firm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=179450435&gjid=1984724262&cid=2140534690.1610046746&tid=UA-8666429-1&_gid=824482359.1610046746&_r=1&gtm=2wgbu0PWCDQZQ&z=297387995

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 19:12:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jotopr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1020754&time=1610046746476&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1020754%26time%3D1610046746476%26url%3Dhttps%253A%252F%252Fjotopr.com%252Fteam%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1020754&time=1610046746476&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&liSync=true

0
57 B

414ms
414ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1020754&time=1610046746476&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&liSync=true
Requested by: Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:27 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: tKQah/wIWBZQmc9IzSoAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: 2t3lefwIWBbQwUOVLSsAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: 05257B7F225A47A5AF8ED3286203845F Ref B: FRAEDGE0714 Ref C: 2021-01-07T19:12:27Z
x-frame-options: sameorigin
date: Thu, 07 Jan 2021 19:12:27 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1020754&time=1610046746476&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 call-tracking_2.js Show response
www.gstatic.com/call-tracking/ 51 KB
20 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_2.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee0af9cb821e3b90c73da380ca1ea46a9568f50635facf5e263d0044c9124c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 21:33:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:15:00 GMT
server: sffe
age: 77958
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19708
x-xss-protection: 0
expires: Thu, 06 Jan 2022 21:33:08 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
84 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-8666429-1&cid=2140534690.1610046746&jid=255005749&gjid=1800489365&_gid=824482359.1610046746&_u=IEBAAUAAAAAAAC~&z=1146215488

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 07 Jan 2021 19:12:26 GMT
content-type: text/plain
access-control-allow-origin: https://jotopr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-8666429-1&cid=2140534690.1610046746&jid=179450435&gjid=1984724262&_gid=824482359.1610046746&_u=YEDAAUABAAAAAC~&z=2016344329

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 07 Jan 2021 19:12:26 GMT
content-type: text/plain
access-control-allow-origin: https://jotopr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/745991852/ 2 KB
2 KB 146ms
132ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/745991852/?random=1610046746491&cv=9&fst=1610046746491&num=1&label=BkXcCIPq3ZoBEKzd2-MC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&tiba=Karla%20Jo%20Helms%20%7C%20JoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20FirmJoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20Firm&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd4aa1ea632a268449ad394f31253adeed5cd0ab9f2f3cae1c536bc0e0349322

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 19:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1098
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
88 B 31ms
30ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-8666429-1&cid=2140534690.1610046746&jid=255005749&_u=IEBAAUAAAAAAAC~&z=1870449536

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 19:12:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
65 B 41ms
40ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-8666429-1&cid=2140534690.1610046746&jid=255005749&_u=IEBAAUAAAAAAAC~&z=1870449536

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 19:12:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
65 B 33ms
33ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-8666429-1&cid=2140534690.1610046746&jid=179450435&_u=YEDAAUABAAAAAC~&z=618291797

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 19:12:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
88 B 30ms
30ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-8666429-1&cid=2140534690.1610046746&jid=179450435&_u=YEDAAUABAAAAAC~&z=618291797

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 19:12:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/803723865/wcm?cc=ZZ&dn=8774690332&cl=UHPwCN-Tqa4BENm0n_8C&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774690332&cl=UHPwCN-Tqa4BENm0n_8C

80 B
202 B

15ms
15ms

XHR
application/json

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774690332&cl=UHPwCN-Tqa4BENm0n_8C

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

timing-allow-origin: *
date: Thu, 07 Jan 2021 19:12:26 GMT
x-content-type-options: nosniff
server: cafe
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774690332&cl=UHPwCN-Tqa4BENm0n_8C
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://jotopr.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 1448636828757256 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 72ms
71ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1448636828757256?v=2.9.31&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b0a0cb650ac827cdafe32bcbadec7c11db55fa0482db86195720bc38052e5ce

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: uFY/KR7MxLesK4zWgWBseL+n89ZpP1WI3/H/kNdfM9rPk6lwZY+FakysJVZT6Bkz5o4c4gxkOfJtWkKE2g63zw==
x-fb-trip-id: 1814657579
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 07 Jan 2021 19:12:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1933068653
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
377 B 19ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2545829065715402&ev=PageView&dl=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&rl=&if=false&ts=1610046746543&sw=1600&sh=1200&v=2.9.31&r=stable&ec=0&o=30&fbp=fb.1.1610046746542.1929827744&it=1610046746430&coo=false&rqm=GET

