urlscan.io logo urlscan.io
SecurityTrails logo

charming-crimson-hornet.slab.com Open in urlscan Pro
2606:4700::6811:eb3d  Public Scan

Go To Rescan Add Verdict Report
URL: https://charming-crimson-hornet.slab.com/posts/mebd-sent-you-a-document-fmf0u6bu__;!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CD...
Submission Tags: falconsandbox
Submission: On August 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 12 domains to perform 33 HTTP transactions. The main IP is 2606:4700::6811:eb3d, located in United States and belongs to CLOUDFLARENET, US. The main domain is charming-crimson-hornet.slab.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 6th 2022. Valid for: a year.
This is the only time charming-crimson-hornet.slab.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:6ea0:cb0... 60068 (CDN77 ^_^)
1 2600:9000:225... 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
8 18.66.115.169 16509 (AMAZON-02)
1 34.120.195.249 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 1 108.138.17.67 16509 (AMAZON-02)
3 18.66.139.61 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
1 54.69.117.2 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 99.83.219.81 16509 (AMAZON-02)
33 14
7    2606:4700::6811:eb3d (United States)

ASN13335 (CLOUDFLARENET, US)
charming-crimson-hornet.slab.com
cdn.slab.com
1    2a02:6ea0:cb00::2 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)
cdn.headwayapp.co
1    2600:9000:2250:c800:a:7b53:7380:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.vitally.io
2    2606:4700:3034::ac43:cefe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.lr-in.com
8    18.66.115.169 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-115-169.fra56.r.cloudfront.net
cdn.segment.com
1    34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o59832.ingest.sentry.io
1    2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    108.138.17.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-67.fra56.r.cloudfront.net
widget.intercom.io
3    18.66.139.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-61.fra60.r.cloudfront.net
js.intercomcdn.com
4    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:11a::6867:4848 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    54.69.117.2 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-117-2.us-west-2.compute.amazonaws.com
api.segment.io
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    99.83.219.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
8 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1396
67 KB
7 slab.com
charming-crimson-hornet.slab.com
cdn.slab.com — Cisco Umbrella Rank: 682645
1 MB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
60 KB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2298
187 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2273
api-iam.intercom.io — Cisco Umbrella Rank: 2493
3 KB
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 507
p.typekit.net — Cisco Umbrella Rank: 625
1 KB
2 lr-in.com
cdn.lr-in.com — Cisco Umbrella Rank: 14550
170 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 108
450 B
1 segment.io
api.segment.io — Cisco Umbrella Rank: 915
185 B
1 sentry.io
o59832.ingest.sentry.io — Cisco Umbrella Rank: 656757
288 B
1 vitally.io
cdn.vitally.io — Cisco Umbrella Rank: 196553
61 KB
1 headwayapp.co
cdn.headwayapp.co — Cisco Umbrella Rank: 27375
7 KB
33 12
Domain Requested by
8 cdn.segment.com charming-crimson-hornet.slab.com
cdn.segment.com
5 cdn.slab.com charming-crimson-hornet.slab.com
4 www.google-analytics.com cdn.segment.com
www.google-analytics.com
charming-crimson-hornet.slab.com
3 js.intercomcdn.com charming-crimson-hornet.slab.com
widget.intercom.io
2 cdn.lr-in.com charming-crimson-hornet.slab.com
cdn.lr-in.com
2 charming-crimson-hornet.slab.com cdn.slab.com
1 api-iam.intercom.io js.intercomcdn.com
1 stats.g.doubleclick.net www.google-analytics.com
1 api.segment.io cdn.segment.com
1 p.typekit.net use.typekit.net
1 widget.intercom.io 1 redirects
1 use.typekit.net client
1 o59832.ingest.sentry.io cdn.slab.com
1 cdn.vitally.io charming-crimson-hornet.slab.com
1 cdn.headwayapp.co charming-crimson-hornet.slab.com
33 15

This site contains links to these domains. Also see Links.

Domain
slab.com
Subject Issuer Validity Valid
slab.com
Cloudflare Inc ECC CA-3		 2022-05-06 -
2023-05-06		 a year crt.sh
1529036741.rsc.cdn77.org
R3		 2022-08-19 -
2022-11-17		 3 months crt.sh
vitally.io
Amazon		 2022-07-06 -
2023-08-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-18 -
2023-06-18		 a year crt.sh
*.segment.com
Amazon		 2022-01-12 -
2023-02-10		 a year crt.sh
*.ingest.sentry.io
R3		 2022-08-20 -
2022-11-18		 3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.segment.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.intercomcdn.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.intercom.com
Amazon		 2022-03-16 -
2023-04-14		 a year crt.sh

This page contains 2 frames:

