www.canddi.com Open in urlscan Pro
151.139.242.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mail.canddi.co/0460c477b96c7c30b213395287a9af35d46e8d5f9658d8e9e140a9f263ae134b/e4b673e66dcdbce3e7a8d458c30da0f...
Effective URL:
https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&...
Submission: On November 25 via api (November 25th 2019, 1:47:51 pm UTC) from CH

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 21 domains to perform 55 HTTP transactions. The main IP is 151.139.242.5, located in Dallas, United States and belongs to HIGHWINDS2 - Highwinds Network Group, Inc., US. The main domain is www.canddi.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 18th 2019. Valid for: 2 years.

This is the only time www.canddi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	154.46.89.8 154.46.89.8	174 (COGENT-174) (COGENT-174 - Cogent Communications)
10	151.139.242.5 151.139.242.5	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	2606:4700:10:... 2606:4700:10::6814:f874	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:21f... 2600:9000:21f3:6200:9:72eb:eb00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE - Google LLC)
2	147.75.85.99 147.75.85.99	54825 (PACKET) (PACKET - Packet Host)
1	2a02:26f0:10c... 2a02:26f0:10c:38f::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.148.115.36 146.148.115.36	15169 (GOOGLE) (GOOGLE - Google LLC)
5	151.139.243.18 151.139.243.18	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
9	2606:4700:10:... 2606:4700:10::6814:24a1	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2600:9000:20e... 2600:9000:20eb:5400:c:2b4b:7a40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
2 3	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2a05:f500:11:... 2a05:f500:11:101::b93f:9001	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	147.75.84.33 147.75.84.33	54825 (PACKET) (PACKET - Packet Host)
5	143.204.101.51 143.204.101.51	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	34.249.79.181 34.249.79.181	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.17.160.182 52.17.160.182	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.222.169.125 52.222.169.125	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
55	25

1 154.46.89.8 (United States) 1 redirects

ASN174 (COGENT-174 - Cogent Communications, US)

mail.canddi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.139.242.5 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

www.canddi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:f874 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:6200:9:72eb:eb00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

data.staticfiles.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.85.99 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-5

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:38f::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.148.115.36 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 36.115.148.146.bc.googleusercontent.com

canddi.calltracks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.243.18 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

cdns.canddi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.176 (United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6814:24a1 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
settings.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:5400:c:2b4b:7a40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn.ppcprotect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9c (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9001 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.33 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.101.51 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-51.fra50.r.cloudfront.net

static.activedemand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.79.181 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-79-181.eu-west-1.compute.amazonaws.com

i.canddi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.160.182 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-160-182.eu-west-1.compute.amazonaws.com

s.canddi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.169.125 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-169-125.fra54.r.cloudfront.net

collection.activedemand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	canddi.com www.canddi.com cdns.canddi.com i.canddi.com	819 KB
9	crisp.chat client.crisp.chat settings.crisp.chat image.crisp.chat	184 KB
6	activedemand.com static.activedemand.com collection.activedemand.com	119 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	google.de www.google.de	331 B
3	google.com 2 redirects www.google.com	543 B
3	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	72 KB
3	google-analytics.com 2 redirects www.google-analytics.com	18 KB
2	facebook.com www.facebook.com	456 B
2	facebook.net connect.facebook.net	112 KB
1	canddi.io s.canddi.io	441 B
1	ppcprotect.com cdn.ppcprotect.com	323 B
1	simpli.fi tag.simpli.fi	766 B
1	calltracks.com canddi.calltracks.com	351 B
1	bizographics.com sjs.bizographics.com	2 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	staticfiles.io data.staticfiles.io	855 B
1	googletagmanager.com www.googletagmanager.com	24 KB
1	calendly.com calendly.com
1	canddi.co 1 redirects mail.canddi.co	561 B
55	21

	Domain	Requested by
10	www.canddi.com	www.canddi.com
6	client.crisp.chat	www.canddi.com client.crisp.chat
5	static.activedemand.com	data.staticfiles.io static.activedemand.com
5	cdns.canddi.com	www.googletagmanager.com cdns.canddi.com
3	www.google.de	www.canddi.com
3	www.google.com	2 redirects www.canddi.com
3	www.google-analytics.com	2 redirects www.googletagmanager.com
2	i.canddi.com	cdns.canddi.com
2	settings.crisp.chat	client.crisp.chat
2	www.facebook.com	www.canddi.com connect.facebook.net
2	px.ads.linkedin.com	1 redirects www.canddi.com
2	stats.g.doubleclick.net	2 redirects
2	connect.facebook.net	www.canddi.com connect.facebook.net
1	image.crisp.chat
1	collection.activedemand.com	static.activedemand.com
1	s.canddi.io	cdns.canddi.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.linkedin.com	1 redirects
1	cdn.ppcprotect.com	www.canddi.com
1	tag.simpli.fi	www.googletagmanager.com
1	canddi.calltracks.com	www.canddi.com
1	sjs.bizographics.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	data.staticfiles.io	www.googletagmanager.com
1	www.googletagmanager.com	www.canddi.com
1	calendly.com	www.canddi.com
1	mail.canddi.co	1 redirects
55	30

This site contains no links.

Subject Issuer	Validity	Valid
www.canddi.com Sectigo RSA Domain Validation Secure Server CA	`2019-08-18` - `2021-08-23`	2 years	crt.sh
*.calendly.com Go Daddy Secure Certificate Authority - G2	`2018-01-08` - `2021-04-07`	3 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.staticfiles.io Amazon	`2019-03-12` - `2020-04-12`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-10-06` - `2020-01-04`	3 months	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2018-04-13` - `2020-04-17`	2 years	crt.sh
*.calltracks.com Go Daddy Secure Certificate Authority - G2	`2018-11-06` - `2020-11-06`	2 years	crt.sh
cdns.canddi.com COMODO RSA Domain Validation Secure Server CA	`2017-07-25` - `2020-09-22`	3 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2017-05-11` - `2020-05-10`	3 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
crisp.chat CloudFlare Inc ECC CA-2	`2019-08-28` - `2020-08-27`	a year	crt.sh
cdn.ppcprotect.com Amazon	`2019-03-22` - `2020-04-22`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-10-06` - `2020-01-04`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-10-06` - `2020-01-04`	3 months	crt.sh
*.activedemand.com Amazon	`2019-03-18` - `2020-04-18`	a year	crt.sh
i.canddi.com Amazon	`2019-04-08` - `2020-05-08`	a year	crt.sh
s.canddi.io Amazon	`2019-03-24` - `2020-04-24`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
Frame ID: 8E37618C4669C5692943050FD44595FB
Requests: 56 HTTP requests in this frame

Frame: https://calendly.com/canddi_sales/canddi-demo?embed_domain=www.canddi.com&embed_type=Inline&
Frame ID: C99971965B747FB7CF90CDD72CBD4734
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Frame ID: A5C3E1C3FCF4F349731CEA5D11A5B630
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mail.canddi.co/0460c477b96c7c30b213395287a9af35d46e8d5f9658d8e9e140a9f263ae134b/e4b673e66dc... HTTP 302
https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Page Statistics

