counselor.chat Open in urlscan Pro
76.223.105.230 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.counselor.chat/
Effective URL:
https://counselor.chat/
Submission: On December 14 via api (December 14th 2023, 9:04:56 pm UTC) from US — Scanned from US

Summary HTTP 80 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 80 HTTP transactions. The main IP is 76.223.105.230, located in United States and belongs to AMAZON-02, US. The main domain is counselor.chat.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 14th 2023. Valid for: a year.

This is the only time counselor.chat was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	76.223.105.230 76.223.105.230	16509 (AMAZON-02) (AMAZON-02)
2 32	23.12.144.200 23.12.144.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
2	34.234.28.35 34.234.28.35	14618 (AMAZON-AES) (AMAZON-AES)
18	3.219.24.33 3.219.24.33	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:141b:1c0... 2600:141b:1c00:27::17ce:ac13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
3	52.219.132.140 52.219.132.140	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:24f... 2600:9000:24f0:5000:1f:5acd:8400:21	16509 (AMAZON-02) (AMAZON-02)
1	52.219.158.139 52.219.158.139	16509 (AMAZON-02) (AMAZON-02)
1	50.19.62.130 50.19.62.130	14618 (AMAZON-AES) (AMAZON-AES)
80	12

3 76.223.105.230 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a16e665f42988324c.awsglobalaccelerator.com

www.counselor.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
counselor.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 23.12.144.200 (Ashburn, United States) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-12-144-200.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.234.28.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-28-35.compute-1.amazonaws.com

counselor.hellotars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 3.219.24.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-24-33.compute-1.amazonaws.com

newlook.hellotars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:1c00:27::17ce:ac13 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.219.132.140 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-w.amazonaws.com

tars-file-upload.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:24f0:5000:1f:5acd:8400:21 (United States)

ASN16509 (AMAZON-02, US)

d1xa9uhfa6nnrk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.158.139 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: s3-w.ap-south-1.amazonaws.com

tars-data.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.62.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-62-130.compute-1.amazonaws.com

receive.hellotars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	wsimg.com 2 redirects img1.wsimg.com — Cisco Umbrella Rank: 10503	273 KB
21	hellotars.com counselor.hellotars.com newlook.hellotars.com receive.hellotars.com	659 KB
4	amazonaws.com tars-file-upload.s3.amazonaws.com — Cisco Umbrella Rank: 208286 tars-data.s3.amazonaws.com — Cisco Umbrella Rank: 210708	351 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 Failed	2 KB
3	counselor.chat 1 redirects www.counselor.chat counselor.chat	18 KB
2	cloudfront.net d1xa9uhfa6nnrk.cloudfront.net	35 KB
2	secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 13224	562 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	182 KB
80	8

	Domain	Requested by
32	img1.wsimg.com	2 redirects counselor.chat img1.wsimg.com
18	newlook.hellotars.com	counselor.hellotars.com newlook.hellotars.com
3	tars-file-upload.s3.amazonaws.com	newlook.hellotars.com
3	fonts.googleapis.com	newlook.hellotars.com
2	d1xa9uhfa6nnrk.cloudfront.net	newlook.hellotars.com
2	events.api.secureserver.net	img1.wsimg.com
2	counselor.hellotars.com	srcdoc
2	www.googletagmanager.com	counselor.chat newlook.hellotars.com
2	counselor.chat	counselor.chat
1	receive.hellotars.com	newlook.hellotars.com
1	tars-data.s3.amazonaws.com	newlook.hellotars.com
1	www.counselor.chat	1 redirects
80	12

This site contains no links.

Subject Issuer	Validity	Valid
counselor.chat Go Daddy Secure Certificate Authority - G2	`2023-12-14` - `2024-11-09`	a year	crt.sh
*.wsimg.com Starfield Secure Certificate Authority - G2	`2023-09-19` - `2024-10-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
hellotars.com R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2023-07-10` - `2024-08-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://counselor.chat/
Frame ID: 96AD34ABF03C5663B6ABC6A6625828BC
Requests: 35 HTTP requests in this frame

Frame: https://counselor.hellotars.com/conv/IPIIzb
Frame ID: 232C38A5F05E7B14C2D61C79D9A7061A
Requests: 1 HTTP requests in this frame

Frame: https://newlook.hellotars.com/conv/IPIIzb
Frame ID: 384C2BE2512B52A302AA65E71EFB88FC
Requests: 17 HTTP requests in this frame

Frame: https://counselor.hellotars.com/conv/IPIIzb
Frame ID: AD7241FE7FA3E0FC824D138DA32CC3A3
Requests: 1 HTTP requests in this frame

Frame: https://newlook.hellotars.com/conv/IPIIzb
Frame ID: E5139E20B3CC7925867CC639D510C944
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Counselor Chat - Set Up Free Consultation

Page URL History Show full URLs

https://www.counselor.chat/ HTTP 301
https://counselor.chat/ Page URL

Detected technologies

GoDaddy Website Builder (CMS) Expand

Overall confidence: 100%
Detected patterns

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

80
Requests

80 %
HTTPS

36 %
IPv6

8
Domains

12
Subdomains

12
IPs

3
Countries

1521 kB
Transfer

4091 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.counselor.chat/ HTTP 301
https://counselor.chat/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js

Request Chain 32

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/tti/tti.min.js

80 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
counselor.chat/
Redirect Chain

https://www.counselor.chat/
https://counselor.chat/

43 KB
10 KB

67ms
65ms

Document
text/html

76.223.105.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://counselor.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.105.230 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a16e665f42988324c.awsglobalaccelerator.com

Software

DPS/2.0.0+sha-5905cfa /

Resource Hash

dc1df7794f3392867b0c45330d82578324b642dbf3f0925e23eb541664ca33fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' godaddy.com *.godaddy.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=30
content-encoding: br
content-security-policy: frame-ancestors 'self' godaddy.com *.godaddy.com
content-type: text/html;charset=utf-8
date: Thu, 14 Dec 2023 21:04:50 GMT
etag: 477693852ad3332b4a436baf469006f2
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.34.11.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
server: DPS/2.0.0+sha-5905cfa
vary: Accept-Encoding
x-siteid: us-east-1
x-version: 5905cfa

Redirect headers

date: Thu, 14 Dec 2023 21:04:50 GMT
etag: 477693852ad3332b4a436baf469006f2
location: https://counselor.chat/
server: DPS/2.0.0+sha-5905cfa
vary: Accept-Encoding
x-siteid: us-east-1
x-version: 5905cfa

GET
H2 200 UX.4.34.11.js Show response
img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/ 308 KB
94 KB 318ms
136ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.34.11.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c73cb2249dfa3bce4ba434db98f64c36698865108a6af9f55e669b1b8e61ae90