Primary Page: https://charming-crimson-hornet.slab.com/posts/mebd-sent-you-a-document-fmf0u6bu__;!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q$
Frame ID: 243F02A5C7D3A3D73EE7404F62565B9A
Requests: 33 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.e20a2d44.js
Frame ID: 00978721F80095A40A0BA48141606B40
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - Slab

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

33
Requests

94 %
HTTPS

57 %
IPv6

12
Domains

15
Subdomains

14
IPs

5
Countries

1944 kB
Transfer

7254 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://widget.intercom.io/widget/legwahix HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mebd-sent-you-a-document-fmf0u6bu__;!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q$
charming-crimson-hornet.slab.com/posts/ 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://charming-crimson-hornet.slab.com/posts/mebd-sent-you-a-document-fmf0u6bu__;!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eb3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1e8ea4627d953476891a4fcb5af617b47e0b7e08b1e34f6125babd05af8bf85
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'nonce-zrpNHYUw3y7eSmyByTtcVjej1c4XI8B6O6upFEHIBldlLDTxMXYVHAWXZDgTswMs' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:; report-uri https://o59832.ingest.sentry.io/api/1197065/security/?sentry_key=be62e2ea3fb544f78dd5fbf3abbd8b8a
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
741f137e4f955bf9-FRA
content-encoding
br
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'nonce-zrpNHYUw3y7eSmyByTtcVjej1c4XI8B6O6upFEHIBldlLDTxMXYVHAWXZDgTswMs' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:; report-uri https://o59832.ingest.sentry.io/api/1197065/security/?sentry_key=be62e2ea3fb544f78dd5fbf3abbd8b8a
content-type
text/html; charset=utf-8
cross-origin-window-policy
deny
date
Sun, 28 Aug 2022 18:23:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-req-id
Fw-VVnHPJTX9Mrv3AVXC
x-xss-protection
1; mode=block
web-1982fc99f3624125665d704ac0753574.css
cdn.slab.com/bundles/css/fonts/ 		251 KB
178 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.slab.com/bundles/css/fonts/web-1982fc99f3624125665d704ac0753574.css?vsn=d
Requested by
Host: charming-crimson-hornet.slab.com
URL: https://charming-crimson-hornet.slab.com/posts/mebd-sent-you-a-document-fmf0u6bu__;!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eb3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7808634de4b584356ad06673a57014ba0b4235e76a5bedd05d6f26e7fde8fe30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:23:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2190
x-guploader-uploadid
ADPycduFXTIO-kzzsA2gG7wBsZe-H_sGTVLMVaOQox586vf_XFW5JNxsdtLU5xKbKXLV6fK6GGnnmdHvbKPuB8hQA_2KOQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
text/css; charset=utf-8
last-modified
Tue, 21 Jun 2022 02:16:20 GMT
server
cloudflare
etag
W/"1982fc99f3624125665d704ac0753574"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-goog-hash
crc32c=MVvq9A==, md5=GYL8mfNiQSVmXXBKwHU1dA==
x-goog-generation
1650507588886841
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
257326
cf-ray
741f137f39445bf9-FRA
expires
Mon, 28 Aug 2023 18:23:06 GMT
internal-0f0ebed4a40d0b3bcbbe14d67cd30b60.css
cdn.slab.com/bundles/css/ 		664 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.slab.com/bundles/css/internal-0f0ebed4a40d0b3bcbbe14d67cd30b60.css?vsn=d
Requested by
Host: charming-crimson-hornet.slab.com
URL: https://charming-crimson-hornet.slab.com/posts/mebd-sent-you-a-document-fmf0u6bu__;!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eb3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0850b4ed712b5876189e511fba6bcb70cb9cf9bd4ca9a7010a6e1377eaa3c238
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:23:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2190
x-guploader-uploadid
ADPycduK58677XpofbJz44esAMletK1riFixIwnQCj6VkrInrEO8OWoAafNPreWLecpnj6StQYqPrBtJ3yIP_XZkVJhqF8FBpWLD
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
text/css; charset=utf-8
last-modified
Thu, 25 Aug 2022 02:18:58 GMT
server
cloudflare
etag
W/"0f0ebed4a40d0b3bcbbe14d67cd30b60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-goog-hash
crc32c=uNYdSg==, md5=Dw6+1KQNCzvLvhTWfNMLYA==
x-goog-generation
1661393938090811
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
679668
cf-ray
741f137f39475bf9-FRA
expires
Mon, 28 Aug 2023 18:23:06 GMT
widget.js
cdn.headwayapp.co/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.headwayapp.co/widget.js
Requested by
Host: charming-crimson-hornet.slab.com