55
Requests

100 %
HTTPS

56 %
IPv6

21
Domains

30
Subdomains

25
IPs

5
Countries

1365 kB
Transfer

4386 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mail.canddi.co/0460c477b96c7c30b213395287a9af35d46e8d5f9658d8e9e140a9f263ae134b/e4b673e66dcdbce3e7a8d458c30da0fd/le35 HTTP 302
https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2018875837&t=pageview&_s=1&dl=https%3A%2F%2Fwww.canddi.com%2Fbook-now%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&ul=en-us&de=UTF-8&dt=Book%20a%20Demonstration&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=253987469&gjid=779769522&cid=417801796.1574689654&tid=UA-15069217-1&_gid=1067711895.1574689654&_r=1&gtm=2wgav95ZNJCH&z=1239424113 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15069217-1&cid=417801796.1574689654&jid=253987469&_gid=1067711895.1574689654&gjid=779769522&_v=j79&z=1239424113 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=417801796.1574689654&jid=253987469&_v=j79&z=1239424113 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=417801796.1574689654&jid=253987469&_v=j79&z=1239424113&slf_rd=1&random=75059695

Request Chain 24

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1232906&url=https%3A%2F%2Fwww.canddi.com%2Fbook-now%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&time=1574689654425 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1232906%26url%3Dhttps%253A%252F%252Fwww.canddi.com%252Fbook-now%252F%253Fce%253Dmarketing%2540vusa.com%2526cfn%253D%2526cln%253D%2526ce_b4%253DbWFya2V0aW5nQHZ1c2EuY29t%2526cfn_b4%253D%2526cln_b4%253D%2526cc_b4%253D%2526cph_b4%253D%2526utm_source%253De-shot%2526utm_medium%253Demail%2526utm_campaign%253DKnockknockLFUSA%26time%3D1574689654425%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1232906&url=https%3A%2F%2Fwww.canddi.com%2Fbook-now%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&time=1574689654425&liSync=true

Request Chain 50

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2018875837&t=timing&_s=2&dl=https%3A%2F%2Fwww.canddi.com%2Fbook-now%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&ul=en-us&de=UTF-8&dt=Book%20a%20Demonstration&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&plt=1773&pdt=1&dns=2&rrt=163&srt=98&tcp=37&dit=459&clt=459&_gst=506&_gbt=528&_cst=410&_cbt=500&_u=aHBAAAAB~&jid=561171598&gjid=459292021&cid=417801796.1574689654&tid=UA-15069217-1&_gid=1067711895.1574689654&_r=1&gtm=2wgav95ZNJCH&z=1149121934 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15069217-1&cid=417801796.1574689654&jid=561171598&_gid=1067711895.1574689654&gjid=459292021&_v=j79&z=1149121934 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=417801796.1574689654&jid=561171598&_v=j79&z=1149121934 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=417801796.1574689654&jid=561171598&_v=j79&z=1149121934&slf_rd=1&random=559633081

55 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.canddi.com/book-now/
Redirect Chain

http://mail.canddi.co/0460c477b96c7c30b213395287a9af35d46e8d5f9658d8e9e140a9f263ae134b/e4b673e66dcdbce3e7a8d458c30da0fd/le35
https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA

15 KB
5 KB

139ms
98ms

Document
text/html

151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

f2a91f92c944a38993b422fb532889826f46ed31b4bd93158bac7e417782f8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.canddi.com
:scheme: https
:path: /book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Mon, 25 Nov 2019 13:47:34 GMT
content-type: text/html
content-length: 4498
last-modified: Thu, 21 Nov 2019 10:48:52 GMT
etag: W/"e6a35eacf49bfaf1d2b09f710cbfc63b"
expires: Wed, 25 Dec 2019 13:47:34 GMT
cache-control: max-age=2592000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
if-you-can-read-this-then-contact-us: jobs@canddi.com
ignore: Now
content-encoding: gzip
vary: Accept-Encoding
x-cache: MISS
accept-ranges: bytes

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: 0
Location: https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
Server: Microsoft-IIS/7.5
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge,chrome=1
Date: Mon, 25 Nov 2019 13:47:27 GMT
Content-Length: 347

GET
H2 200 fontawesome-webfont.woff2
www.canddi.com/static/fonts/ 75 KB
76 KB 22ms
21ms Font
font/woff2 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canddi.com/static/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.canddi.com
URL: https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
Origin: https://www.canddi.com

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 77160
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:16 GMT
server: nginx
etag: "af7ae505a9eed503f8b8e6982036873e"
x-frame-options: SAMEORIGIN
content-type: font/woff2
expires: Wed, 25 Dec 2019 13:47:34 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 053f7e575d936b1b46b604c1d7685046.css
www.canddi.com/static/css/ 364 KB
71 KB 49ms
48ms Stylesheet
text/css 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canddi.com/static/css/053f7e575d936b1b46b604c1d7685046.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

f60a71fac4d43f29a4bf997416dbbb087bf0dacdcbe1acd8cc9bcc1e8bd17e2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 21 Nov 2019 10:48:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"053f7e575d936b1b46b604c1d7685046"
vary: Accept-Encoding
content-type: text/css
expires: Wed, 25 Dec 2019 13:47:34 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 logo.png
www.canddi.com/static/img/ 3 KB
4 KB 46ms
45ms Image
image/png 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

34e527f9cabcc408f7aa5d60aef2478722ec730561469b88b50f6cee105bfca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 3522
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 08 Oct 2019 15:39:31 GMT
server: nginx
etag: "a0789435e584e5d8d23059caf7fd9009"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Wed, 25 Dec 2019 13:47:34 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 1a1867b9446993044f9b52585ba34820.js Show response
www.canddi.com/static/js/ 546 KB
178 KB 52ms
51ms Script
application/javascript 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canddi.com/static/js/1a1867b9446993044f9b52585ba34820.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

efc2ad6fbf06c354f43596ca543becde5c8a97b377a8633f6addb99c5ab13b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 21 Nov 2019 10:48:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1a1867b9446993044f9b52585ba34820"
vary: Accept-Encoding
content-type: application/javascript
expires: Wed, 25 Dec 2019 13:47:34 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 canddi-demo
calendly.com/canddi_sales/ Frame C999 0
0 399ms
340ms Document
text/html 2606:4700:10::6814:f874
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://calendly.com/canddi_sales/canddi-demo?embed_domain=www.canddi.com&embed_type=Inline&

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:f874 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Frame-Options	ALLOWALL