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:50 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
content-length: 95498
last-modified: Thu, 07 Dec 2023 19:25:37 GMT
etag: "d3b93f3dbf54249a837ffd6401ededd8"
x-amzn-trace-id: Root=1-65721c30-310b924c5c8767ab7841cf55
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:50 GMT

GET
H2 200 k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2
img1.wsimg.com/gfonts/s/fredokaone/v14/ 15 KB
16 KB 253ms
72ms Font
font/woff2 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img1.wsimg.com/gfonts/s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-12-144-200.deploy.static.akamaitechnologies.com

Software

Resource Hash

e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 20:35:18 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 15596
x-xss-protection: 0
expires: Fri, 13 Dec 2024 21:04:50 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
img1.wsimg.com/gfonts/s/poppins/v20/ 8 KB
8 KB 253ms
72ms Font
font/woff2 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img1.wsimg.com/gfonts/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-12-144-200.deploy.static.akamaitechnologies.com

Software

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 16:05:46 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7840
x-xss-protection: 0
expires: Fri, 13 Dec 2024 21:04:50 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
img1.wsimg.com/gfonts/s/poppins/v20/ 8 KB
8 KB 260ms
79ms Font
font/woff2 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img1.wsimg.com/gfonts/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-12-144-200.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 16:07:00 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7884
x-xss-protection: 0
expires: Fri, 13 Dec 2024 21:04:50 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
img1.wsimg.com/gfonts/s/poppins/v20/ 8 KB
8 KB 309ms
129ms Font
font/woff2 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img1.wsimg.com/gfonts/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-12-144-200.deploy.static.akamaitechnologies.com

Software

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 16:59:03 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 8000
x-xss-protection: 0
expires: Fri, 13 Dec 2024 21:04:50 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
img1.wsimg.com/gfonts/s/poppins/v20/ 8 KB
8 KB 292ms
112ms Font
font/woff2 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img1.wsimg.com/gfonts/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-12-144-200.deploy.static.akamaitechnologies.com

Software

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 16:10:34 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7816
x-xss-protection: 0
expires: Fri, 13 Dec 2024 21:04:50 GMT

GET
H2 200 script.js Show response
img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/ 60 KB
15 KB 411ms
232ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Requested by: Host: counselor.chat
URL: https://counselor.chat/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5f7cf421c8d4beede7c16f7d230783e585e88dfb5e418f302d91790d427242a8

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:50 GMT
content-encoding: gzip
x-forwarded-for: 50.63.4.66
x-forwarded-proto: https
content-length: 14922
last-modified: Thu, 14 Dec 2023 20:57:43 GMT
etag: "7f2ccf5476c03b72bcf82c1d2a332b0c"
x-amzn-trace-id: Root=1-657b6c46-4f1a77e32aa066693982f86f
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
91 KB 227ms
89ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V0MML8HQ91

Requested by

Host: counselor.chat
URL: https://counselor.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33850eb245d0d15ab3b9ad7f2d950ba4d2803b37cdc6fdd76bb3f15957a0a459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://counselor.chat
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93128
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 21:04:50 GMT

GET
H2

200

tccl.min.js Show response
img1.wsimg.com/signals/js/clients/tccl/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js

46 KB
13 KB

61ms
60ms

Script
text/javascript

23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
Requested by: Host: counselor.chat
URL: https://counselor.chat/
Protocol: H2
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://counselor.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: CxfOTvM4.aC7Uz8TppF8SLs_Z6HB3PMp
content-encoding: gzip
date: Thu, 14 Dec 2023 21:04:51 GMT
x-amz-request-id: JGR6XV0ZNGWP0F6Q
x-amz-server-side-encryption: AES256
x-amz-meta-version: 2.0.2
content-length: 13404
x-amz-id-2: loEK0yBDPd5O1+kVu91qDzSD3F9/2oJTsytYAkteh/pdFz3oT/UFRsBMkhG3uColkGQIrDwl93M=
last-modified: Wed, 18 Oct 2023 16:44:03 GMT
etag: "8e70743bdf9b3d3adbb26471c84a006c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 21:34:51 GMT

Redirect headers

location: https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
access-control-allow-origin: *
date: Thu, 14 Dec 2023 21:04:50 GMT
cache-control: max-age=31536000
timing-allow-origin: *
content-length: 0
expires: Fri, 13 Dec 2024 21:04:50 GMT

GET
H/1.1 200
OK IPIIzb Show response
counselor.hellotars.com/conv/ Frame 232C 1 KB
967 B 202ms
64ms Document
text/html 34.234.28.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://counselor.hellotars.com/conv/IPIIzb
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.234.28.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-28-35.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: 8d5790fcaefbc6a9c3dd638b332e61508f633de38364e1a9c87d3e2ccfb80101

Request headers

Referer: https://counselor.chat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 14 Dec 2023 21:04:50 GMT
ETag: W/"54b-4ZEbjAOq64UsQaNDiH/hQcffark"
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: Express

GET
H2 200 IPIIzb Show response
newlook.hellotars.com/conv/ Frame 384C 59 KB
13 KB 226ms
89ms Document
text/html 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/conv/IPIIzb
Requested by: Host: counselor.hellotars.com
URL: https://counselor.hellotars.com/conv/IPIIzb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Next.js
Resource Hash: 8cd0dfe3114465657a088fb8efde20a94882bfab2ac1b55c20dba878a724bf58

Request headers

Referer: https://counselor.hellotars.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 14 Dec 2023 21:04:51 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
x-powered-by: Next.js

GET
H2 404 ad Show response
counselor.chat/markup/ 29 KB
8 KB 62ms
62ms Fetch
text/html 76.223.105.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://counselor.chat/markup/ad

Requested by

Host: counselor.chat
URL: https://counselor.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.105.230 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a16e665f42988324c.awsglobalaccelerator.com

Software

DPS/2.0.0+sha-5905cfa /

Resource Hash

91a4c6b72dac726b902364d1657a3874a5042c209d67486ff7d99ef4c76828de

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' godaddy.com *.godaddy.com

Request headers

accept-language: en-US,en;q=0.9
Referer: https://counselor.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 5905cfa
content-security-policy: frame-ancestors 'self' godaddy.com *.godaddy.com
content-encoding: br
date: Thu, 14 Dec 2023 21:04:51 GMT
server: DPS/2.0.0+sha-5905cfa
x-siteid: us-east-1
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: max-age=30
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.34.11.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin

GET
H2 200 bs-layout13-Theme-publish-Theme-7252afe2.js Show response
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/ 7 KB
3 KB 63ms
63ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-layout13-Theme-publish-Theme-7252afe2.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e8fcfb1552d918b5d9fd715f711255465d6dd4348b4dcedd362cb00df9d3dbef