URL: https://charming-crimson-hornet.slab.com/posts/mebd-sent-you-a-document-fmf0u6bu__;!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
038854c1db8658c2d0f918c047c4f335bd11c07c4ab2686ce1a780113e3591a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Sun, 28 Aug 2022 18:23:06 GMT
via
1.1 218366faeb88f6d265d2589e37ea2dac.cloudfront.net (CloudFront)
x-77-nzt-ray
rDCN10n0630
age
31
x-77-cache
HIT
x-cache
HIT
x-hello
headway
content-encoding
br
x-77-nzt
Abm0DAZbr1j/EQAAAA
x-accel-expires
@1661711029
last-modified
Mon, 25 Apr 2022 04:20:45 GMT
server
CDN77-Turbo
etag
W/"038854c1db8658c2d0f918c047c4f335"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=60
x-amz-cf-pop
VIE50-C2
x-age
17
x-amz-cf-id
RrXTdiErOQqkxp-36VlxZCVvT4HVY3JMtCoFLowKvmgfGmc7ws_jvA==
vitally.js
cdn.vitally.io/vitally.js/v1/ 		201 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vitally.io/vitally.js/v1/vitally.js
Requested by
Host: charming-crimson-hornet.slab.com
URL: https://charming-crimson-hornet.slab.com/posts/mebd-sent-you-a-document-fmf0u6bu__;!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:c800:a:7b53:7380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86103ede2095d08967d6df4266416f0130841d80d807908de137b1100ceae7dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
MOMM1SSucME30lqVscDHFjxLuhGDG9n4
content-encoding
gzip
etag
W/"45cca416ca3bf0c2fcc965c1398837d2"
last-modified
Mon, 14 Feb 2022 23:38:11 GMT
server
AmazonS3
age
3427
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
date
Sun, 28 Aug 2022 17:27:08 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
ecau7ZlhwQdcGPQx-5qtQaYjOCqfeZIW62DDzbG0xdj-Y-0plgI83g==
LogRocket.min.js
cdn.lr-in.com/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lr-in.com/LogRocket.min.js
Requested by
Host: charming-crimson-hornet.slab.com
URL: https://charming-crimson-hornet.slab.com/posts/mebd-sent-you-a-document-fmf0u6bu__;!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:cefe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6aa604c9492c4a9408694db37fc784d36faae3434408afafbedb222ac77f95f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://charming-crimson-hornet.slab.com/
Origin
https://charming-crimson-hornet.slab.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:23:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31556926
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-hhn4058-HHN
last-modified
Fri, 26 Aug 2022 21:03:19 GMT
server
cloudflare
x-timer
S1661710986.244248,VS0,VE1
etag
W/"864376206222d665c1f1dac73bb696f452067825c6b1bdabc8aa36f98d43044f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIAfN6Z1LEDst0ZaE9V1Sm8C63G8y%2FNDC%2Bdmyh1%2FP3puHlGBKx7QFk6dr3Rx%2Bml%2BlwKHtaRzd%2BWitmvgoiGfcYnjCm906fYFUUJxKGF2qqo5xfWHqDrE8DvzbALFGKlTHNTpCViXRsFTzOHz"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
741f137feb2a9b1b-FRA
x-cache-hits
1
sentry-1ca6db87e5c66393eb854cf9890bdbe5.js
cdn.slab.com/bundles/js/ 		100 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.slab.com/bundles/js/sentry-1ca6db87e5c66393eb854cf9890bdbe5.js?vsn=d
Requested by
Host: charming-crimson-hornet.slab.com
URL: https://charming-crimson-hornet.slab.com/posts/mebd-sent-you-a-document-fmf0u6bu__;!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eb3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9aec56c5d6896c49849b6de79fe7be0044fa122878b8c418988370b6d40446d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://charming-crimson-hornet.slab.com/
Origin
https://charming-crimson-hornet.slab.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:23:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
x-guploader-uploadid
ADPycdvbzD_uGUHquTuVE118B_Co2T2u_FB84xLctb-nXDS_wlWxXPYuCUPIBnbbsgfQ1ENKQWW2nTV2l-G4hIDWoREFMC4KhvYo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Sun, 28 Aug 2022 02:18:10 GMT
server
cloudflare
etag
W/"b3fc784c88977248c30d74dae69bac5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-goog-hash
crc32c=oxl4ng==, md5=s/x4TIiXckjDDXTa5pusWw==
x-goog-generation
1661221072749466
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000
x-goog-stored-content-length
102079
cf-ray
741f137f5a4ebb32-FRA
expires
Mon, 28 Aug 2023 18:23:06 GMT
vendor-166c5405fdd059dc513b138090ec06c9.js
cdn.slab.com/bundles/js/ 		2 MB
549 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.slab.com/bundles/js/vendor-166c5405fdd059dc513b138090ec06c9.js?vsn=d
Requested by
Host: charming-crimson-hornet.slab.com
URL: https://charming-crimson-hornet.slab.com/posts/mebd-sent-you-a-document-fmf0u6bu__;!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eb3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a93af1a44b6081bc162319d696fc3b0162849d9328591b47b9242b2e53289012