Request headers

:method: GET
:authority: calendly.com
:scheme: https
:path: /canddi_sales/canddi-demo?embed_domain=www.canddi.com&embed_type=Inline&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 25 Nov 2019 13:47:34 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dbf189c103c2d781772da9a995ce273fa1574689654; expires=Wed, 25-Dec-19 13:47:34 GMT; path=/; domain=.calendly.com; HttpOnly _calendly_session=eDVQRG10bks2V1ArVUxLVFlnNTB5Y2pvd0xZTm00Z2VPZ0NjUXJHbXhucWlibHVac1UzT3gwRkNvcStBU3h4RzBhSTc1bnpWSGRDQkticFFpYWdiYjFXU0ozV3Z3WXd3ak4xeG5NbnZScUYrSkJncm5iRlpscW80ZTU3SHhxS2FTWGpQeENzcUhPZGVLVWlrRFplWE8xR2syREdwT3h2dDM2RkJ5dUtLa1loZ0RMVlNTZEgxV2R0WUVvOUhXM0VFVHc0eFZQUDlqK3BwRDlhTUNtbGxjdHNzbFp1YkdtMWVGWjJzL0ZvZVkzZTIxWGFSZmN3ZWdsdm1qcHU5cmNETkttblRZcitJQ1NUU2JTczl0dy9YNmdHb1ZRQ3E1Y01CdithL0tROGIvNHZBNVlpbHlONHdobWJWYng0SjVaSWFsK0Fpa0VXcU96K3c5b2h4V00zcGlvSUxSeXVHdW8rWW1xWUxSdUNCbVdjM1NxTVRBTUxMZWNuMnFDWGxZL3JvV0dpTjJrUFFsVzVGbXdneTdVUUlxa3h4RDBPR1NCaHo4VWZuT0FzZUdxSWNJTUZjNXpOYWlZVWxuK0xkdm1TOW03NXd4UW1kbXNUTVRqeFB6cmk0VmpXSnVEWE1nY3Q4NWxGK0EwVkI3THJJeFZLZWh3VUlRRFgwNGhFZ0t0NGItLVBzSVpBMUgrTHRqbDhxdmpMOGtMNFE9PQ%3D%3D--7a911a34e36983e27cc70fa6e395c4da4659a39b; path=/; expires=Mon, 16 Dec 2019 13:47:34 -0000; secure; HttpOnly
x-frame-options: ALLOWALL
cache-control: max-age=0, private, must-revalidate
x-request-id: 910e4e1a-a13b-49ce-85b5-bc472bde1af8
x-runtime: 0.209359
strict-transport-security: max-age=31556952; includeSubDomains; preload
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 53b41342fec7cb9c-VIE
content-encoding: br

GET
H2 200 SourceSansPro-Semibold.ttf
www.canddi.com/static/fonts/ 146 KB
147 KB 19ms
19ms Font
font/ttf 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canddi.com/static/fonts/SourceSansPro-Semibold.ttf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

ad9bf535fc18d27ba929b766058bf5381649bc3d9092232c00e069f420054232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.canddi.com/static/css/053f7e575d936b1b46b604c1d7685046.css
Origin: https://www.canddi.com

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 149636
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:16 GMT
server: nginx
etag: "52984b3a4e09652a6feee711d5c169fd"
x-frame-options: SAMEORIGIN
content-type: font/ttf
expires: Wed, 25 Dec 2019 13:47:34 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 SourceSansPro-Regular.ttf
www.canddi.com/static/fonts/ 146 KB
147 KB 27ms
27ms Font
font/ttf 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canddi.com/static/fonts/SourceSansPro-Regular.ttf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

6fc6e8f223cb7a88d7e0d07af0aa7c45084be3c2b330622c06b5e6c6d9f74768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.canddi.com/static/css/053f7e575d936b1b46b604c1d7685046.css
Origin: https://www.canddi.com

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 149972
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:16 GMT
server: nginx
etag: "ba6cad25afe01d394e830f548a7f94df"
x-frame-options: SAMEORIGIN
content-type: font/ttf
expires: Wed, 25 Dec 2019 13:47:34 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 74 KB
24 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZNJCH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1c29bb7c828e77ce200e0dd5ea994fd869650979c8085fae062c38ce0f859cf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: br
last-modified: Mon, 25 Nov 2019 12:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 24679
x-xss-protection: 0
expires: Mon, 25 Nov 2019 13:47:34 GMT

GET
H2 200 search.json Show response
www.canddi.com/ 155 KB
25 KB 20ms
19ms XHR
application/json 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canddi.com/search.json

Requested by

Host: www.canddi.com
URL: https://www.canddi.com/static/js/1a1867b9446993044f9b52585ba34820.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

f9f63713fb3f5413ddc4b4b182e0064c552595ef1beb6c61a9f0dcbf4676da15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
ignore: Now
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 21 Nov 2019 10:48:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"e2fb8336b362f4e232187d9032ff4d72"
if-you-can-read-this-then-contact-us: jobs@canddi.com
strict-transport-security: max-age=31536000; includeSubdomains
content-type: application/json
cache-control: max-age=2592000
accept-ranges: bytes
expires: Wed, 25 Dec 2019 13:47:34 GMT

GET
H2 200 logo2x.svg
www.canddi.com/static/img/ 10 KB
4 KB 18ms
17ms Image
image/svg+xml 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/logo2x.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

71f2f495be40a09089c6e18f6c6c8a0dd871d982dd74a293412d1484bb4275ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"afdc5b5d5a638d4d95f4c928c2a52529"
vary: Accept-Encoding
content-type: image/svg+xml
expires: Wed, 25 Dec 2019 13:47:34 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 heading-banner-image.png
www.canddi.com/static/img/design/ 43 KB
43 KB 19ms
19ms Image
image/png 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/design/heading-banner-image.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

613b9f6fdf9b4ad328db5ea860da929d9ee1ef59a89799ce7d0b5ed2d868ca7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 43594
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 08 Oct 2019 15:39:28 GMT
server: nginx
etag: "05230d5821a80b64b83c056cfbae6513"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Wed, 25 Dec 2019 13:47:34 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 load.js Show response
data.staticfiles.io/accounts/8066aa8f-4e6548-71715d10/ 505 B
855 B 429ms
383ms Script
application/x-javascript 2600:9000:21f3:6200:9:72eb:eb00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://data.staticfiles.io/accounts/8066aa8f-4e6548-71715d10/load.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNJCH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:6200:9:72eb:eb00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3b7dc096a27557fc9970aca1037ddc42526402bf5ca6e51892117aef5a8beec

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:35 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
last-modified: Mon, 18 Nov 2019 14:50:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "77464a73aa2744f821cc5d435818988e"
x-cache: Miss from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 505
x-amz-cf-id: 9-aZt6_4_rhjmfAeKwfPe3TDLOzPJipj9yxRYCkesx73Iq4f3HWPXw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNJCH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4437
date: Mon, 25 Nov 2019 12:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 25 Nov 2019 14:33:37 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 25 KB
10 KB 87ms
41ms Script
text/javascript 172.217.18.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNJCH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

69e3a796f4b120879065a812b95b56fd4d28f88faf8c1976ad9b0fa2f31dc0eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9614
x-xss-protection: 0
server: cafe
etag: 5296095546589048175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Nov 2019 13:47:34 GMT

GET
H2 200 hotjar-1323384.js Show response
static.hotjar.com/c/ 3 KB
2 KB 112ms
63ms Script
application/javascript 147.75.85.99
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1323384.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNJCH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.85.99 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-5

Software

openresty /

Resource Hash

4fdba5a23d4c1fa69042f05e73c46a79a195883db44afb6bae51bd588369b2b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 357
status: 200
section-io-cache: Hit
vary: Accept-Encoding
content-length: 1609
x-cache-hit: 1
server: openresty
x-frame-options: SAMEORIGIN
etag: W/6a3085e311f3fa9565849bcadf02ef2c
access-control-max-age: 600
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.079
accept-ranges: bytes
section-io-id: 2d13012f248b14aac39807ccddde999a

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 3 KB
2 KB 41ms
10ms Script
application/x-javascript 2a02:26f0:10c:38f::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNJCH
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:38f::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 13:47:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=23558
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H/1.1 206
Partial Content loader.js Show response
canddi.calltracks.com/wnd/ 70 B
351 B 114ms
25ms Script
text/javascript 146.148.115.36
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://canddi.calltracks.com/wnd/loader.js
Requested by: Host: www.canddi.com
URL: https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.148.115.36 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 36.115.148.146.bc.googleusercontent.com
Software: Calltracks /
Resource Hash: cbd91955580dba0003f49ccea7b4722091f82bd29c09c6b7c10231048b78f524