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
content-length: 2407
last-modified: Tue, 18 Oct 2022 15:47:49 GMT
etag: "dad318033a09f6aba68d6ee66f1cdace"
x-amzn-trace-id: Root=1-634ecaa4-1eea6e7909c133af5b345138
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 bs-_rollupPluginBabelHelpers-a2e90765.js Show response
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 919 B
984 B 72ms
59ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-a2e90765.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f075fefc90d97da32d93ab7a2c9660a9d73b41a3b022497c8e6683cb6f98bf88

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
content-length: 540
last-modified: Wed, 04 Jan 2023 19:31:20 GMT
etag: "1ccd3c1052745e96ce686cc6f6143f10"
x-amzn-trace-id: Root=1-63b5d407-04d41597311d7a797a3d01a4
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 bs-defaultSocialIconPack-a2c518b6.js Show response
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 22 KB
7 KB 70ms
61ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-defaultSocialIconPack-a2c518b6.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2c0b8b1b44960fa5584fb5d8f1bb50e21662ec06a70fca8eedf8299c69f2e2ba

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.106
x-forwarded-proto: https
content-length: 6735
last-modified: Thu, 28 Sep 2023 14:18:04 GMT
etag: "c44ebbb1c5cc623f903b5ec3f9c94e13"
x-amzn-trace-id: Root=1-65158b1b-321115d34fed03de6eb68136
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 bs-humanisticFilled-91edd0e1.js Show response
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 12 KB
5 KB 72ms
63ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-humanisticFilled-91edd0e1.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bff3c0c2907bcffd63dedc687b8fca61197e8b783c644b3d665ac3620c383e3c

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.109
x-forwarded-proto: https
content-length: 4753
last-modified: Tue, 18 Oct 2022 15:47:53 GMT
etag: "dfb4bee7c6378574342cdfce62fdd1d7"
x-amzn-trace-id: Root=1-634ecaa8-43c1f78d71be10d7594cdd7f
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 bs-index-4e26cd6b.js Show response
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 876 B
1021 B 73ms
64ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-4e26cd6b.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 89388608d7bceced5ad74231681ffce822ad580acb9fd7e492970176e3e38347

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
content-length: 578
last-modified: Tue, 18 Oct 2022 15:47:49 GMT
etag: "9219cf782ed219bd3929a51e99503bc2"
x-amzn-trace-id: Root=1-634ecaa4-01886e4b7a7aeb6259ec4241
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 bs-index3-c8de852e.js Show response
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 237 KB
58 KB 74ms
66ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-c8de852e.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74a91f8813ed283dba9d018af197f92a50c245f867264dd5118d79c7f269823f

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
content-length: 58488
last-modified: Fri, 18 Aug 2023 19:13:10 GMT
etag: "2b008c6ab525f4ec8781e5e0790e5075"
x-amzn-trace-id: Root=1-64dfc2c5-69ce15c32056e5b16fed5999
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 bs-legacyOverrides-42582241.js Show response
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 324 B
703 B 84ms
76ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-legacyOverrides-42582241.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 66774f89fcfa5674be9aef60e3fe3cb81e4dd88246bde4e5392df8b99fefd4db

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
content-length: 260
last-modified: Tue, 18 Oct 2022 15:47:52 GMT
etag: "acd4f2b6117e5054fc9bf848ae8121ca"
x-amzn-trace-id: Root=1-634ecaa7-6a4fef5d742e08b052d431ff
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 bs-loaders-fffeeba5.js Show response
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 3 KB
1 KB 104ms
97ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-loaders-fffeeba5.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bae437dbefe58377d88c9d579db7c59f4202f3fbf88866d0005fb375be6b2cd7

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
content-length: 740
last-modified: Thu, 14 Oct 2021 23:04:41 GMT
etag: "852cbc5322260e00b44f2c682f88b2c7"
x-amzn-trace-id: Root=1-6168b788-04e31f272fd746490d747855
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 bs-overlayTypes-e1dbe765.js Show response
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 437 B
778 B 85ms
77ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0fe26f07b9e5d49590f55d31cbc381ca9337850f89b09940e3b384fcd6d26464

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
content-length: 335
last-modified: Mon, 13 Dec 2021 22:59:02 GMT
etag: "21ad22788e6caa18a4e9e57f7372b108"
x-amzn-trace-id: Root=1-61b7d035-018188ae176241301ebce646
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 bs-themeOverrides-e736c017.js Show response
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 842 B
863 B 86ms
79ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-themeOverrides-e736c017.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c818b56446ae5a8d0466fc9c51d85104584e36f6d8b1c77e08a2d354e845e2cd

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
content-length: 421
last-modified: Mon, 13 Dec 2021 22:59:04 GMT
etag: "31b521136207c11ff1f9985264424e8a"
x-amzn-trace-id: Root=1-61b7d037-215e219c2a10ce7034ebcf80
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 Carousel-3d82957b.js Show response
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/ 24 KB
8 KB 87ms
81ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ed9ffa2fba5ecc75af2f99e6ebadd5b927086f258037c2a848e94449cc579991

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.106
x-forwarded-proto: https
content-length: 7372
last-modified: Tue, 13 Sep 2022 20:51:07 GMT
etag: "753cb19ee1a756e46faa0f118b1b4e01"
x-amzn-trace-id: Root=1-6320ed3a-63510b321c43bb775186e613
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 ColorSwatch-4196a0a9.js Show response
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/ 1 KB
1 KB 92ms
85ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 513864fd4ebd1926f3e1e78b436a90c2bc3a5d16835b50415e7b318d7deec2a2

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
content-length: 645
last-modified: Tue, 13 Sep 2022 20:51:08 GMT
etag: "cb9bfa0fbdd957fbe7f4841b70341db2"
x-amzn-trace-id: Root=1-6320ed3b-6c5c5f0d6dd6c2ec69a41ad3
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 bs-dataAids-6a839d53.js Show response
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 2 KB
1 KB 94ms
88ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-dataAids-6a839d53.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3b54aeacfda01be53800632989a82f6f5a7f92e927159a37a4324b38d3dffef8

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
content-length: 626
last-modified: Mon, 13 Dec 2021 22:59:00 GMT
etag: "edc15ad5daac3cfa744bffdb1e0174be"
x-amzn-trace-id: Root=1-61b7d033-2da3a4b6382be71e0d8c5ecb
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 bs-index2-87bd33e6.js Show response
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 1 KB
1 KB 94ms
89ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-87bd33e6.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8671cfdfa128168db2136d7c17f55ba98ddba221cdd1acbbe559d4969280fd51