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://charming-crimson-hornet.slab.com/
Origin
https://charming-crimson-hornet.slab.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:23:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
x-guploader-uploadid
ADPycdvEIWXV9qEDe0K7NsisZOUyDH3OHMVHfiet6vP6TXX7blC-1vuVpOdCYu6lpT6xCrLR1fTA60r2jcWVJmzYKCFfDyXl8RzC
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Sun, 28 Aug 2022 02:18:13 GMT
server
cloudflare
etag
W/"f0e02e19895273646ffb988bbba1bb96"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-goog-hash
crc32c=amO6CQ==, md5=8OAuGYlSc2Rv+5iLu6G7lg==
x-goog-generation
1660702744124337
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000
x-goog-stored-content-length
2106036
cf-ray
741f137f5a4fbb32-FRA
expires
Mon, 28 Aug 2023 18:23:06 GMT
internal-d20544194b489b95144b5677fb01e5e2.js
cdn.slab.com/bundles/js/ 		2 MB
467 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.slab.com/bundles/js/internal-d20544194b489b95144b5677fb01e5e2.js?vsn=d
Requested by
Host: charming-crimson-hornet.slab.com
URL: https://charming-crimson-hornet.slab.com/posts/mebd-sent-you-a-document-fmf0u6bu__;!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eb3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e716ff3b544adaa1d329f5060bf5b0d0b1dadf8ccd9757971b4d314bb3f2c840
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://charming-crimson-hornet.slab.com/
Origin
https://charming-crimson-hornet.slab.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:23:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
x-guploader-uploadid
ADPycduX_L-D3TW2cNJPbZK6GczzAhVV_8Kq5f7VdiwXWu_QtEQaAzQOmhyogAye2EocpmMrwvVtiem_GTA5YARP-IDTUP1BJUw4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Thu, 25 Aug 2022 02:18:55 GMT
server
cloudflare
etag
W/"c8a040d6a12c6cb7cc09b907a9187cec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-goog-hash
crc32c=LKaxsg==, md5=yKBA1qEsbLfMCbkHqRh87A==
x-goog-generation
1661393935761779
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000
x-goog-stored-content-length
1638263
cf-ray
741f137f5a50bb32-FRA
expires
Mon, 28 Aug 2023 18:23:06 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/QfBlWGugy5p510EIBmtx2y6XsqRIyNsq/ 		95 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/QfBlWGugy5p510EIBmtx2y6XsqRIyNsq/analytics.min.js
Requested by
Host: charming-crimson-hornet.slab.com
URL: https://charming-crimson-hornet.slab.com/posts/mebd-sent-you-a-document-fmf0u6bu__;!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05cef48a8516fa9bc4ba9b90d3ed8e4b358f87ecbe028a6e8708705d9f83d47c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
UdqAVKSizUqsr_KayN0jKinwUy9MuixG
content-encoding
br
etag
W/"59d0e2d62c8550b425bebdcf38f531c5"
age
3
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 04 Aug 2022 23:22:56 GMT
server
AmazonS3
date
Sun, 28 Aug 2022 18:23:04 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
9czNc2u0kK7yiqOK37GpeVNKYUW3dbmIsy6qqs89z6zBvbEzGe7p6g==
logger-1.min.js
cdn.lr-in.com/ 		775 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lr-in.com/logger-1.min.js
Requested by
Host: cdn.lr-in.com
URL: https://cdn.lr-in.com/LogRocket.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:cefe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eb527f229716f3bc731451d001ccc7f272973b763472f7da3a70fce6ab6cf6c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:23:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
227
x-cache
MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31556926
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-hhn4035-HHN
last-modified
Fri, 26 Aug 2022 21:03:19 GMT
server
cloudflare
x-timer
S1661547824.221649,VS0,VE172
etag
W/"6f3a5536cb265d48f6ea65d3ee004c8c9016ab039be70efdedc5be17e49ba5db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgVkQ8GHPnH9Yj%2FSugsjIPS6uxbF142b8CddjLvrHbuYSATwQlTEu5A7xDxWtN0DIUsYlpT6JTrkEGb5UzoHMjUcJLLuiJ%2F%2FbDWCG68DbRWV43dc9Go21WMtSNmezemH7tJ85bGDD2TpKx5c"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
741f13804e509ba1-FRA
x-cache-hits
0
settings
cdn.segment.com/v1/projects/QfBlWGugy5p510EIBmtx2y6XsqRIyNsq/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/QfBlWGugy5p510EIBmtx2y6XsqRIyNsq/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QfBlWGugy5p510EIBmtx2y6XsqRIyNsq/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eeeb0abb19a567d9a288cd08b5311b7eff57b5240f7e710e419e938bb8daca0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
AwFz9hz28HJeZxUCGqXXyWZLbpIkM_9T