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 07 Jan 2021 19:12:26 GMT

GET
H3-Q050

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/803723865/wcm?cc=ZZ&dn=8774690332&cl=P6_uCNyd7LQBENm0n_8C&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774690332&cl=P6_uCNyd7LQBENm0n_8C

80 B
112 B

14ms
14ms

XHR
application/json

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774690332&cl=P6_uCNyd7LQBENm0n_8C

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

timing-allow-origin: *
date: Thu, 07 Jan 2021 19:12:26 GMT
x-content-type-options: nosniff
server: cafe
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774690332&cl=P6_uCNyd7LQBENm0n_8C
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://jotopr.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1448636828757256&ev=PageView&dl=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&rl=&if=false&ts=1610046746629&sw=1600&sh=1200&v=2.9.31&r=stable&ec=0&o=30&fbp=fb.1.1610046746542.1929827744&it=1610046746430&coo=false&rqm=GET

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 07 Jan 2021 19:12:26 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/745991852/ 42 B
66 B 23ms
22ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/745991852/?random=1610046746491&cv=9&fst=1610046000000&num=1&label=BkXcCIPq3ZoBEKzd2-MC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&tiba=Karla%20Jo%20Helms%20%7C%20JoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20FirmJoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20Firm&async=1&fmt=3&is_vtc=1&random=2328257322&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 19:12:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/745991852/ 42 B
66 B 36ms
36ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/745991852/?random=1610046746491&cv=9&fst=1610046000000&num=1&label=BkXcCIPq3ZoBEKzd2-MC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&tiba=Karla%20Jo%20Helms%20%7C%20JoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20FirmJoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20Firm&async=1&fmt=3&is_vtc=1&random=2328257322&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: jotopr.com
URL: https://jotopr.com/team/karla-jo-helms/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 19:12:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK jquery-local-2.2.3.js Show response
leadtracker.melenlab.com/ 132 KB
37 KB 125ms
125ms Script
application/javascript 174.138.190.165
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://leadtracker.melenlab.com/jquery-local-2.2.3.js
Requested by: Host: leadtracker.melenlab.com
URL: https://leadtracker.melenlab.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.190.165 Ridgefield Park, United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: Apache /
Resource Hash: 9c324a5189456c8a6c70c17b6c77d76b9ed71d8cbf9b1e64c74f7f6ad2b81438

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 19:12:26 GMT
Content-Encoding: br
Last-Modified: Thu, 09 Feb 2017 12:50:36 GMT
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 37270
Keep-Alive: timeout=3, max=29
Expires: Fri, 07 Jan 2022 19:12:26 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
102 B 7ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryKH82QezSHo2ZsjGV

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 07 Jan 2021 19:12:27 GMT
content-type: text/plain
access-control-allow-origin: https://jotopr.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK leadtracker-4.js Show response
leadtracker.melenlab.com/ 2 KB
1 KB 101ms
100ms Script
application/javascript 174.138.190.165
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://leadtracker.melenlab.com/leadtracker-4.js
Requested by: Host: leadtracker.melenlab.com
URL: https://leadtracker.melenlab.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.190.165 Ridgefield Park, United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: Apache /
Resource Hash: 9d252c64b4a4f951b1d190f41460aff038d4f2ea4aae6eb831c6b1bd4883b467

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 19:12:27 GMT
Content-Encoding: br
Last-Modified: Mon, 03 Feb 2020 07:48:27 GMT
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 551
Keep-Alive: timeout=3, max=28
Expires: Fri, 07 Jan 2022 19:12:27 GMT

GET
H/1.1 200
OK conditional-replacer-3.js Show response
leadtracker.melenlab.com/ 6 KB
3 KB 203ms
101ms Script
application/javascript 174.138.190.165
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://leadtracker.melenlab.com/conditional-replacer-3.js
Requested by: Host: leadtracker.melenlab.com
URL: https://leadtracker.melenlab.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.190.165 Ridgefield Park, United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: Apache /
Resource Hash: 372268e16c8b0cdf05c5f9995f4e9aea62ab8d9e973b423a9c8eb9568a53da7a