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.104
x-forwarded-proto: https
content-length: 714
last-modified: Tue, 18 Oct 2022 15:47:53 GMT
etag: "5cc6b93d41889c0a55c6c4fcd2d89713"
x-amzn-trace-id: Root=1-634ecaa8-5441fae57a8929061baf3c6b
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 bs-navigationDrawer-27f5f1f5.js Show response
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 221 B
633 B 95ms
90ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 265995eb76326e95613750f6f6570b850f5c22280d262de9b9632a16ceb98b9b

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
content-length: 191
last-modified: Thu, 28 Jul 2022 17:59:29 GMT
etag: "8f12765eb30fbdcfcdc116d13f7fc272"
x-amzn-trace-id: Root=1-62e2ce80-4ef8fc4a33c151912970138f
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 bs-searchFormLocations-c86f2a99.js Show response
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 304 B
689 B 95ms
91ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 604281887cd770ed21601933e9636a7a9c8a57a30d7d796ae7d760eef64d5089

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
content-length: 244
last-modified: Thu, 14 Oct 2021 23:04:37 GMT
etag: "daa79ad7558674f6a12d962abf47f2f6"
x-amzn-trace-id: Root=1-6168b784-1438c006715eea557e6c9f7f
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 _commonjsHelpers-67085353.js Show response
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/ 960 B
963 B 91ms
87ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b08c2864ec27736c507b1ca4b3a225a19147841b861cd8494daf95fa370fe639

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
content-length: 520
last-modified: Tue, 13 Sep 2022 20:51:08 GMT
etag: "62a914b2c847d4d02b76164d7a2a54c6"
x-amzn-trace-id: Root=1-6320ed3b-3de8a43b0cf7990c68d55390
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 _react_commonjs-external-a1351e34.js Show response
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/ 266 B
655 B 97ms
93ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3d7e7552e3801941a408c504aa732223fe2bed5d12e248680847d772182cb639

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.106
x-forwarded-proto: https
content-length: 212
last-modified: Tue, 13 Sep 2022 20:51:08 GMT
etag: "8578a331ad09bb2ef6359fec3916befc"
x-amzn-trace-id: Root=1-6320ed3b-311ca1193326a1db522ca4d2
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 _rollupPluginBabelHelpers-8ce54c82.js Show response
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/ 586 B
823 B 98ms
94ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e8a5463ff98210d3017deee55d5a287ad01aaa11dbe7deb7d07f7d15d7f609f2

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.104
x-forwarded-proto: https
content-length: 380
last-modified: Tue, 13 Sep 2022 20:51:07 GMT
etag: "fadb3719ffa2a9e96cdc64ffea0220fa"
x-amzn-trace-id: Root=1-6320ed3a-239be6cd0632f6776811c293
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 interopRequireDefault-c83974f7.js Show response
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/ 390 B
713 B 99ms
95ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 010083b88e95f18cefdb90796acce02073e91fc8dfefb27a7f5f3f75529e4906

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
content-length: 270
last-modified: Tue, 13 Sep 2022 20:51:07 GMT
etag: "c86b7f8224fa45fb1682ac94d8f75ac6"
x-amzn-trace-id: Root=1-6320ed3a-044169b84eb7e18f3216950e
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2

200

tti.min.js Show response
img1.wsimg.com/signals/js/clients/tti/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
https://img1.wsimg.com/signals/js/clients/tti/tti.min.js

21 KB
8 KB

62ms
61ms

Script
text/javascript

23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/signals/js/clients/tti/tti.min.js
Requested by: Host: counselor.chat
URL: https://counselor.chat/
Protocol: H2
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3c37a4aa3cf6aaae6921a4b750c0e4f81fd338d6878be90b0faf2f921039cb23

Request headers

accept-language: en-US,en;q=0.9
Referer: https://counselor.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 7jzjltvngWPxR10aGBgezMSyuI8q8r0u
content-encoding: gzip
date: Thu, 14 Dec 2023 21:04:51 GMT
x-amz-request-id: JGRF0102T66W3DTT
x-amz-server-side-encryption: AES256
x-amz-meta-version: 0.2.1
content-length: 7570
x-amz-id-2: pMSYRf7HhmT4WZMyN5+9HuK2TkOIQQgqaQUYtRremhejw3FVNf5yyHZ0w57Hm8nFmG+6sPXO5Ec=
last-modified: Wed, 18 Oct 2023 13:46:08 GMT
etag: "1c56940a864f144fae2eb40ee952cb94"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 21:34:51 GMT

Redirect headers

location: https://img1.wsimg.com/signals/js/clients/tti/tti.min.js
access-control-allow-origin: *
date: Thu, 14 Dec 2023 21:04:51 GMT
cache-control: max-age=31536000
timing-allow-origin: *
content-length: 0
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 bs-Component-ccb3712d.js Show response
img1.wsimg.com/blobby/go/static/radpack/@widget/HTML/ 3 KB
2 KB 92ms
92ms Script
application/javascript 23.12.144.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/blobby/go/static/radpack/@widget/HTML/bs-Component-ccb3712d.js
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/6f05cfb3-752e-4b0a-96f0-0db1558a176c/gpub/d35b83ed29e5ddc3/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 27efc2df59fb792d7dd1f3b92b3259392ec5374700fab75d449bbbdf1ff261c9

Request headers

Referer: https://counselor.chat/
Origin: https://counselor.chat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version: 0.7.3-beta+sha-07fba9e
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
content-length: 1237
last-modified: Mon, 07 Nov 2022 18:54:21 GMT
etag: "fb18d2174d9e08e96a5fe1c520dcdde5"
x-amzn-trace-id: Root=1-6369545c-3814c9204f756b0756b6b83d
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-forwarded-port: 443
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 21:04:51 GMT

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
281 B 276ms
74ms Fetch
image/gif 2600:141b:1c00:27::17ce:ac13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1702587891139&dh=counselor.chat&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&vci=2063995054&cv=2.0.2&z=611963192&vg=6288abbd-5a2a-51ac-a9a1-423caf2f86aa&vtg=6288abbd-5a2a-51ac-a9a1-423caf2f86aa&dp=%2F&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%226f05cfb3-752e-4b0a-96f0-0db1558a176c%22%2C%22pd%22%3A%222023-12-14T20%3A57%3A42.034Z%22%2C%22meta.numWidgets%22%3A4%2C%22meta.theme%22%3A%22layout13%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&hit_id=e6ef0dfe-19ab-5913-9e1e-a408a65689e3&ht=pageview

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:141b:1c00:27::17ce:ac13 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://counselor.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Thu, 14 Dec 2023 21:04:51 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://counselor.chat
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET a26d926d4a64a700.css
newlook.hellotars.com/_next/static/css/ Frame 384C 0
0