content-encoding
br
etag
W/"ffcc737f455affc41bfc9a12b7bb28a5"
age
2100
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Wed, 22 Jun 2022 17:59:46 GMT
server
AmazonS3
date
Sun, 28 Aug 2022 18:23:03 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
via
1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
cache-control
public, max-age=10800
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
xn6SlbJCu4zvBmn3CKGFEiVcdUzeRWltAotPunmT33UsPmn3QsiOvg==
/
o59832.ingest.sentry.io/api/128346/envelope/ 		2 B
288 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o59832.ingest.sentry.io/api/128346/envelope/?sentry_key=4e814ac2fcf945ba91f57c962a6c1b46&sentry_version=7
Requested by
Host: cdn.slab.com
URL: https://cdn.slab.com/bundles/js/sentry-1ca6db87e5c66393eb854cf9890bdbe5.js?vsn=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://charming-crimson-hornet.slab.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 28 Aug 2022 18:23:06 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://charming-crimson-hornet.slab.com
access-control-expose-headers
retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
870.bundle.323974846b6d45afb45e.js
cdn.segment.com/analytics-next/bundles/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QfBlWGugy5p510EIBmtx2y6XsqRIyNsq/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 20:03:01 GMT
content-encoding
br
vary
Accept-Encoding
age
2672406
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 28 Jul 2022 19:18:36 GMT
server
AmazonS3
etag
W/"d471f2a8b801a51bbc09c91b3f90b749"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
1rk6lThPw_JHc2lhXO2aVb35DWwvWdlS
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
8cTt9X_F7iJyPeIVPrnUJ8ojCufFS2aUKxdv4pesrH7a4n6kYBs0gA==
ajs-destination.bundle.35a8f6f19959bf2f455f.js
cdn.segment.com/analytics-next/bundles/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QfBlWGugy5p510EIBmtx2y6XsqRIyNsq/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 20:02:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2672409
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 28 Jul 2022 19:18:35 GMT
server
AmazonS3
etag
W/"e0f89f667fb8d2b50aa8e29a86a4c9b1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
rGxAXcNdIUy7e9gmGqJaHXTu3PlXuob1
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
0Q7hXi1QywaTujSCK49gXPaDt3mmgbp-CxsjeQ2E7OFn07ULk14Eww==
ytb2blj.css
use.typekit.net/ 		2 KB
865 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/ytb2blj.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c1f22447a4e2c8db94463a39aaf9aaf460292dbb1ff849145982595cc7f05d5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Sun, 28 Aug 2022 18:23:06 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
633
da73e996-94e7-4c24-b610-7d639a39c9a8
https://charming-crimson-hornet.slab.com/ 		427 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://charming-crimson-hornet.slab.com/da73e996-94e7-4c24-b610-7d639a39c9a8
Requested by
Host: charming-crimson-hornet.slab.com
URL: https://charming-crimson-hornet.slab.com/posts/mebd-sent-you-a-document-fmf0u6bu__;!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q$
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00a6341174b9b3ee1d8c9fce575d6c13f5e99c74ac32bb17c8329f866196c30d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length
436758
schemaFilter.bundle.debb169c1abb431faaa6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QfBlWGugy5p510EIBmtx2y6XsqRIyNsq/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 04:14:57 GMT
content-encoding
br
vary
Accept-Encoding
age
5148490
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 30 Jun 2022 00:39:24 GMT
server
AmazonS3
etag
W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
2Zx1lLvKGQVUN0CW_0j0kkuvMQ5TNtLg
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
9Crwz7gwNdXN7LxUqFfZSwWRN4DnvIZzYInRBLFl6XZ0oVdUsgUN-w==
graphql
charming-crimson-hornet.slab.com/ 		117 B
314 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://charming-crimson-hornet.slab.com/graphql
Requested by
Host: cdn.slab.com
URL: https://cdn.slab.com/bundles/js/sentry-1ca6db87e5c66393eb854cf9890bdbe5.js?vsn=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eb3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be04cbb47d6a2c5b994b0e89f672d33880e6e81d7dd960ba78d2ace66fd51a53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
*/*
Referer
https://charming-crimson-hornet.slab.com/posts/mebd-sent-you-a-document-fmf0u6bu__;!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q$
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type
application/json