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 19:12:27 GMT
Content-Encoding: br
Last-Modified: Wed, 19 Jun 2019 10:21:07 GMT
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 2088
Keep-Alive: timeout=3, max=27
Expires: Fri, 07 Jan 2022 19:12:27 GMT

GET
H2 200 hotjar-1693735.js Show response
static.hotjar.com/c/ 4 KB
2 KB 55ms
54ms Script
application/javascript 65.9.7.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1693735.js?sv=5

Requested by

Host: jotopr.com
URL: https://jotopr.com/wp-content/cache/min/1/26d656b94055792cb566158fe0b2e791.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.7.36 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

13d13250d79ad057d9f7530e6ca34767a1b6d7f1b23dc7adfc1a685305e06680

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-C1
etag: W/2d6c046a43c1baa9ec377030e736362b
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1704
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id: C6K5UHslzu0OtnQCKuVUZ_7Rspn_Ss89DBIR5o9IbI-2vuh4S6hk-A==

GET
H2 200 619283311869369 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 107ms
106ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/619283311869369?v=2.9.31&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

124c94e419b9444bcdc4777d57517be2f6bd9bef5bba8266c1b826a6878ac535

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: om6+W6vGjzc0G7+e33DpLDkGV5Qwv9AhAxHkl2yMr5dYbCTC9yqsdnR/YmMSN9vvFluQIq61Tn5lCxuOGltCtQ==
x-fb-trip-id: 1814657579
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 07 Jan 2021 19:12:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1575739328
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 6588395.js Show response
js.hs-banner.com/ 54 KB
14 KB 77ms
56ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/6588395.js
Requested by: Host: jotopr.com
URL: https://jotopr.com/wp-content/cache/min/1/26d656b94055792cb566158fe0b2e791.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 840f7f750bd6efcfb3a6f91a329661a6468e2709582b9e4c40e879cb434f433e

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=9eILFA==, md5=ivIFkgmR0QOvmjJo464etA==
date: Thu, 07 Jan 2021 19:12:27 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABg5-UwOAy8VpXqHy57wZrDchBSAV4WdnziHIqdDyE2_Gw_poP3i3U7dlyaeSS87UO1MIYlOLob-hShAE2-1gvcr6nQ
x-goog-storage-class: STANDARD
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 077fdcc9df000005dc032cc000000001
timing-allow-origin: *
last-modified: Tue, 05 Jan 2021 19:02:01 GMT
server: cloudflare
etag: W/"8af205920991d103af9a3268e3ae1eb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1609873321475869
access-control-allow-origin: https://jotopr.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 55617
cf-ray: 60dffd89687b05dc-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Thu, 07 Jan 2021 19:17:27 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 87 KB
25 KB 40ms
21ms Script
application/javascript 2606:4700::6811:7fab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: jotopr.com
URL: https://jotopr.com/wp-content/cache/min/1/26d656b94055792cb566158fe0b2e791.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9e4318a5ffb02d153a7275ddc2a55a896e412e4c95e0cb48365b4c99501413

Request headers

Origin: https://jotopr.com
Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:27 GMT
via: 1.1 4638ed8bcd9a9c4a4ffe655049a6e058.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 29250
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.206/bundles/project.js&cfRay=60dd336e0fa40ebb-IAD
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 077fdcc9dd000096a4afb62000000001
cf-ray: 60dffd896cc196a4-FRA
last-modified: Wed, 18 Nov 2020 03:17:23 UTC
server: cloudflare
etag: W/"8009c15ab0ddd537e87c8961e3793907"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: vK9VzhfTTqVFyznSA1saY0pwTd8plNRY
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: g3dLLWI6IVpnDGViX-a8ufhap4wPAGiU-5uJ7afuD9ceOXI7C-RRYw==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 46ms
27ms Script
application/javascript 2606:4700::6811:74b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: jotopr.com
URL: https://jotopr.com/wp-content/cache/min/1/26d656b94055792cb566158fe0b2e791.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac1496eb4cdbd0d93463435e73938df03ada398b8c602fb257d78dfe3d6015dd