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.003844
Date: Mon, 25 Nov 2019 13:47:34 GMT
Server: Calltracks
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
X-Request-Id: fe9b5577-72ba-4ec5-81df-afc7126b7149

GET
H2 200 ee4f9bc0af0bbed6283e07c8dd334f49.js Show response
cdns.canddi.com/p/ 97 KB
35 KB 84ms
40ms Script
application/javascript 151.139.243.18
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNJCH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.243.18 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

8e294a96be419e04c05744fef9dd3cd4acb18076e7c1c8f8806f14d9f82cfc84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: gzip
last-modified: Mon, 25 Nov 2019 13:46:33 GMT
server: nginx
vary: Accept, Accept-Encoding
x-cache: HIT
p3p: policyref="https://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
status: 200
cache-control: max-age=1800, public
x-server: dashboard-i-02f4fd21a13896135
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Nov 2019 14:16:33 GMT

GET
H2 200 43f4b410-5c4e-0136-4aed-067f653fa718 Show response
tag.simpli.fi/sifitag/ 0
766 B 82ms
39ms Script
application/javascript 169.50.137.176
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/43f4b410-5c4e-0136-4aed-067f653fa718

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNJCH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 25 Nov 2019 13:47:31 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
x-request-id: 2nd6np8btoj6dg4dgkjdq0o3
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
27 KB 34ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f20f83cb7683a1a3138cd52201d83436e33a5e67ef0b9c96bbdab860b5f7da16

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 26765
x-xss-protection: 0
pragma: public
x-fb-debug: QPaQPuMjSA57E5HmX/BhGrNiQNzWBBDwahPwIJGczV1UxAua2WlxnmyZU5f/nA1rTcdXwLWNA1niVEIDktwbQA==
x-fb-trip-id: 420120009
date: Mon, 25 Nov 2019 13:47:34 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 l.js Show response
client.crisp.chat/ 11 KB
4 KB 85ms
38ms Script
application/javascript 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1df35b464ca66ab5f03a478a311068caad7e065b924081b3cad0083382fe6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 607
status: 200
access-control-max-age: 300
alt-svc: h3-23=":443"; ma=86400
last-modified: Fri, 11 Oct 2019 15:07:44 GMT
server: cloudflare
etag: W/"5da09ac0-2c98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=86400
access-control-allow-credentials: false
cf-ray: 53b413442db48c62-VIE
access-control-allow-headers: Content-Type, Origin
expires: Tue, 26 Nov 2019 13:37:27 GMT

GET
H2 200 va-monitor.js Show response
cdn.ppcprotect.com/tracking/ 0
323 B 68ms
24ms Script
application/javascript 2600:9000:20eb:5400:c:2b4b:7a40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ppcprotect.com/tracking/va-monitor.js
Requested by: Host: www.canddi.com
URL: https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5400:c:2b4b:7a40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 23:50:02 GMT
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Sun, 13 Oct 2019 16:54:13 GMT
server: AmazonS3
age: 50253
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: wVyjjunEHmPMAGSACXlvOiDnixse0jvYRytHsxVrReMVNNCC8oXn5Q==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2018875837&t=pageview&_s=1&dl=https%3A%2F%2Fwww.canddi.com%2Fbook-now%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5n...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15069217-1&cid=417801796.1574689654&jid=253987469&_gid=1067711895.1574689654&gjid=779769522&_v=j79&z=1239424113
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=417801796.1574689654&jid=253987469&_v=j79&z=1239424113
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=417801796.1574689654&jid=253987469&_v=j79&z=1239424113&slf_rd=1&random=75059695

42 B
110 B

28ms
28ms

Image
image/gif

2a00:1450:4001:800::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=417801796.1574689654&jid=253987469&_v=j79&z=1239424113&slf_rd=1&random=75059695

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 13:47:34 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Nov 2019 13:47:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=417801796.1574689654&jid=253987469&_v=j79&z=1239424113&slf_rd=1&random=75059695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 292704578056651 Show response
connect.facebook.net/signals/config/ 349 KB
85 KB 28ms
26ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/292704578056651?v=2.9.13&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

fb110056d496b51e4a36eeef35b08edc61a14bb870b7c3651ecac687482c8d24

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 87142
x-xss-protection: 0
pragma: public
x-fb-debug: 0xSJywunnf+wDTVJO+C3zLfHudXsru7ZN3oVcYx98DXnqICGNYK7ddLqzLIhwpUleqrKE0YcEuL/T8+pF2VggQ==
x-fb-trip-id: 420120009
date: Mon, 25 Nov 2019 13:47:34 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1232906&url=https%3A%2F%2Fwww.canddi.com%2Fbook-now%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1232906%26url%3Dhttps%253A%252F%252Fwww.canddi.com%252Fbook-now%252F%253Fce%253Dm...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1232906&url=https%3A%2F%2Fwww.canddi.com%2Fbook-now%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3...

0
95 B

162ms
161ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1232906&url=https%3A%2F%2Fwww.canddi.com%2Fbook-now%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&time=1574689654425&liSync=true
Requested by: Host: www.canddi.com
URL: https://www.canddi.com/book-now/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 20
x-li-uuid: n1B16OVr2hWg6Bf0misAAA==

Redirect headers

date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
x-li-pop: prod-tln1
content-length: 20
x-li-uuid: MARG3OVr2hXgn/cy0SoAAA==
pragma: no-cache
server: Play
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1232906&url=https%3A%2F%2Fwww.canddi.com%2Fbook-now%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&time=1574689654425&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1017440597/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017440597/?random=1574689654469&cv=9&fst=1574689654469&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.canddi.com%2Fbook-now%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&tiba=Book%20a%20Demonstration&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

334fb3cfb48c75a7fc2c932152e1a38e68b145884da3c6a23527f064dd034fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1047
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 client.js Show response
client.crisp.chat/static/javascripts/ 517 KB
100 KB 37ms
35ms Script
application/javascript 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?b51444a

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bae2a27d8d82e056ea53c5771cad8107201cfd3da69e687b0e0d7be8b923b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 606
status: 200
access-control-max-age: 300
alt-svc: h3-23=":443"; ma=86400
last-modified: Fri, 11 Oct 2019 15:07:44 GMT
server: cloudflare
etag: W/"5da09ac0-8137e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
cf-ray: 53b413447df28c62-VIE
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client_default.css
client.crisp.chat/static/stylesheets/ 506 KB
48 KB 43ms
42ms Stylesheet
text/css 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?b51444a

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

13bda6ad7990f7edd80fe96cb4b3314d30ef7fa4d5dba9dca0f56d9d695e1887

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 607
status: 200
access-control-max-age: 300
alt-svc: h3-23=":443"; ma=86400
last-modified: Fri, 11 Oct 2019 15:07:44 GMT
server: cloudflare
etag: W/"5da09ac0-7e84b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
cf-ray: 53b413448df38c62-VIE
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
350 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=292704578056651&ev=PageView&dl=https%3A%2F%2Fwww.canddi.com%2Fbook-now%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&rl=&if=false&ts=1574689654487&sw=1600&sh=1200&v=2.9.13&r=stable&ec=0&o=30&fbp=fb.1.1574689654487.1007614876&it=1574689654422&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Mon, 25 Nov 2019 13:47:34 GMT