Response headers

cf-ray
741f138479935bf9-FRA
date
Sun, 28 Aug 2022 18:23:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://charming-crimson-hornet.slab.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-req-id
Fw-VVqzYNpRWyIQOeOLB
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
google-analytics.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QfBlWGugy5p510EIBmtx2y6XsqRIyNsq/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf78eaea38d3f752633061d945ceb00649048329acde4450c5bf06d8205fa24d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 07:36:04 GMT
content-encoding
gzip
age
1421223
x-cache
Hit from cloudfront
content-length
4745
access-control-allow-origin
*
last-modified
Mon, 08 Aug 2022 17:49:05 GMT
server
AmazonS3
etag
"725c9394a3f4482000e7a1a42aaceb41"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
CQZi2zdIPlB0ALuhgJqwCRDFm3fBvzQO
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
T9XMrff36IMkZx9c5n0dOstpb8f4pNvUneUcQxU-lTF3qWpfo1qB-w==
intercom.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/intercom/3.0.2/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/intercom/3.0.2/intercom.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QfBlWGugy5p510EIBmtx2y6XsqRIyNsq/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d1830c2339818ab302f9407a3f9ed0494fffbaf20ba45437fc41577212254cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:38:26 GMT
content-encoding
gzip
age
1676681
x-cache
Hit from cloudfront
content-length
1858
access-control-allow-origin
*
last-modified
Mon, 08 Aug 2022 17:49:05 GMT
server
AmazonS3
etag
"cceddead2afa3948c7727ea24bd54aed"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
tPGUMlT5rbKy1lcYC5dmoRc0Fm_uh8b9
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
-6_Kaf45crobACnwNWIqsuKN_BBSDg3YYqG8t9HTRUWXbtilx6fL8g==
commons.54701049fd6fb8497e9e.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QfBlWGugy5p510EIBmtx2y6XsqRIyNsq/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 14:19:46 GMT
content-encoding
gzip
age
2088201
x-cache
Hit from cloudfront
content-length
22174
access-control-allow-origin
*
last-modified
Wed, 27 Jul 2022 23:49:21 GMT
server
AmazonS3
etag
"7741fd16ad2418cd17ab981f8207b106"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
dDzNHLX4yUeFofnmOL9w4XynYZ.vfSD1
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
F6L43OGNU5AIu2GeehjFGNPoG4Y_by2nFXYsKYYp9XDwDmrX2evBJg==
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/legwahix
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Requested by
Host: charming-crimson-hornet.slab.com
URL: https://charming-crimson-hornet.slab.com/posts/mebd-sent-you-a-document-fmf0u6bu__;!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q$
Protocol
H2
Server
18.66.139.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-61.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3cae69a9c9e2c8fcaf1e0d077f494041aa13ba8e324b7aa01c38df2f05b9ad4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:21:57 GMT
content-encoding
gzip
age
71
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6168
last-modified
Thu, 25 Aug 2022 14:51:21 GMT
server
AmazonS3
etag
"978bc78772ffd28fdd2f80d46c147c7f"
x-amz-version-id
a8wDIZy09xSkwTURP99gn9Nyvp.3rA_4
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
ch0KeuEMLOzUKKhcwup-RafMmTFZlKVxb6y4fIhs-Yn1n94Un7EnyA==

Redirect headers

date
Wed, 24 Aug 2022 20:07:40 GMT
via
1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
server
AmazonS3
age
339328
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA56-P7
content-length
0
x-amz-cf-id
INGox_HUXjoCZH4VxWMFsckwfqyJHYDo5_FvAsnyeH9-vvS4XtRczw==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4630
date
Sun, 28 Aug 2022 17:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 28 Aug 2022 19:05:57 GMT
p.css
p.typekit.net/ 		5 B
195 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=ytb2blj&ht=tk&f=15705.15708&a=7949409&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ytb2blj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4848 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62
8096267
date
Sun, 28 Aug 2022 18:23:07 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
js
www.google-analytics.com/gtm/ 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-K44MXPQ&cid=1345678592.1661710987
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0cbd70cba6eb686b9e98dd53682ca7ff8accf39800f6831b76d1092b9a0d123d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:23:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41370
x-xss-protection
0
last-modified
Sun, 28 Aug 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 28 Aug 2022 18:23:07 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
225122e8394ece9952f65435fc6bdf0052c05cf71200f1c5da758593824606d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26c08f0597d2e27486a6135ddd8b75b61515ca7bfd5dbbe099b95740708eaba0

Request headers

Referer
Origin
https://charming-crimson-hornet.slab.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
application/font-woff2
truncated
/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f241fcd2abf31c8c0172a6b30b5571783d81bd58c0d4e4669c7e40ee1a159040

Request headers

Referer
Origin
https://charming-crimson-hornet.slab.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
application/font-woff2
p
api.segment.io/v1/ 		21 B
185 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QfBlWGugy5p510EIBmtx2y6XsqRIyNsq/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.117.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-117-2.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://charming-crimson-hornet.slab.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://charming-crimson-hornet.slab.com
date
Sun, 28 Aug 2022 18:23:07 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
frame-modern.e20a2d44.js
js.intercomcdn.com/ Frame 0097 		409 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.e20a2d44.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/legwahix
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-61.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72580af50eed2efbe1d26502d083f2bb933b41a2cef0e80ef2a37eee25adf813