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:27 GMT
via: 1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 420
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.220/bundles/pixels-release.js&cfRay=60dff347df2b1f29-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 077fdcc9e100002b65512fe000000001
last-modified: Mon, 04 Jan 2021 01:17:29 UTC
server: cloudflare
etag: W/"632aa3165be38ae826d4cdf20b0c1be4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: RUz8iftYl3toUgoWwj9.u0Tb.QrOFRpY
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 60dffd896cf32b65-FRA
x-amz-cf-id: kW4kKWW9oph2U5HOnD5s-BvhdHIK5Gy5EGgSvpGxUBb1P6KlhG1i1w==

GET
H2 200 6588395.js Show response
js.hs-analytics.net/analytics/1609981200000/ 60 KB
18 KB 197ms
177ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1609981200000/6588395.js
Requested by: Host: jotopr.com
URL: https://jotopr.com/wp-content/cache/min/1/26d656b94055792cb566158fe0b2e791.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5084d3c6ecf54d6362f67f6e05c7b2702d767ca7a88937734139243ab1b94fa1

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:27 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 5F88593AE18D9C0D
x-amz-server-side-encryption: AES256
cf-ray: 60dffd896c331f19-FRA
x-amz-id-2: FR92UhdVxNSkuRrnqHXT6cv2Xu3td0yMkdATbR/kEI2XvlKndmd3FnuKWKNSFpdibC/3uKxscFQ=
last-modified: Mon, 14 Dec 2020 17:55:45 GMT
server: cloudflare
etag: W/"f98ca59bcc1e246a8586e5aacea9251d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 077fdcc9ee00001f19e5158000000001
content-type: text/javascript
expires: Thu, 07 Jan 2021 19:17:27 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 79 KB
20 KB 129ms
109ms Script
application/javascript 2606:4700::6811:eecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: jotopr.com
URL: https://jotopr.com/wp-content/cache/min/1/26d656b94055792cb566158fe0b2e791.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b2ed6eb5b52c6971e56a4e4680a3b47209844535947de2b2ca9dc93ff83489c

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:27 GMT
via: 1.1 199fd61d7551d8868317c5b53cc7d24d.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 403
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.8075/bundles/project.js&cfRay=60dff3b2d8494a6d-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 077fdcc9e6000005c4388fe000000001
last-modified: Tue, 05 Jan 2021 05:10:33 UTC
server: cloudflare
etag: W/"5ed075b2eee5b6aae13ee8b001166dd5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 1_lY2zuzOYpoQ12s1iuVHU4u4toF_YMl
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 60dffd896d7505c4-FRA
x-amz-cf-id: JbhSxw2MbVMFoJkFMec3sLo8LcFh2H6Wag6WH_ufrTJ8bUkH6DDzwA==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: jotopr.com
URL: https://jotopr.com/wp-content/cache/min/1/26d656b94055792cb566158fe0b2e791.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a64fbdd4ca4489ba809a62d78bbd279a9f68b64b829003bf4ab416ca43df1e06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: QdX0TgL1EKOrhjSJuAgLsg==
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
cross-origin-resource-policy: cross-origin
expires: Thu, 07 Jan 2021 19:15:14 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: fXYCs3CKYA33SvgTBDEMTl3M+nKxKRSwvcvSQk8c5NcPn6skJxzNNy7Ot3PbG3qsgkMjB7e1HIyC8Grvv7BbRw==
x-fb-trip-id: 1814657579
x-fb-content-md5: 1a7ef04abe36158a28f017663e5aa7cc
date: Thu, 07 Jan 2021 19:12:27 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "aeb5614d15ea7322dc77be524de080dc"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H3-Q050 200 u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
fonts.gstatic.com/s/merriweather/v22/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400italic,700,700italic&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://jotopr.com
Referer: https://fonts.googleapis.com/css?family=Merriweather:400,400italic,700,700italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 03:59:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:10:13 GMT
server: sffe
age: 573173
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12256
x-xss-protection: 0
expires: Sat, 01 Jan 2022 03:59:34 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 195 KB
59 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=2c6466145cb1719bea3c8d2f20d45ee4&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

894dbde6e100b3ba148064360d23e09859f68f85131ad1780dae6307a4bd45a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://jotopr.com
Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: kZAO+WPpo5OgClk6g847Iw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60131
x-fb-rlafr: 0
x-fb-debug: sO9EgD1WJRFenrjefHes7hrLMQJZftY0tQfKc+szmaQWN/bvBaysj7UO6etOKcCW/wFcqHcMUpOA+jPod9XHmA==
x-fb-trip-id: 1814657579
x-fb-content-md5: 3c421b547b7409efc58469dbcf547d58
x-frame-options: DENY
date: Thu, 07 Jan 2021 19:12:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f1efcb248fdea01f816aab5da513dc2b"
timing-allow-origin: *
expires: Fri, 07 Jan 2022 17:55:14 GMT