GET
H2 200 modules.9447269af5bc5fb31020.js Show response
script.hotjar.com/ 399 KB
70 KB 120ms
59ms Script
application/javascript 147.75.84.33
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.9447269af5bc5fb31020.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1323384.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.84.33 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software: /
Resource Hash: ed04a4f7a5147b7dc5f87315dd42bcb5fed826b66460a588bfbe80c36128e4b6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: br
last-modified: Mon, 25 Nov 2019 12:36:55 GMT
access-control-allow-origin: *
etag: "54deed1ca67aca1f7f91732786b0f16b"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.025
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: a4a64ae25e70fea5a8d04495c1378f6f
content-length: 71046

GET
H2 200 /
www.google.com/pagead/1p-user-list/1017440597/ 42 B
161 B 22ms
21ms Image
image/gif 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1017440597/?random=1574689654469&cv=9&fst=1574686800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&frm=0&url=https%3A%2F%2Fwww.canddi.com%2Fbook-now%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&tiba=Book%20a%20Demonstration&async=1&fmt=3&is_vtc=1&random=3828566056&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 13:47:34 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1017440597/ 42 B
111 B 23ms
22ms Image
image/gif 2a00:1450:4001:800::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1017440597/?random=1574689654469&cv=9&fst=1574686800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&frm=0&url=https%3A%2F%2Fwww.canddi.com%2Fbook-now%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&tiba=Book%20a%20Demonstration&async=1&fmt=3&is_vtc=1&random=3828566056&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 13:47:34 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-b736908ce6b0e933fad3a2e45df61b38.html
vars.hotjar.com/ Frame A5C3 0
0 98ms
50ms Document
text/html 147.75.85.99
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1323384.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.85.99 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-5
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-b736908ce6b0e933fad3a2e45df61b38.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 25 Nov 2019 13:47:34 GMT
content-type: text/html
content-length: 808
cache-control: max-age=31536000
content-encoding: br
last-modified: Tue, 12 Nov 2019 13:04:25 GMT
etag: "ed7551919779fd07dbfe6d776c643379"
section-io-origin-status: 200
section-io-origin-time-seconds: 0.027
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: 327027f80f653f2cb7997ff04586abdd

GET
H2 200 / Show response
settings.crisp.chat/client/website/de227cd0-2f63-4cc0-a00a-8c6fb9983abd/prelude/ 78 B
195 B 31ms
30ms Script
application/javascript 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.crisp.chat/client/website/de227cd0-2f63-4cc0-a00a-8c6fb9983abd/prelude/?callback=window.%24crisp.__spool.website_handler&2019-10-25-14-47

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b51444a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

52aa7878d55c696e14ae20021c2256fb681cdc53e23c7c28ac87249a960ec7de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 25
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 53b413453e5e8c62-VIE
alt-svc: h3-23=":443"; ma=86400
expires: Mon, 25 Nov 2019 14:17:09 GMT

GET
H/1.1 200
OK ad.collect.min.js.jgz Show response
static.activedemand.com/public/javascript/ 96 KB
34 KB 118ms
29ms Script
application/javascript 143.204.101.51
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activedemand.com/public/javascript/ad.collect.min.js.jgz
Requested by: Host: data.staticfiles.io
URL: https://data.staticfiles.io/accounts/8066aa8f-4e6548-71715d10/load.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.51 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-51.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e43ad81f077a21469d64f353001163e051064f63013a6f685233b11871147d2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 00:50:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Sep 2018 19:26:33 GMT
Server: AmazonS3
Age: 46638
ETag: "e7de37c79345d4e42bafd5f076a2ae4c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34332
X-Amz-Cf-Id: BjxC5RYJfEQnJAMI3ZnDLd4vwlKoNiK6SpKDDlXRnxg1arqwax6Jsg==

GET
H/1.1 200
OK i.js Show response
i.canddi.com/ 193 B
772 B 186ms
33ms Script
application/javascript 34.249.79.181
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://i.canddi.com/i.js

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.79.181 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-249-79-181.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6ab8a8edcc7ddd5111804f88291545c3dae7d11eb5d79b2fe9be0e507d9efba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 13:47:34 GMT
Last-Modified: Mon, 25 Nov 2019 13:47:34 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: policyref="http://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
Cache-Control: max-age=94608000, private
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 193
Expires: Thu, 24 Nov 2022 13:47:34 GMT

GET
H2 200 capture.js Show response
cdns.canddi.com/ 289 KB
82 KB 22ms
22ms Script
application/javascript 151.139.243.18
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.canddi.com/capture.js

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.243.18 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

1fad652d06a7eba612b13a8580de0cce88ecef991d2217de7acabff03522e762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
content-encoding: gzip
last-modified: Mon, 25 Nov 2019 13:33:36 GMT
server: nginx
etag: W/"5ddbd830-4838a"
vary: Accept-Encoding
x-cache: HIT
p3p: policyref="https://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
status: 200
cache-control: max-age=31104000
x-server: dashboard-i-02f4fd21a13896135
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 19 Nov 2020 13:36:27 GMT

GET
H2 200 null Show response
cdns.canddi.com/i/ee4f9bc0af0bbed6283e07c8dd334f49/ip/bid/ 63 B
496 B 38ms
38ms Script
application/javascript 151.139.243.18
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.canddi.com/i/ee4f9bc0af0bbed6283e07c8dd334f49/ip/bid/null

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.243.18 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

a7b23c89ee977750dd03b53d0bb715cf84933af95f576f0a73700723e5da4bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:34 GMT
x-cache: HIT
p3p: policyref="https://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 63
last-modified: Mon, 25 Nov 2019 13:46:33 GMT
server: nginx
etag: 4dc38338cbff928f726f03a85ff14ccf
vary: Accept
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800, public
x-server: dashboard-i-0b253dc646cc144be
accept-ranges: bytes
expires: Mon, 25 Nov 2019 14:16:33 GMT

GET
H2 200 / Show response
settings.crisp.chat/client/website/de227cd0-2f63-4cc0-a00a-8c6fb9983abd/ 4 KB
1 KB 30ms
29ms Script
application/javascript 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.crisp.chat/client/website/de227cd0-2f63-4cc0-a00a-8c6fb9983abd/?callback=window.%24crisp.__spool.website_handler&1574676080818

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b51444a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0c1b48701cb5d4dd2f4fbf0b844ee4d48bf0b00d50c2913454fc96da94d7708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 62
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 53b41347bfce8c62-VIE
alt-svc: h3-23=":443"; ma=86400
expires: Mon, 25 Nov 2019 14:08:41 GMT

GET
H/1.1 200
OK ad.main.min.js.jgz Show response
static.activedemand.com/public/javascript/ 46 KB
12 KB 51ms
50ms Script
application/javascript 143.204.101.51
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activedemand.com/public/javascript/ad.main.min.js.jgz?_=1574689654998
Requested by: Host: static.activedemand.com
URL: https://static.activedemand.com/public/javascript/ad.collect.min.js.jgz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.51 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-51.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 087155ea423b3973d3bf16f2a4ece851891a2977e4549a515b636ec0a84b8e38