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
jH7nG88kp7Xk4FCL.rdCIGmCakHR3ABL
content-encoding
gzip
etag
"dce580f514919a0e32a4602ef1bd44f2"
age
5482
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
114644
last-modified
Thu, 25 Aug 2022 14:49:51 GMT
server
AmazonS3
date
Sun, 28 Aug 2022 16:51:46 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
XCxv7pigMItSxwZbbqhLj3U7XX6QFKm9sGagBN2jMWsffS__-_wRNQ==
vendor-modern.b5ebae17.js
js.intercomcdn.com/ Frame 0097 		217 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.b5ebae17.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/legwahix
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-61.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bfcb5e91790d1d95b68edbf10cb150b7b541429e8939c1e1593d1c27164c8ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
cyRNOrlIM2YxXmEqTvNqeHEfIUcdBTv.
content-encoding
gzip
etag
"a581f5ca2e112447c7ddf25a61f9dd05"
age
5482
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
68866
last-modified
Thu, 25 Aug 2022 14:49:51 GMT
server
AmazonS3
date
Sun, 28 Aug 2022 16:51:46 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
twI8x-LcE6lt2uQBnQw2MlP4EnN09cBZzGnkaeccN4DBMmcisskx6g==
collect
stats.g.doubleclick.net/j/ 		1 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-84928209-2&cid=1345678592.1661710987&jid=1789037909&gjid=1706375685&_gid=798205613.1661710987&_u=aGBAgEADQAAAAE~&z=396409393
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://charming-crimson-hornet.slab.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 28 Aug 2022 18:23:07 GMT
content-type
text/plain
access-control-allow-origin
https://charming-crimson-hornet.slab.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1231308397&t=pageview&_s=1&dl=https%3A%2F%2Fcharming-crimson-hornet.slab.com%2Flogin%3Fredirect%3D%252Fposts%252Fmebd-sent-you-a-document-fmf0u6bu__%253B%2521%2521Ca6300r1Y_sBGiUM%2521-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q%2524&dp=%2Flogin&ul=en-us&de=UTF-8&dt=login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEADQ~&jid=1789037909&gjid=1706375685&cid=1345678592.1661710987&tid=UA-84928209-2&_gid=798205613.1661710987&z=1413477955
Requested by
Host: charming-crimson-hornet.slab.com
URL: https://charming-crimson-hornet.slab.com/login?redirect=%2Fposts%2Fmebd-sent-you-a-document-fmf0u6bu__%3B%21%21Ca6300r1Y_sBGiUM%21-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q%24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 01:47:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
59759
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1231308397&t=event&ni=1&_s=2&dl=https%3A%2F%2Fcharming-crimson-hornet.slab.com%2Fposts%2Fmebd-sent-you-a-document-fmf0u6bu__%3B!!Ca6300r1Y_sBGiUM!-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q%24&dp=%2Flogin&ul=en-us&de=UTF-8&dt=login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20login%20Page&ev=0&_u=aGBAgEADQAAAAE~&jid=&gjid=&cid=1345678592.1661710987&tid=UA-84928209-2&_gid=798205613.1661710987&z=129539648
Requested by
Host: charming-crimson-hornet.slab.com
URL: https://charming-crimson-hornet.slab.com/login?redirect=%2Fposts%2Fmebd-sent-you-a-document-fmf0u6bu__%3B%21%21Ca6300r1Y_sBGiUM%21-8iIopvLa24CiPLgYGqpDhH7JeVPA7Us3CDjydJr6-yytx2Cdr4I4R-6ksSlzHdO1Q%24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://charming-crimson-hornet.slab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 01:47:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
59759
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ping
api-iam.intercom.io/messenger/web/ Frame 0097 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.e20a2d44.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.219.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
c307b21db89a2aaafa5b1fb378a7f36a26f64b648b12a14f65fad7e1f64332f1
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 28 Aug 2022 18:23:08 GMT
content-encoding
gzip
x-ami-version
ami-06de637fd06ae8aee
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept,Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
0003ornl6ld96u62c6p0
x-runtime
0.344696
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"c307b21db89a2aaafa5b1fb378a7f36a"
x-ratelimit-remaining
13328
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://charming-crimson-hornet.slab.com
x-intercom-version
357f2abec193d591a554b540f96819fe48da444e
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1661710990
x-ratelimit-limit
13333
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __slab object| paceOptions object| Pace object| analytics object| Vitally function| _lrMutationObserver function| _lr_surl_cb object| __SDKCONFIG__ object| LogRocket object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| webpackChunkslab object| __SENTRY__ object| Sentry object| Phoenix object| core object| __core-js_shared__ object| process object| Prism function| Mousetrap object| webpackJsonpVitally function| setImmediate function| clearImmediate object| Headway object| regeneratorRuntime function| _LRLogger boolean| _lr_loaded object| intercomDeps function| intercomLoader object| google-analyticsDeps function| google-analyticsLoader object| webpackJsonp_name_Integration function| intercomIntegration function| Intercom function| google-analyticsIntegration string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer function| __intercomAssignLocation object| google_tag_manager object| google_optimize