GET
H2 200 modules.aa4c7aaa5da61b98a766.js Show response
script.hotjar.com/ 223 KB
59 KB 31ms
31ms Script
application/javascript 65.9.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.aa4c7aaa5da61b98a766.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1693735.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.7.13 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7bb862bf8903dc8dd1a6694969bcb683a902d4a87f08f41c75bbec97465caefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 09:54:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33479
x-cache: Hit from cloudfront
content-length: 59735
access-control-allow-origin: *
last-modified: Thu, 07 Jan 2021 09:53:11 GMT
etag: "90d348e04aa67e32bc4f53c6944cd335"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Pyp_mvH65sqVTIuUJoLjWm5035mownxnnDN1LdCWJn-jDHCYRwLuSQ==

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
644 B 213ms
190ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=6588395&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a223ef88025ba2a7a48be842122aa3ed7f557adb9d913fa0c7f6fdb2e280d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://jotopr.com
access-control-max-age: 180
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 60dffd89e8f2bf0a-FRA
access-control-allow-headers: *
cf-request-id: 077fdcca2e0000bf0ab5b9a000000001

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 918A 0
0 26ms
25ms Document
text/html 65.9.7.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1693735.js?sv=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://jotopr.com/team/karla-jo-helms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://jotopr.com/team/karla-jo-helms/

Response headers

content-type: text/html
content-length: 851
date: Fri, 06 Nov 2020 22:29:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Fri, 06 Nov 2020 16:42:59 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: fLmP4vFnwIEHfxc2cn2s0Y5OepHmHi6V5AQGYrr-CCvKvLEerHgW2w==
age: 5344951

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 7ms
7ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryH3gBosPw2Glfh0i1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 07 Jan 2021 19:12:27 GMT
content-type: text/plain
access-control-allow-origin: https://jotopr.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 147ms
145ms Other
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=6588395&conversations-embed=static-1.8075&mobile=false&messagesUtk=6beceede40d5414fba72d35b6806352a&traceId=6beceede40d5414fba72d35b6806352a

Protocol

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://jotopr.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 07 Jan 2021 19:12:27 GMT
content-type: text/plain; charset=utf-8
content-length: 18
x-trace: 2BCD136D34B79E57EBBAF9212DA98099E0DAB5917E000000000000000000
allow: HEAD,GET,OPTIONS
vary: Accept-Encoding
access-control-allow-credentials: false
access-control-allow-origin: https://jotopr.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
cf-cache-status: DYNAMIC
cf-request-id: 077fdcca7f0000bf0a8f2aa000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 60dffd8a692fbf0a-FRA

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 324ms
323ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f0b5a34b4930922d1e624b8d88522429802b00e53ca762636e24751e2f03b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://jotopr.com/team/karla-jo-helms/

Response headers

date: Thu, 07 Jan 2021 19:12:27 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-length: 1450
cf-request-id: 077fdccb100000bf0a8718e000000001
server: cloudflare
x-trace: 2BDE0751961344BC6C86956B87A90380790EC2F041000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://jotopr.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 60dffd8b498abf0a-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1693735/ 178 B
320 B 52ms
52ms XHR
application/json 52.19.70.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1693735/visit-data?sv=5
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.aa4c7aaa5da61b98a766.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.70.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-70-84.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 07 Jan 2021 19:12:27 GMT
content-encoding: br
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json

GET
H2 200 6beceede40d5414fba72d35b6806352a
app.hubspot.com/conversations-visitor/6588395/threads/utk/ Frame C051 0
0 558ms
536ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/6588395/threads/utk/6beceede40d5414fba72d35b6806352a?uuid=1bd2b51e7455433f9102479ee96639fc&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=jotopr.com&inApp53=false&messagesUtk=6beceede40d5414fba72d35b6806352a&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: app.hubspot.com
:scheme: https
:path: /conversations-visitor/6588395/threads/utk/6beceede40d5414fba72d35b6806352a?uuid=1bd2b51e7455433f9102479ee96639fc&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=jotopr.com&inApp53=false&messagesUtk=6beceede40d5414fba72d35b6806352a&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://jotopr.com/team/karla-jo-helms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://jotopr.com/team/karla-jo-helms/