GET webpack-b12a44ef71f79ce4.js
newlook.hellotars.com/_next/static/chunks/ Frame 384C 0
0

GET framework-715a76d8b0695da7.js
newlook.hellotars.com/_next/static/chunks/ Frame 384C 0
0

GET main-b355b9c39b50a4eb.js
newlook.hellotars.com/_next/static/chunks/ Frame 384C 0
0

GET _app-dde429d7c327a91d.js
newlook.hellotars.com/_next/static/chunks/pages/ Frame 384C 0
0

GET fec483df-05532907abb253c3.js
newlook.hellotars.com/_next/static/chunks/ Frame 384C 0
0

GET 75fc9c18-3148a20e1df1e518.js
newlook.hellotars.com/_next/static/chunks/ Frame 384C 0
0

GET 61606cbd-356c1b16842ffec9.js
newlook.hellotars.com/_next/static/chunks/ Frame 384C 0
0

GET c810e66d-5d09cb3785b5acec.js
newlook.hellotars.com/_next/static/chunks/ Frame 384C 0
0

GET 705-26a7445cb5dc579e.js
newlook.hellotars.com/_next/static/chunks/ Frame 384C 0
0

GET %5Bconvid%5D-ff2efc91037b3d6b.js
newlook.hellotars.com/_next/static/chunks/pages/conv/ Frame 384C 0
0

GET _buildManifest.js
newlook.hellotars.com/_next/static/eDkjtviKd4s6zdzDvC5JP/ Frame 384C 0
0

GET _ssgManifest.js
newlook.hellotars.com/_next/static/eDkjtviKd4s6zdzDvC5JP/ Frame 384C 0
0

GET css2
fonts.googleapis.com/ Frame 384C 0
0

GET
DATA 200
OK truncated
/ Frame 384C 77 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef825a79bfee6d8fe85e77302bca11089739ce3129e006e76b7a80715ae6c919

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 384C 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK IPIIzb Show response
counselor.hellotars.com/conv/ Frame AD72 1 KB
967 B 65ms
64ms Document
text/html 34.234.28.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://counselor.hellotars.com/conv/IPIIzb
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.234.28.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-28-35.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: 8d5790fcaefbc6a9c3dd638b332e61508f633de38364e1a9c87d3e2ccfb80101

Request headers

Referer: https://counselor.chat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 14 Dec 2023 21:04:51 GMT
ETag: W/"54b-4ZEbjAOq64UsQaNDiH/hQcffark"
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: Express

GET
H2 200 IPIIzb Show response
newlook.hellotars.com/conv/ Frame E513 59 KB
13 KB 93ms
92ms Document
text/html 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/conv/IPIIzb
Requested by: Host: counselor.hellotars.com
URL: https://counselor.hellotars.com/conv/IPIIzb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Next.js
Resource Hash: 6f48eca10524873842eec215773a0b7e7655fa979702cf0aa3a91eeda35361ab

Request headers

Referer: https://counselor.hellotars.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 14 Dec 2023 21:04:51 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
x-powered-by: Next.js

GET
H2 200 a26d926d4a64a700.css
newlook.hellotars.com/_next/static/css/ Frame E513 198 KB
32 KB 68ms
61ms Stylesheet
text/css 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/_next/static/css/a26d926d4a64a700.css
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0670a9ca7418276dd8c63175e0324be3b3c444569e301145bc6e07a1a305aa10

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/conv/IPIIzb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 08:47:45 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"65796fb1-31600"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000, immutable

GET
H2 200 webpack-b12a44ef71f79ce4.js Show response
newlook.hellotars.com/_next/static/chunks/ Frame E513 3 KB
2 KB 69ms
63ms Script
application/javascript 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/_next/static/chunks/webpack-b12a44ef71f79ce4.js
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 40822ab9b998a127123a306b1841aadd15c68e0da79ec8917e06cffe833769c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/conv/IPIIzb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 08:47:45 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"65796fb1-d75"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable

GET
H2 200 framework-715a76d8b0695da7.js Show response
newlook.hellotars.com/_next/static/chunks/ Frame E513 138 KB
45 KB 69ms
61ms Script
application/javascript 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/_next/static/chunks/framework-715a76d8b0695da7.js
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d7f01243816138ef54fc3e5211b3023bd7c2298e0338928d775a42cbad0dedc5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/conv/IPIIzb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 13:04:46 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"644a72ee-228bd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable

GET
H2 200 main-b355b9c39b50a4eb.js Show response
newlook.hellotars.com/_next/static/chunks/ Frame E513 104 KB
30 KB 75ms
67ms Script
application/javascript 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/_next/static/chunks/main-b355b9c39b50a4eb.js
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2061af4d98d4ccfff2a953334f8098afaf3899dad20d2c67d186e9fbc6f9f91a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/conv/IPIIzb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 13:04:46 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"644a72ee-1a105"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable

GET
H2 200 _app-dde429d7c327a91d.js Show response
newlook.hellotars.com/_next/static/chunks/pages/ Frame E513 28 KB
8 KB 75ms
68ms Script
application/javascript 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/_next/static/chunks/pages/_app-dde429d7c327a91d.js
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ab56e9ca0491c6492ab70cf39f4e5f8ad2ac3d1c4f8f6e807eb7fa8ce33686c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/conv/IPIIzb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 08:47:45 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"65796fb1-6f68"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable

GET
H2 200 fec483df-05532907abb253c3.js Show response
newlook.hellotars.com/_next/static/chunks/ Frame E513 318 KB
99 KB 78ms
71ms Script
application/javascript 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/_next/static/chunks/fec483df-05532907abb253c3.js
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9fbe3671c09c04d89edba363baa65d0f22b8223e266efcb88780ccaacb573a22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/conv/IPIIzb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 09:01:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"656d9572-4f8f5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable

GET
H2 200 75fc9c18-3148a20e1df1e518.js Show response
newlook.hellotars.com/_next/static/chunks/ Frame E513 58 KB
19 KB 111ms
105ms Script
application/javascript 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/_next/static/chunks/75fc9c18-3148a20e1df1e518.js
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3c8531c8f6afc4784f9650806756aa4f6a4aba3e4381590960f0dba8b5f93ba5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/conv/IPIIzb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 13:04:46 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"644a72ee-e623"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable

GET
H2 200 61606cbd-356c1b16842ffec9.js Show response
newlook.hellotars.com/_next/static/chunks/ Frame E513 84 KB
26 KB 112ms
106ms Script
application/javascript 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/_next/static/chunks/61606cbd-356c1b16842ffec9.js
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8ca58508349795de04620cc743dd6b19ad82edee0210f723ab18e16c00212a38

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/conv/IPIIzb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 08:47:45 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"65796fb1-151c1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable