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 00:50:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Nov 2019 23:21:57 GMT
Server: AmazonS3
Age: 46638
ETag: "87ce5a6ee8f28bf63d6bf940147d8b83"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11696
X-Amz-Cf-Id: w24hLIujazUztv2u1XbgQxe1rNjYeRNVxieIqtj9ejLSaoNEkmw1cg==

POST
H2 200 /
www.facebook.com/tr/ 0
106 B 7ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://www.canddi.com
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryyxbxiGYA8ASMTmfn

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://www.canddi.com
date: Mon, 25 Nov 2019 13:47:35 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-23=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK s.js Show response
i.canddi.com/s/ee4f9bc0af0bbed6283e07c8dd334f49/ 134 B
739 B 34ms
34ms Script
application/javascript 34.249.79.181
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://i.canddi.com/s/ee4f9bc0af0bbed6283e07c8dd334f49/s.js

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.79.181 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-249-79-181.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7d6741be64fa2796dbe1394e00a2f8c2c87d65cc80752702b274351a266844f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 13:47:35 GMT
Last-Modified: Mon, 25 Nov 2019 13:47:35 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: policyref="http://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
Cache-Control: max-age=3600, private
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 134
Expires: Mon, 25 Nov 2019 15:47:35 GMT

GET
H2 200 3bcaab393b35ffddeb9af9a066edcd8e Show response
cdns.canddi.com/i/ee4f9bc0af0bbed6283e07c8dd334f49/find/bid/ 376 B
651 B 117ms
116ms Script
application/javascript 151.139.243.18
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.canddi.com/i/ee4f9bc0af0bbed6283e07c8dd334f49/find/bid/3bcaab393b35ffddeb9af9a066edcd8e

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.243.18 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

42f82e701f5373a289e2a9a34c42bc64a900adc63d5d117ad43d1d59fadcf467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:35 GMT
content-encoding: gzip
last-modified: Mon, 25 Nov 2019 13:47:35 GMT
server: nginx
vary: Accept, Accept-Encoding
x-cache: MISS
p3p: policyref="https://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
status: 200
cache-control: max-age=1800, public
x-server: dashboard-i-0b253dc646cc144be
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
content-length: 238
expires: Mon, 25 Nov 2019 14:17:35 GMT

GET
H2 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 6 KB
2 KB 24ms
19ms Script
application/javascript 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?b51444a

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b51444a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

87ac469a931d767510a20a34c4cd257607708968781651683457765100b4ac41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 588
status: 200
access-control-max-age: 300
alt-svc: h3-23=":443"; ma=86400
last-modified: Fri, 11 Oct 2019 15:07:44 GMT
server: cloudflare
etag: W/"5da09ac0-1725"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
cf-ray: 53b4134828108c62-VIE
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery-ui.min.js.jgz Show response
static.activedemand.com/public/javascript/ 222 KB
60 KB 34ms
33ms Script
application/javascript 143.204.101.51
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activedemand.com/public/javascript/jquery-ui.min.js.jgz?_=1574689654999
Requested by: Host: static.activedemand.com
URL: https://static.activedemand.com/public/javascript/ad.collect.min.js.jgz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.51 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-51.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91d26eeeb46860dd9d1dabffc92d8b8b1bbb57a0630cdf64082e51a88ef0ead7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 00:50:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jun 2018 18:59:30 GMT
Server: AmazonS3
Age: 46637
ETag: "54d1f9cfd9099d7acde848dd59c67792"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61007
X-Amz-Cf-Id: 4rmMXDQtAVs7rwGKPzOX6_aSnd2UuuFWYqAcmNfV77xOyGL_9L7XjQ==

GET
H/1.1 200
OK ad.localization.min.js.jgz Show response
static.activedemand.com/public/javascript/ 15 KB
5 KB 88ms
37ms Script
application/javascript 143.204.101.51
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activedemand.com/public/javascript/ad.localization.min.js.jgz?_=1574689655000
Requested by: Host: static.activedemand.com
URL: https://static.activedemand.com/public/javascript/ad.collect.min.js.jgz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.51 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-51.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eece02732d6defa753c85796aed547c6e14e3d7a45d2c9fda6886ba268a18550

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 00:50:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Jun 2019 21:02:53 GMT
Server: AmazonS3
Age: 46637
ETag: "44ce943219ee6ec13bc9596202fdc6e2"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4585
X-Amz-Cf-Id: n-Vyn--HugBFx9RoVOLpujbg_yYufAl3HOQjkWuaKamaYTGQqK_pHw==

GET
H/1.1 200
OK jquery.validate.min.js.jgz Show response
static.activedemand.com/public/javascript/ 22 KB
7 KB 95ms
37ms Script
application/javascript 143.204.101.51
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activedemand.com/public/javascript/jquery.validate.min.js.jgz?_=1574689655001
Requested by: Host: static.activedemand.com
URL: https://static.activedemand.com/public/javascript/ad.collect.min.js.jgz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.51 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-51.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 779029ad36ee545ce0b814d48c313f36a52328fed0b9d9c8f5b543eeb7e0cd84

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 00:50:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jun 2018 21:40:57 GMT
Server: AmazonS3
Age: 46637
ETag: "050492a1f30b187333d44cba5c390681"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6947
X-Amz-Cf-Id: u0kU-Azd-4l1_8sm6ZLobgvYyJ2dyi7GoMBMMDw2TsvppMqgCVoCjA==

GET
H/1.1 200
OK s.js Show response
s.canddi.io/ 79 B
441 B 148ms
34ms Script
application/javascript 52.17.160.182
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://s.canddi.io/s.js?Id={%22B%22:%223bcaab393b35ffddeb9af9a066edcd8e%22,%22FP%22:%220ac029ac9d6c5699217511d849d79e41%22}&S={%22SId%22:%223c3c75876688b9f2f71e9a019f591af3%22,%20%22TId%22:%22ee4f9bc0af0bbed6283e07c8dd334f49%22,%20%22GNo%22:%221%22}&G-GT=&G-P=&G-T=Qm9vayBhIERlbW9uc3RyYXRpb24%3D&G-U=aHR0cHM6Ly93d3cuY2FuZGRpLmNvbS9ib29rLW5vdy8%2FY2U9bWFya2V0aW5nQHZ1c2EuY29tJmNmbj0mY2xuPSZjZV9iND1iV0Z5YTJWMGFXNW5RSFoxYzJFdVkyOXQmY2ZuX2I0PSZjbG5fYjQ9JmNjX2I0PSZjcGhfYjQ9JnV0bV9zb3VyY2U9ZS1zaG90JnV0bV9tZWRpdW09ZW1haWwmdXRtX2NhbXBhaWduPUtub2Nra25vY2tMRlVTQQ%3D%3D&G-V=GET&G-TA=%5B%5D&G-TR=%5B%5D&Ref=&T=[{%22GAUA%22:%22GA1.2.417801796.1574689654%22}]&v=12.2.0&rand=43924491

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.160.182 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-17-160-182.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fe7518414df254bf85945d59f38adf12155364e49182d56f9bd66e75faeaba7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Nov 2019 13:47:35 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, max-age=0
Connection: keep-alive
Content-Length: 79
Expires: Mon, 25 Nov 2019 13:47:36 GMT

GET
DATA 200
OK truncated
/ 947 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 008dd386dfafcd48e846499b13ead5a5461657ef655da0862362b411cdd4d961