Response headers

date: Thu, 07 Jan 2021 19:12:28 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d46baf0c1d868141edc6cbc9b519d1f771610046747; expires=Sat, 06-Feb-21 19:12:27 GMT; path=/; domain=.hubspot.com; HttpOnly; SameSite=Lax
x-amz-replication-status: COMPLETED
last-modified: Thu, 07 Jan 2021 04:05:27 UTC
etag: W/"20cb8dea6a77557ef82e55f08565b17e"
x-amz-server-side-encryption: AES256
x-amz-version-id: 2qe6BW3mGY08Z0pV2FST9SsbyHUGntqL
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c34bd35d24f6df50307d1ac92d0f6110.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C3
x-amz-cf-id: QMiwfEbst_u5t-xF3vgtLNGaBYcCZL_z9efQfkHkco9eoDJG_Oh6TQ==
age: 1060
access-control-allow-credentials: false
cache-control: max-age=600
x-hs-cache-status: MISS
cf-cache-status: DYNAMIC
cf-request-id: 077fdccc7800004a97beafd000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 60dffd8d791c4a97-FRA
content-encoding: br

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 206 B
709 B 148ms
132ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=6588395

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

829483e20339695fc8d6635aea0be4b1ffe738d12790f6e89138250e5e3f2792

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 077fdccfa700002c3ab4013000000001
server: cloudflare
x-trace: 2B6B5532BC53C3401E984EA11B6F0A025D2F2C2B53000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://jotopr.com
access-control-allow-credentials: false
cf-ray: 60dffd92af752c3a-FRA
access-control-allow-headers: *

GET
H2 200 6588395.js Show response
js.hs-scripts.com/ 2 KB
993 B 157ms
141ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/6588395.js
Requested by: Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1609981200000/6588395.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 440fb7e5c8f5652b9cad97ac6beca494c35e2d238cce21c13f3aaf1490038956

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:28 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2BF393C7C26824F059FEEE3E6E5D11A09CD0973FB4000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://jotopr.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 60dffd92aee2dfeb-FRA
cf-request-id: 077fdccfa90000dfeba92a1000000001
expires: Thu, 07 Jan 2021 19:13:28 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
316 B 23ms
21ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=6588395&ct=blog-post&rcu=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&pu=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&t=Karla+Jo+Helms+%7C+JoTo+PR+%7C+The+Anti-Public+Relations+PR+FirmJoTo+PR+%7C+The+Anti-Public+Relations+PR+Firm&cts=1610046748562&vi=eedce083885301a03af39fb2fc62b08b&nc=true&u=189853492.eedce083885301a03af39fb2fc62b08b.1610046748558.1610046748558.1610046748558.1&b=189853492.1.1610046748559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 60dffd9289b24a97-FRA
date: Thu, 07 Jan 2021 19:12:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 077fdccf9800004a97e1380000000001
x-robots-tag: none

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-803723865

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41ee4fa747ca300a0969e2367df19860ffac31b081de0f69e76e0bf59ce77497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38969
x-xss-protection: 0
last-modified: Thu, 07 Jan 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Jan 2021 19:12:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-803723865&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8666429-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da33126f5d38b2578f146103b44563188cc115ca0dc366c3318e21fcc40751ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38984
x-xss-protection: 0
last-modified: Thu, 07 Jan 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Jan 2021 19:12:28 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 19:12:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=72197
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 /
www.facebook.com/tr/ 44 B
257 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=619283311869369&ev=PageView&dl=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&rl=&if=false&ts=1610046748704&sw=1600&sh=1200&v=2.9.31&r=stable&a=wordpress-5.6-2.2.2&ec=0&o=30&fbp=fb.1.1610046748703.1495471370&it=1610046746430&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 07 Jan 2021 19:12:28 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 46ms
45ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-803723865&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Jan 2021 19:12:28 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/803723865/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/803723865/?random=1610046748804&cv=9&fst=1610046748804&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&tiba=Karla%20Jo%20Helms%20%7C%20JoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20FirmJoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20Firm&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1845ce6a4ac0d112212950264d83e548b2b1956ad6cdfcc0f0f4e22a8305f1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 19:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1071
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/803723865/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/803723865/?random=1610046748804&cv=9&fst=1610046000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&tiba=Karla%20Jo%20Helms%20%7C%20JoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20FirmJoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20Firm&async=1&fmt=3&is_vtc=1&random=67971838&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 19:12:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/803723865/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/803723865/?random=1610046748804&cv=9&fst=1610046000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fjotopr.com%2Fteam%2Fkarla-jo-helms%2F&tiba=Karla%20Jo%20Helms%20%7C%20JoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20FirmJoTo%20PR%20%7C%20The%20Anti-Public%20Relations%20PR%20Firm&async=1&fmt=3&is_vtc=1&random=67971838&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 19:12:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
53 B 7ms
7ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://jotopr.com/team/karla-jo-helms/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryJeVFkASX0TJXSMbu