GET
H2 200 c810e66d-5d09cb3785b5acec.js Show response
newlook.hellotars.com/_next/static/chunks/ Frame E513 199 KB
59 KB 112ms
108ms Script
application/javascript 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/_next/static/chunks/c810e66d-5d09cb3785b5acec.js
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e6c130a40411ff16386c8be98ebfcefecbd386719e43d2683038268a51c6a3fc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/conv/IPIIzb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 13:04:46 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"644a72ee-31b65"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable

GET
H2 200 705-26a7445cb5dc579e.js Show response
newlook.hellotars.com/_next/static/chunks/ Frame E513 621 KB
190 KB 137ms
133ms Script
application/javascript 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/_next/static/chunks/705-26a7445cb5dc579e.js
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8f4482af19caf505dff8a22d503a22ebe2bfcc3f2e0081204efbe999ce836f77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/conv/IPIIzb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 08:47:45 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"65796fb1-9b37a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable

GET
H2 200 %5Bconvid%5D-ff2efc91037b3d6b.js Show response
newlook.hellotars.com/_next/static/chunks/pages/conv/ Frame E513 362 KB
102 KB 137ms
134ms Script
application/javascript 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/_next/static/chunks/pages/conv/%5Bconvid%5D-ff2efc91037b3d6b.js
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e4d29fc8b5df9204e712566f1cf1a651cd285d58552312316aeff668856c811e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/conv/IPIIzb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 08:47:45 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"65796fb1-5a791"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable

GET
H2 200 _buildManifest.js Show response
newlook.hellotars.com/_next/static/eDkjtviKd4s6zdzDvC5JP/ Frame E513 593 B
523 B 137ms
134ms Script
application/javascript 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/_next/static/eDkjtviKd4s6zdzDvC5JP/_buildManifest.js
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6fabcc6be52465a9dc1efb3b457c8d7d18acce37404dfbade1a647c8e2676312

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/conv/IPIIzb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 08:47:45 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"65796fb1-251"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable

GET
H2 200 _ssgManifest.js Show response
newlook.hellotars.com/_next/static/eDkjtviKd4s6zdzDvC5JP/ Frame E513 76 B
255 B 137ms
134ms Script
application/javascript 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/_next/static/eDkjtviKd4s6zdzDvC5JP/_ssgManifest.js
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/conv/IPIIzb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:51 GMT
last-modified: Wed, 13 Dec 2023 08:47:45 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "65796fb1-4c"
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 76

GET
H2 200 css2
fonts.googleapis.com/ Frame E513 4 KB
947 B 81ms
78ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700;900&display=swap

Requested by

Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ec4aad1c40dff419c750195eb6a9d462c5e50e939add9f0a9ddf252b9f1ddd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 20:54:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 21:04:51 GMT

GET
DATA 200
OK truncated
/ Frame E513 77 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef825a79bfee6d8fe85e77302bca11089739ce3129e006e76b7a80715ae6c919

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E513 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 css2
fonts.googleapis.com/ Frame E513 3 KB
774 B 87ms
86ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@600&family=Roboto:wght@500&display=swap

Requested by

Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/css/a26d926d4a64a700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86236e7f53893f010cdec50c66999a04adf7343d648b62eae630387508e7e55b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 21:04:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 21:04:51 GMT

GET
H/1.1 200
OK bcae45eb79a123e1a4374ab6e8fe14bd--flock-cranes-red-1.png
tars-file-upload.s3.amazonaws.com/IPIIzb/ Frame E513 273 KB
273 KB 935ms
324ms Image
image/png 52.219.132.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tars-file-upload.s3.amazonaws.com/IPIIzb/bcae45eb79a123e1a4374ab6e8fe14bd--flock-cranes-red-1.png
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.132.140 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c44c90039e1ac1aa63db7776deb5a167b54c619633dac1c3e1b1ef87cbc40c01

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 21:04:53 GMT
Last-Modified: Thu, 14 Dec 2023 21:01:50 GMT
Server: AmazonS3
x-amz-request-id: 2CJPN11MD70KR6B6
ETag: "f861bc7b049f3c68fe69ce9786e64ee3"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 279495
x-amz-id-2: tlUVYaXNju8w54+XwXIhT4arKuOscsrg1Q9GZSjVrEqN3Zwr2KJgLY+Z2V0BwSlhLD/07U69kwU=

GET
H/1.1 200
OK 375b25264a78253b6bac40af0116aa0d--flock-cranes-red-1-1.png
tars-file-upload.s3.amazonaws.com/IPIIzb/ Frame E513 73 KB
73 KB 897ms
286ms Image
image/png 52.219.132.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tars-file-upload.s3.amazonaws.com/IPIIzb/375b25264a78253b6bac40af0116aa0d--flock-cranes-red-1-1.png
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.132.140 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 055e82493f76cca450a283ce68afbaa875a3a5bd87671967871423295e5839e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 21:04:53 GMT
Last-Modified: Thu, 14 Dec 2023 21:00:36 GMT
Server: AmazonS3
x-amz-request-id: 2CJQRBZFMJ537EEY
ETag: "b1468547a468c58db4afc9ce88ee3a75"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 74579
x-amz-id-2: IdNEZh+QBFbcYTwRjgShyx2Lnn9GWQx+sc0UVif03wHTk6lVRi80S++Am/aM/IKKEv2/L69hs3Q=

GET
H2 200 HelveticaNeue-Medium.woff
d1xa9uhfa6nnrk.cloudfront.net/chatbot-frontend/ Frame E513 20 KB
20 KB 265ms
83ms Font
application/font-woff 2600:9000:24f0:5000:1f:5acd:8400:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1xa9uhfa6nnrk.cloudfront.net/chatbot-frontend/HelveticaNeue-Medium.woff
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/css/a26d926d4a64a700.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:5000:1f:5acd:8400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eca60e349160c1fa35a10caac1b6eb0dc95e226bd913a5d684ace4a635029e87

Request headers

Referer: https://newlook.hellotars.com/
Origin: https://newlook.hellotars.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:21:07 GMT
via: 1.1 2301ef513d768666e30ce282b9045098.cloudfront.net (CloudFront)
age: 1140225
x-amz-cf-pop: JFK50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 20320
last-modified: Tue, 02 May 2023 10:14:18 GMT
server: AmazonS3
etag: "569187262684588811af1466c919ece6"
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: c6hS95k7IS27kalOjePHCpvYd2z1OL8mQ8paxIGu2msrHpUvADtabw==