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK visit.js Show response
collection.activedemand.com/submit/ 89 B
956 B 251ms
169ms Script
text/javascript 52.222.169.125
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://collection.activedemand.com/submit/visit.js?js%5Bparams%5D=document.title%3DBook%2520a%2520Demonstration%26document.referrer%3D%26document.URL%3Dhttps%253A%252F%252Fwww.canddi.com%252Fbook-now%252F%253Fce%253Dmarketing%2540vusa.com%2526cfn%253D%2526cln%253D%2526ce_b4%253DbWFya2V0aW5nQHZ1c2EuY29t%2526cfn_b4%253D%2526cln_b4%253D%2526cc_b4%253D%2526cph_b4%253D%2526utm_source%253De-shot%2526utm_medium%253Demail%2526utm_campaign%253DKnockknockLFUSA%26document.location.host%3Dwww.canddi.com%26document.location.hostname%3Dwww.canddi.com%26document.location.href%3Dhttps%253A%252F%252Fwww.canddi.com%252Fbook-now%252F%253Fce%253Dmarketing%2540vusa.com%2526cfn%253D%2526cln%253D%2526ce_b4%253DbWFya2V0aW5nQHZ1c2EuY29t%2526cfn_b4%253D%2526cln_b4%253D%2526cc_b4%253D%2526cph_b4%253D%2526utm_source%253De-shot%2526utm_medium%253Demail%2526utm_campaign%253DKnockknockLFUSA%26navigator.language%3Den-US%26navigator.platform%3DLinux%2520x86_64%26navigator.userAgent%3DMozilla%252F5.0%2520(Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F74.0.3729.169%2520Safari%252F537.36%26window.width%3D1585%26browser%3Dchrome%26ga_cid%3D417801796.1574689654%26&js%5Bsession%5D=e647d40-e970-1292-89655262-73a-283bcc95f6&js%5Beguid%5D=&ad_web_keys%5B%5D=web-d49ea0-7dca64-67716b&version=2.0.28&callback=jQuery112309070323686539417_1574689655002&_=1574689655003

Requested by

Host: static.activedemand.com
URL: https://static.activedemand.com/public/javascript/ad.collect.min.js.jgz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.169.125 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-52-222-169-125.fra54.r.cloudfront.net

Software

Apache /

Resource Hash

5b2337cf2ac60c057728108c5a65f3eefd1e96bb770d4682658e2076f595051f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 13:47:35 GMT
Via: 1.1 3df8c233328fbbb4fd91eb496d73f2d8.cloudfront.net (CloudFront)
WWW-Authenticate: NoAuthRequired
X-Amz-Cf-Pop: FRA54
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 64f8ff92-fc54-42ba-a46f-ac69b2f9ee2c
X-Runtime: 0.029032
Server: Apache
ETag: W/"5b2337cf2ac60c057728108c5a65f3ee"
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Id: D2z_sYSTBll6XqrqWghwcI6XvLL03p5qCoGkVxmUMe15bBTvx8GLSg==
X-Content-Type-Options: nosniff

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2018875837&t=timing&_s=2&dl=https%3A%2F%2Fwww.canddi.com%2Fbook-now%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQH...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15069217-1&cid=417801796.1574689654&jid=561171598&_gid=1067711895.1574689654&gjid=459292021&_v=j79&z=1149121934
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=417801796.1574689654&jid=561171598&_v=j79&z=1149121934
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=417801796.1574689654&jid=561171598&_v=j79&z=1149121934&slf_rd=1&random=559633081

42 B
110 B

28ms
28ms

Image
image/gif

2a00:1450:4001:800::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=417801796.1574689654&jid=561171598&_v=j79&z=1149121934&slf_rd=1&random=559633081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 13:47:35 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Nov 2019 13:47:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=417801796.1574689654&jid=561171598&_v=j79&z=1149121934&slf_rd=1&random=559633081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 258 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce38572c44184f2168c0b6e393318c674da0a0704e8fcb35d0dc5bfb1a6e303f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 484 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4f30d39b5b4d6a72db444127844d1379b457ce3f5f75e38ae748cce113be321

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
image.crisp.chat/avatar/operator/68d343d9-7422-4b5d-9d93-3337d14fe40a/240/ 7 KB
8 KB 55ms
50ms Image
image/jpeg 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/avatar/operator/68d343d9-7422-4b5d-9d93-3337d14fe40a/240/?1574676080818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4452729a3e9345e3207595b0a2be482cc4789dedab9fbafa4aa523d58f8738f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 7620
last-modified: Sun, 24 Nov 2019 15:33:02 GMT
server: cloudflare
etag: W/"1dc4-16e9e0b7ab7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 53b41354f8a88c62-VIE
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 noto_sans_bold.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 10 KB
11 KB 58ms
27ms Font
application/font-woff2 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_bold.woff2?b51444a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://client.crisp.chat/static/stylesheets/client_default.css?b51444a
Origin: https://www.canddi.com

Response headers

date: Mon, 25 Nov 2019 13:47:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-23=":443"; ma=86400
content-length: 10252
last-modified: Fri, 11 Oct 2019 15:07:31 GMT
server: cloudflare
etag: "5da09ab3-280c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 53b413552ddacbb8-VIE
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 noto_sans_regular.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 10 KB
10 KB 59ms
28ms Font
application/font-woff2 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_regular.woff2?b51444a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://client.crisp.chat/static/stylesheets/client_default.css?b51444a
Origin: https://www.canddi.com

Response headers

date: Mon, 25 Nov 2019 13:47:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-23=":443"; ma=86400
content-length: 10340
last-modified: Fri, 11 Oct 2019 15:07:31 GMT
server: cloudflare
etag: "5da09ab3-2864"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 53b413552ddccbb8-VIE
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3bcaab393b35ffddeb9af9a066edcd8e Show response
cdns.canddi.com/i/ee4f9bc0af0bbed6283e07c8dd334f49/find/bid/ 376 B
650 B 17ms
16ms Script
application/javascript 151.139.243.18
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.canddi.com/i/ee4f9bc0af0bbed6283e07c8dd334f49/find/bid/3bcaab393b35ffddeb9af9a066edcd8e

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.243.18 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

42f82e701f5373a289e2a9a34c42bc64a900adc63d5d117ad43d1d59fadcf467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:47:37 GMT
content-encoding: gzip
last-modified: Mon, 25 Nov 2019 13:47:35 GMT
server: nginx
vary: Accept, Accept-Encoding
x-cache: HIT
p3p: policyref="https://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
status: 200
cache-control: max-age=1800, public
x-server: dashboard-i-0b253dc646cc144be
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
content-length: 238
expires: Mon, 25 Nov 2019 14:17:35 GMT