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 07 Jan 2021 19:12:29 GMT
content-type: text/plain
access-control-allow-origin: https://jotopr.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jotopr.com/	1970-01-20 00:35:42	Name: hubspotutk Value: eedce083885301a03af39fb2fc62b08b
.jotopr.com/	1970-01-19 15:14:08	Name: __hssc Value: 189853492.1.1610046748559
.jotopr.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.jotopr.com/	1970-01-20 00:35:42	Name: __hstc Value: 189853492.eedce083885301a03af39fb2fc62b08b.1610046748558.1610046748558.1610046748558.1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Unable to parse JSON-LD tag. Malformed JSON found: '{ "@context": "http://schema.org", "@type": "ProfessionalService", "name": "JoTo PR", "image": "https://jotopr.com/wp-content/uploads/joto-heading-logo.jpg", "@id": "", "url": "https://jotopr.com/", "telephone": "+1 888-202-4614", "priceRange": "00.00 - 00.00", "address": { "@type": "PostalAddress", "streetAddress": "4830 W Kennedy Blvd #600,", "addressLocality": "Tampa", "addressRegion": "FL", "postalCode": "33609", "addressCountry": "US" } }, "geo": { "@type": "GeoCoordinates", "latitude": 27.9438915, "longitude": -82.5252342 }, "openingHoursSpecification": { "@type": "OpeningHoursSpecification", "dayOfWeek": [ "Monday", "Tuesday", "Wednesday", "Thursday", "Friday" ], "opens": "08:00", "closes": "17:00" } }'.
console-api	log	URL: https://jotopr.com/wp-content/cache/min/1/26d656b94055792cb566158fe0b2e791.js(Line 138) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 2545829065715402.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
app.hubspot.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
in.hotjar.com
jotopr.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.usemessages.com
leadtracker.melenlab.com
mx8.inboxgateway.com
px.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
track.cbdatatracker.com
track.hubspot.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
104.245.4.12
107.181.94.102
172.217.23.162
174.138.190.165
2606:4700:3032::6818:71d2
2606:4700::6811:45b0
2606:4700::6811:74b0
2606:4700::6811:7fab
2606:4700::6811:cbcc
2606:4700::6811:d5cc
2606:4700::6811:eecc
2606:4700::6812:14bf
2606:4700::6813:9a53
2620:1ec:21::14
2a00:1450:4001:801::200e
2a00:1450:4001:803::2003
2a00:1450:4001:803::2004
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2003
2a00:1450:4001:825::2008
2a00:1450:400c:c04::9b
2a02:26f0:6c00:28c::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
52.19.70.84
65.9.7.125
65.9.7.13
65.9.7.36
09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd
09d402a96813e87ea5a318659cc56043a7b8851e6103e014ffe850361f22cb6a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
124c94e419b9444bcdc4777d57517be2f6bd9bef5bba8266c1b826a6878ac535
13d13250d79ad057d9f7530e6ca34767a1b6d7f1b23dc7adfc1a685305e06680
1845ce6a4ac0d112212950264d83e548b2b1956ad6cdfcc0f0f4e22a8305f1ae
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
1ece7773e71441006bafac047bf261ad42aaf3437447c574ed7a58ea74fec4d6
1ee8a01731ab7ec07c8f2a79d4b203987bf9a3f61861b8ed611c5ffa2afc454e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c0814d87bf754e0dd1a6aa992f1fd7450a9cd5715ae05f225aaf0ccb3839100
2c88e3eaae7bdacf96327eebef75c5a7979513c7fb0ea62344af543ce04b1299