GET
H2 200 HelveticaNeue-Regular.woff
d1xa9uhfa6nnrk.cloudfront.net/chatbot-frontend/ Frame E513 15 KB
15 KB 313ms
132ms Font
application/font-woff 2600:9000:24f0:5000:1f:5acd:8400:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1xa9uhfa6nnrk.cloudfront.net/chatbot-frontend/HelveticaNeue-Regular.woff
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/css/a26d926d4a64a700.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:5000:1f:5acd:8400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 815eeadca2db0a292757809989c68a84ed3ff820a9cd4bf7272164cf06ab7563

Request headers

Referer: https://newlook.hellotars.com/
Origin: https://newlook.hellotars.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 12:54:24 GMT
via: 1.1 2301ef513d768666e30ce282b9045098.cloudfront.net (CloudFront)
age: 115828
x-amz-cf-pop: JFK50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15020
last-modified: Tue, 02 May 2023 10:14:19 GMT
server: AmazonS3
etag: "88b7a427cf1aec1984382459d5ca12e0"
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 9KpnAIvRapWtm5ZGQxYzsb3iL3RRLflKq4avyMrfv3fKIBKt00qCcQ==

GET
H2 200 css2
fonts.googleapis.com/ Frame E513 4 KB
611 B 84ms
82ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700;900&display=swap

Requested by

Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/chunks/main-b355b9c39b50a4eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ec4aad1c40dff419c750195eb6a9d462c5e50e939add9f0a9ddf252b9f1ddd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 20:54:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 21:04:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame E513 274 KB
91 KB 318ms
171ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0PT49NDTSN

Requested by

Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/chunks/main-b355b9c39b50a4eb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19563e1fe086a95c9918853293634d831716942f76ceb273707c9fdd99b2ab85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92908
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 21:04:52 GMT

GET
H2 200 435.52536dc9c7fc48bc.js Show response
newlook.hellotars.com/_next/static/chunks/ Frame E513 41 KB
16 KB 60ms
59ms Script
application/javascript 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/_next/static/chunks/435.52536dc9c7fc48bc.js
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/chunks/webpack-b12a44ef71f79ce4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 54b99cec53698e164a6642d242e351fdf89ca036b4a53620cf2ac90f3e739579

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/conv/IPIIzb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 09:01:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"656d9572-a449"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable

GET
H2 200 759.eaf1db541b4c4409.js Show response
newlook.hellotars.com/_next/static/chunks/ Frame E513 135 B
316 B 61ms
61ms Script
application/javascript 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newlook.hellotars.com/_next/static/chunks/759.eaf1db541b4c4409.js
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/chunks/webpack-b12a44ef71f79ce4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fda5834ee65687fbb68ab1afd7c709ec144f42018d4a3766dc914816dbec19a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/conv/IPIIzb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:51 GMT
last-modified: Wed, 31 May 2023 13:43:39 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "64774f0b-87"
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 135

GET
H/1.1 200
OK conv_data.json Show response
tars-data.s3.amazonaws.com/IPIIzb/ Frame E513 2 KB
2 KB 809ms
268ms XHR
application/json 52.219.158.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tars-data.s3.amazonaws.com/IPIIzb/conv_data.json
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/chunks/705-26a7445cb5dc579e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.158.139 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.ap-south-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f50d125b80655188f37ed12150994cfa191c5851ebcd2d8e0b3ab159e531bd15

Request headers

Accept: application/json, text/plain, */*
Referer: https://newlook.hellotars.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 21:04:53 GMT
Content-Encoding: gzip
x-amz-request-id: 2CJG7T1TDM9KJE4F
x-amz-server-side-encryption: AES256
Content-Length: 1316
x-amz-id-2: Qm0cC+yY1uX4YW1CwEneZcG9P+JuFM4VK+qhD/ltkpxkcSOaRbuwYX4fTgXkHV2ZPJRnbuaoxDA=
Last-Modified: Thu, 14 Dec 2023 20:54:57 GMT
Server: AmazonS3
ETag: "3386e82e0aa8fcc2edb9d052b6054116"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: application/json
Cache-Control: no-cache
Accept-Ranges: bytes

POST
H/1.1 200
OK 12qx8b2l Show response
receive.hellotars.com/conv/IPIIzb/tempdoc/ Frame E513 7 B
418 B 261ms
68ms XHR
text/html 50.19.62.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://receive.hellotars.com/conv/IPIIzb/tempdoc/12qx8b2l
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/chunks/705-26a7445cb5dc579e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.19.62.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-62-130.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Request headers

Accept: application/json, text/plain, */*
Referer: https://newlook.hellotars.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 14 Dec 2023 21:04:52 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"7-Qqj2Udef0AXurAYS32RCuYOgEYQ"
Vary: X-HTTP-Method-Override, Accept-Encoding
Access-Control-Allow-Methods: OPTIONS,GET,PUT,POST,PATCH,DELETE
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 7

GET
H/1.1 206
Partial Content ba6e1f909206adeb4f22676a756d597a--blop.mp3
tars-file-upload.s3.amazonaws.com/sBZgmZ/ Frame E513 2 KB
2 KB 835ms
283ms Media
audio/mp3 52.219.132.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tars-file-upload.s3.amazonaws.com/sBZgmZ/ba6e1f909206adeb4f22676a756d597a--blop.mp3
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.132.140 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: abd654a8166d2b6f943fc64404eea5eb58cceffe8bcded73560b243c28532f16

Request headers

Referer: https://newlook.hellotars.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 14 Dec 2023 21:04:53 GMT
Last-Modified: Thu, 25 Nov 2021 10:20:00 GMT
Server: AmazonS3
x-amz-request-id: 2CJKZAX3N1CKCXPK
ETag: "627c0e8b5b8ef0417ace4d759284a51d"
Content-Type: audio/mp3
Content-Range: bytes 0-1991/1992
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1992
x-amz-id-2: FjaajWiwo7e8GBsVbgwDDrzoGPq6EII0ekG0gubf1t1Ctuv0K06YePTRd+vvydbiOV9t2OrIIEg=