6 Cookies

Domain/Path Name / Value
.slab.com/ Name: _ga
Value: GA1.2.1345678592.1661710987
.slab.com/ Name: _gid
Value: GA1.2.798205613.1661710987
.slab.com/ Name: ajs_anonymous_id
Value: 90c08d5e-49c8-4aef-8343-d9ccd96b8c90
.slab.com/ Name: _gat
Value: 1
.slab.com/ Name: intercom-id-legwahix
Value: 76b469ba-ae0a-4adf-9999-3bfe2a8af384
.slab.com/ Name: intercom-session-legwahix
Value:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'nonce-zrpNHYUw3y7eSmyByTtcVjej1c4XI8B6O6upFEHIBldlLDTxMXYVHAWXZDgTswMs' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:; report-uri https://o59832.ingest.sentry.io/api/1197065/security/?sentry_key=be62e2ea3fb544f78dd5fbf3abbd8b8a
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.segment.io
cdn.headwayapp.co
cdn.lr-in.com
cdn.segment.com
cdn.slab.com
cdn.vitally.io
charming-crimson-hornet.slab.com
js.intercomcdn.com
o59832.ingest.sentry.io
p.typekit.net
stats.g.doubleclick.net
use.typekit.net
widget.intercom.io
www.google-analytics.com
108.138.17.67
18.66.115.169
18.66.139.61
2600:9000:2250:c800:a:7b53:7380:93a1
2606:4700:3034::ac43:cefe
2606:4700::6811:eb3d
2a00:1450:4001:830::200e
2a00:1450:400c:c08::9c
2a02:26f0:11a::6867:4848
2a02:26f0:3500:16::215:148f
2a02:6ea0:cb00::2
34.120.195.249
54.69.117.2
99.83.219.81
00a6341174b9b3ee1d8c9fce575d6c13f5e99c74ac32bb17c8329f866196c30d
038854c1db8658c2d0f918c047c4f335bd11c07c4ab2686ce1a780113e3591a3
05cef48a8516fa9bc4ba9b90d3ed8e4b358f87ecbe028a6e8708705d9f83d47c
0850b4ed712b5876189e511fba6bcb70cb9cf9bd4ca9a7010a6e1377eaa3c238
0cbd70cba6eb686b9e98dd53682ca7ff8accf39800f6831b76d1092b9a0d123d
0eeeb0abb19a567d9a288cd08b5311b7eff57b5240f7e710e419e938bb8daca0
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1bfcb5e91790d1d95b68edbf10cb150b7b541429e8939c1e1593d1c27164c8ca
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
225122e8394ece9952f65435fc6bdf0052c05cf71200f1c5da758593824606d6
26c08f0597d2e27486a6135ddd8b75b61515ca7bfd5dbbe099b95740708eaba0
3cae69a9c9e2c8fcaf1e0d077f494041aa13ba8e324b7aa01c38df2f05b9ad4b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4eb527f229716f3bc731451d001ccc7f272973b763472f7da3a70fce6ab6cf6c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72580af50eed2efbe1d26502d083f2bb933b41a2cef0e80ef2a37eee25adf813
7808634de4b584356ad06673a57014ba0b4235e76a5bedd05d6f26e7fde8fe30
7d1830c2339818ab302f9407a3f9ed0494fffbaf20ba45437fc41577212254cf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc
86103ede2095d08967d6df4266416f0130841d80d807908de137b1100ceae7dc
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a93af1a44b6081bc162319d696fc3b0162849d9328591b47b9242b2e53289012
a9aec56c5d6896c49849b6de79fe7be0044fa122878b8c418988370b6d40446d
b1e8ea4627d953476891a4fcb5af617b47e0b7e08b1e34f6125babd05af8bf85
be04cbb47d6a2c5b994b0e89f672d33880e6e81d7dd960ba78d2ace66fd51a53
bf78eaea38d3f752633061d945ceb00649048329acde4450c5bf06d8205fa24d
c1f22447a4e2c8db94463a39aaf9aaf460292dbb1ff849145982595cc7f05d5c
c307b21db89a2aaafa5b1fb378a7f36a26f64b648b12a14f65fad7e1f64332f1
d6aa604c9492c4a9408694db37fc784d36faae3434408afafbedb222ac77f95f
e716ff3b544adaa1d329f5060bf5b0d0b1dadf8ccd9757971b4d314bb3f2c840
e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
f241fcd2abf31c8c0172a6b30b5571783d81bd58c0d4e4669c7e40ee1a159040