372268e16c8b0cdf05c5f9995f4e9aea62ab8d9e973b423a9c8eb9568a53da7a
3a223ef88025ba2a7a48be842122aa3ed7f557adb9d913fa0c7f6fdb2e280d3c
3b2ed6eb5b52c6971e56a4e4680a3b47209844535947de2b2ca9dc93ff83489c
41ee4fa747ca300a0969e2367df19860ffac31b081de0f69e76e0bf59ce77497
440fb7e5c8f5652b9cad97ac6beca494c35e2d238cce21c13f3aaf1490038956
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
4f0da6ae75cc1f32c2955cbd1b4b3b81e7ca3ba3fdf7c72611337d63aff484e0
5084d3c6ecf54d6362f67f6e05c7b2702d767ca7a88937734139243ab1b94fa1
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
6c99a4730ed4e5b81301c6066a9be8fccf34522be4685b0ee8d14897c2d00433
749fbdc5adba049850d006a6accf098eb7ac6610a401064beea127305b22a012
75560fc1985882674f53eff22da403b42e7f0bb5c04859041966c2a4718866e4
7ba7bdcec503f82fc43c3992f187805e4ea171c05b42f238eebd44c0c6645e56
7bb862bf8903dc8dd1a6694969bcb683a902d4a87f08f41c75bbec97465caefb
7e05da544a93b639782cb0974f5dacbfc36b60d40622f680e3383ec581243ca4
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
7f0b5a34b4930922d1e624b8d88522429802b00e53ca762636e24751e2f03b4f
829483e20339695fc8d6635aea0be4b1ffe738d12790f6e89138250e5e3f2792
840f7f750bd6efcfb3a6f91a329661a6468e2709582b9e4c40e879cb434f433e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
894dbde6e100b3ba148064360d23e09859f68f85131ad1780dae6307a4bd45a8
9b0a0cb650ac827cdafe32bcbadec7c11db55fa0482db86195720bc38052e5ce
9c324a5189456c8a6c70c17b6c77d76b9ed71d8cbf9b1e64c74f7f6ad2b81438
9d252c64b4a4f951b1d190f41460aff038d4f2ea4aae6eb831c6b1bd4883b467
a64fbdd4ca4489ba809a62d78bbd279a9f68b64b829003bf4ab416ca43df1e06
a6e4b4309ba1574a5281530015706b5abdb43e80e19d0990821c05fcdf4da643
abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53
ac1496eb4cdbd0d93463435e73938df03ada398b8c602fb257d78dfe3d6015dd
ad9e4318a5ffb02d153a7275ddc2a55a896e412e4c95e0cb48365b4c99501413
cde9a4fc4e77ebb6182825d9627c7efc5e5bdb79403f073f75f0596661b653ea
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
d72ff14325b01601c093b74392a305a31e3539c0a8de20435f023de7cea8364a
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
da33126f5d38b2578f146103b44563188cc115ca0dc366c3318e21fcc40751ee
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e037b52033992f433263bc0e5c64af7cdfea4216b06072d1ef529a9dc2c2defb
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da
e73881eff1979fdc87d88bc8f0807ff25aef0603eca89fa858ed081807c2a98e
ea87d866f647540f3cf749f7536d2571de8233f5eae46057653e73cfe133538c
ee0af9cb821e3b90c73da380ca1ea46a9568f50635facf5e263d0044c9124c9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5d5cfc36fcef4400cb9a74e4dacdb51accce4e8623e12793cc0d57e932c54f6
fd4aa1ea632a268449ad394f31253adeed5cd0ab9f2f3cae1c536bc0e0349322

jotopr.com Open in urlscan Pro 2606:4700:3032::6818:71d2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

100 %HTTPS

74 %IPv6

25 Domains

34 Subdomains

29 IPs

6 Countries

1294 kBTransfer

4393 kBSize

4 Cookies

6 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

jotopr.com Open in urlscan Pro
2606:4700:3032::6818:71d2 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

100 %
HTTPS

74 %
IPv6

25
Domains

34
Subdomains

29
IPs

6
Countries

1294 kB
Transfer

4393 kB
Size

4
Cookies

84 HTTP transactions
0 data transactions