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			calendly.com/	1970-01-19 05:55:04	Name: _calendly_session Value: di92T09xL0RHeko4S2VTTnZSejdWcmZreGpzTForZjJSaFFwczlkZFpWRkFldGdXU0k5ZXptdTN5Y3JnVjFSQWdnTUNJMG9kVTFpaCtxS3JBNWc1U1V4blF4b0diQlpsU0JlUUozMXpCa1JsR29WQTNleXhKazVwMHk1Q1JPUU5GdUMxb3NaVXZhUDloZ1o0dUJRd0EwcVJKSGFJTkpmc0VSTWFWVnNnRUxUV2E5VmN6UEVBZ3FCNEw0RFh0MTlTbnV2UGFjYUR5ZFlnckhFRzgwR1Qzbk80bmtvcTM4Q1lCdVZidVRaTG4xSWFHUDB2Y21wMER4NkhxV2gzaVdFTnU0RlVmaTZKMXJWM0tvQmsydTFhcktGMFNKLzhuVWVRUXBaMmtwZzZ1MTFEdU9nMVVuVnoxTFRCeHExMUJvaEFDOUhxcW5mWFBjeElRZGVQbDhudG83RmtzT1AwdENpajIyMUFQWjlTZnJGRjlzRG9GTnlUNWZYcG54L1VvT3NhYm5lOWlhTStibGF6cDdRNnVVN2NMU09xNDdla29FUTZKSzFvdUhTaXdTV3lLbUR2ZlkwV0s0dFY0L2QvVmdxRXFpTHhWWDRZbElHWHpaemg0QlRkTVFzeVBoNFZTYWpMOWtaUy85bVFSY3U5OXcwMVBsU1MxZVYrZ1BGbXZwOWUtLVlnYkQyLzV0WmNhZXlQM3o2cDJHK3c9PQ%3D%3D--60a2cf5b110841b2d8f01883e94ecd01a8d7c43a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

calendly.com
canddi.calltracks.com
cdn.ppcprotect.com
cdns.canddi.com
client.crisp.chat
collection.activedemand.com
connect.facebook.net
data.staticfiles.io
googleads.g.doubleclick.net
i.canddi.com
image.crisp.chat
mail.canddi.co
px.ads.linkedin.com
s.canddi.io
script.hotjar.com
settings.crisp.chat
sjs.bizographics.com
static.activedemand.com
static.hotjar.com
stats.g.doubleclick.net
tag.simpli.fi
vars.hotjar.com
www.canddi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
143.204.101.51
146.148.115.36
147.75.84.33
147.75.85.99
151.139.242.5
151.139.243.18
154.46.89.8
169.50.137.176
172.217.18.2
2600:9000:20eb:5400:c:2b4b:7a40:93a1
2600:9000:21f3:6200:9:72eb:eb00:93a1
2606:4700:10::6814:24a1
2606:4700:10::6814:f874
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:808::200e
2a00:1450:4001:815::2002
2a00:1450:4001:821::2008
2a00:1450:400c:c08::9c
2a02:26f0:10c:38f::3adf
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9001
2a05:f500:11:101::b93f:9005
34.249.79.181
52.17.160.182
52.222.169.125
008dd386dfafcd48e846499b13ead5a5461657ef655da0862362b411cdd4d961
087155ea423b3973d3bf16f2a4ece851891a2977e4549a515b636ec0a84b8e38
0e43ad81f077a21469d64f353001163e051064f63013a6f685233b11871147d2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13bda6ad7990f7edd80fe96cb4b3314d30ef7fa4d5dba9dca0f56d9d695e1887
1fad652d06a7eba612b13a8580de0cce88ecef991d2217de7acabff03522e762
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
334fb3cfb48c75a7fc2c932152e1a38e68b145884da3c6a23527f064dd034fba
34e527f9cabcc408f7aa5d60aef2478722ec730561469b88b50f6cee105bfca5
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
42f82e701f5373a289e2a9a34c42bc64a900adc63d5d117ad43d1d59fadcf467
4452729a3e9345e3207595b0a2be482cc4789dedab9fbafa4aa523d58f8738f1
4fdba5a23d4c1fa69042f05e73c46a79a195883db44afb6bae51bd588369b2b8
52aa7878d55c696e14ae20021c2256fb681cdc53e23c7c28ac87249a960ec7de
5b2337cf2ac60c057728108c5a65f3eefd1e96bb770d4682658e2076f595051f
613b9f6fdf9b4ad328db5ea860da929d9ee1ef59a89799ce7d0b5ed2d868ca7f
69e3a796f4b120879065a812b95b56fd4d28f88faf8c1976ad9b0fa2f31dc0eb
6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5
6ab8a8edcc7ddd5111804f88291545c3dae7d11eb5d79b2fe9be0e507d9efba3
6bae2a27d8d82e056ea53c5771cad8107201cfd3da69e687b0e0d7be8b923b2a
6fc6e8f223cb7a88d7e0d07af0aa7c45084be3c2b330622c06b5e6c6d9f74768
71f2f495be40a09089c6e18f6c6c8a0dd871d982dd74a293412d1484bb4275ae
73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973
779029ad36ee545ce0b814d48c313f36a52328fed0b9d9c8f5b543eeb7e0cd84
7d6741be64fa2796dbe1394e00a2f8c2c87d65cc80752702b274351a266844f8
87ac469a931d767510a20a34c4cd257607708968781651683457765100b4ac41
8e294a96be419e04c05744fef9dd3cd4acb18076e7c1c8f8806f14d9f82cfc84
91d26eeeb46860dd9d1dabffc92d8b8b1bbb57a0630cdf64082e51a88ef0ead7
a3b7dc096a27557fc9970aca1037ddc42526402bf5ca6e51892117aef5a8beec
a7b23c89ee977750dd03b53d0bb715cf84933af95f576f0a73700723e5da4bcf
ad9bf535fc18d27ba929b766058bf5381649bc3d9092232c00e069f420054232
b1c29bb7c828e77ce200e0dd5ea994fd869650979c8085fae062c38ce0f859cf
cbd91955580dba0003f49ccea7b4722091f82bd29c09c6b7c10231048b78f524
ce38572c44184f2168c0b6e393318c674da0a0704e8fcb35d0dc5bfb1a6e303f
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f30d39b5b4d6a72db444127844d1379b457ce3f5f75e38ae748cce113be321
ed04a4f7a5147b7dc5f87315dd42bcb5fed826b66460a588bfbe80c36128e4b6
eece02732d6defa753c85796aed547c6e14e3d7a45d2c9fda6886ba268a18550
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1df35b464ca66ab5f03a478a311068caad7e065b924081b3cad0083382fe6b
efc2ad6fbf06c354f43596ca543becde5c8a97b377a8633f6addb99c5ab13b02
f0c1b48701cb5d4dd2f4fbf0b844ee4d48bf0b00d50c2913454fc96da94d7708
f20f83cb7683a1a3138cd52201d83436e33a5e67ef0b9c96bbdab860b5f7da16
f2a91f92c944a38993b422fb532889826f46ed31b4bd93158bac7e417782f8fe
f60a71fac4d43f29a4bf997416dbbb087bf0dacdcbe1acd8cc9bcc1e8bd17e2f
f9f63713fb3f5413ddc4b4b182e0064c552595ef1beb6c61a9f0dcbf4676da15
fb110056d496b51e4a36eeef35b08edc61a14bb870b7c3651ecac687482c8d24
fe7518414df254bf85945d59f38adf12155364e49182d56f9bd66e75faeaba7d

www.canddi.com Open in urlscan Pro 151.139.242.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

56 %IPv6

21 Domains

30 Subdomains

25 IPs

5 Countries

1365 kBTransfer

4386 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

www.canddi.com Open in urlscan Pro
151.139.242.5 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

56 %
IPv6

21
Domains

30
Subdomains

25
IPs

5
Countries

1365 kB
Transfer

4386 kB
Size

1
Cookies

55 HTTP transactions
3 data transactions