GET
H2 200 tars_brand_lightning.svg
newlook.hellotars.com/icons/ Frame E513 275 B
422 B 63ms
63ms Image
image/svg+xml 3.219.24.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newlook.hellotars.com/icons/tars_brand_lightning.svg
Requested by: Host: newlook.hellotars.com
URL: https://newlook.hellotars.com/conv/IPIIzb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.219.24.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-24-33.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2cc57b8fa46aea15edfe7b01cb6ed7653360c2ee34262877313d72949b1e1b07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newlook.hellotars.com/conv/IPIIzb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:04:51 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 12:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"113-187c2c32119"
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
281 B 75ms
74ms Fetch
image/gif 2600:141b:1c00:27::17ce:ac13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1702587893733&dh=counselor.chat&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&vci=2063995054&cv=2.0.2&z=1811133262&vg=6288abbd-5a2a-51ac-a9a1-423caf2f86aa&vtg=6288abbd-5a2a-51ac-a9a1-423caf2f86aa&dp=%2F&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%226f05cfb3-752e-4b0a-96f0-0db1558a176c%22%2C%22pd%22%3A%222023-12-14T20%3A57%3A42.034Z%22%2C%22meta.numWidgets%22%3A4%2C%22meta.theme%22%3A%22layout13%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&hit_id=640fdabe-827e-5ee7-8eac-ab6d1f42b430&ht=perf&tce=1702587890406&tcs=1702587890406&tdc=1702587893724&tdclee=1702587891141&tdcles=1702587891141&tdi=1702587891088&tdl=1702587890606&tdle=1702587890406&tdls=1702587890406&tfs=1702587890406&tns=1702587890162&trqs=1702587890408&tre=1702587890474&trps=1702587890473&tles=1702587893724&tlee=0&nt=navigate&lcp=761&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:141b:1c00:27::17ce:ac13 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://counselor.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Thu, 14 Dec 2023 21:04:53 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://counselor.chat
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/css/a26d926d4a64a700.css

Domain: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/chunks/webpack-b12a44ef71f79ce4.js

Domain: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/chunks/framework-715a76d8b0695da7.js

Domain: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/chunks/main-b355b9c39b50a4eb.js

Domain: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/chunks/pages/_app-dde429d7c327a91d.js

Domain: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/chunks/fec483df-05532907abb253c3.js

Domain: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/chunks/75fc9c18-3148a20e1df1e518.js

Domain: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/chunks/61606cbd-356c1b16842ffec9.js

Domain: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/chunks/c810e66d-5d09cb3785b5acec.js

Domain: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/chunks/705-26a7445cb5dc579e.js

Domain: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/chunks/pages/conv/%5Bconvid%5D-ff2efc91037b3d6b.js

Domain: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/eDkjtviKd4s6zdzDvC5JP/_buildManifest.js

Domain: newlook.hellotars.com
URL: https://newlook.hellotars.com/_next/static/eDkjtviKd4s6zdzDvC5JP/_ssgManifest.js

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700;900&display=swap

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.counselor.chat/	1969-12-31 23:59:59	Name: dps_site_id Value: us-east-1
counselor.chat/	1969-12-31 23:59:59	Name: dps_site_id Value: us-east-1
.counselor.chat/	1970-01-21 01:42:03	Name: _tccl_visitor Value: 6288abbd-5a2a-51ac-a9a1-423caf2f86aa
.counselor.chat/	1970-01-20 16:56:29	Name: _tccl_visit Value: 6288abbd-5a2a-51ac-a9a1-423caf2f86aa

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: about:srcdoc Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://counselor.hellotars.com/conv/IPIIzb(Line 40) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://counselor.chat/markup/ad Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: about:srcdoc Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' godaddy.com *.godaddy.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counselor.chat
counselor.hellotars.com
d1xa9uhfa6nnrk.cloudfront.net
events.api.secureserver.net
fonts.googleapis.com
img1.wsimg.com
newlook.hellotars.com
receive.hellotars.com
tars-data.s3.amazonaws.com
tars-file-upload.s3.amazonaws.com
www.counselor.chat
www.googletagmanager.com
fonts.googleapis.com
newlook.hellotars.com
23.12.144.200
2600:141b:1c00:27::17ce:ac13
2600:9000:24f0:5000:1f:5acd:8400:21
2607:f8b0:4006:81c::200a
2607:f8b0:4006:821::2008
3.219.24.33
34.234.28.35
50.19.62.130
52.219.132.140
52.219.158.139
76.223.105.230
010083b88e95f18cefdb90796acce02073e91fc8dfefb27a7f5f3f75529e4906
055e82493f76cca450a283ce68afbaa875a3a5bd87671967871423295e5839e3
0670a9ca7418276dd8c63175e0324be3b3c444569e301145bc6e07a1a305aa10
0fe26f07b9e5d49590f55d31cbc381ca9337850f89b09940e3b384fcd6d26464
19563e1fe086a95c9918853293634d831716942f76ceb273707c9fdd99b2ab85
2061af4d98d4ccfff2a953334f8098afaf3899dad20d2c67d186e9fbc6f9f91a
265995eb76326e95613750f6f6570b850f5c22280d262de9b9632a16ceb98b9b
27efc2df59fb792d7dd1f3b92b3259392ec5374700fab75d449bbbdf1ff261c9
2c0b8b1b44960fa5584fb5d8f1bb50e21662ec06a70fca8eedf8299c69f2e2ba
2cc57b8fa46aea15edfe7b01cb6ed7653360c2ee34262877313d72949b1e1b07
33850eb245d0d15ab3b9ad7f2d950ba4d2803b37cdc6fdd76bb3f15957a0a459
3b54aeacfda01be53800632989a82f6f5a7f92e927159a37a4324b38d3dffef8
3c37a4aa3cf6aaae6921a4b750c0e4f81fd338d6878be90b0faf2f921039cb23
3c8531c8f6afc4784f9650806756aa4f6a4aba3e4381590960f0dba8b5f93ba5
3d7e7552e3801941a408c504aa732223fe2bed5d12e248680847d772182cb639
40822ab9b998a127123a306b1841aadd15c68e0da79ec8917e06cffe833769c4
513864fd4ebd1926f3e1e78b436a90c2bc3a5d16835b50415e7b318d7deec2a2
53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0
54b99cec53698e164a6642d242e351fdf89ca036b4a53620cf2ac90f3e739579
5f7cf421c8d4beede7c16f7d230783e585e88dfb5e418f302d91790d427242a8
604281887cd770ed21601933e9636a7a9c8a57a30d7d796ae7d760eef64d5089
66774f89fcfa5674be9aef60e3fe3cb81e4dd88246bde4e5392df8b99fefd4db
6f48eca10524873842eec215773a0b7e7655fa979702cf0aa3a91eeda35361ab
6fabcc6be52465a9dc1efb3b457c8d7d18acce37404dfbade1a647c8e2676312
74a91f8813ed283dba9d018af197f92a50c245f867264dd5118d79c7f269823f
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
815eeadca2db0a292757809989c68a84ed3ff820a9cd4bf7272164cf06ab7563
86236e7f53893f010cdec50c66999a04adf7343d648b62eae630387508e7e55b
8671cfdfa128168db2136d7c17f55ba98ddba221cdd1acbbe559d4969280fd51
89388608d7bceced5ad74231681ffce822ad580acb9fd7e492970176e3e38347
8ca58508349795de04620cc743dd6b19ad82edee0210f723ab18e16c00212a38
8cd0dfe3114465657a088fb8efde20a94882bfab2ac1b55c20dba878a724bf58
8d5790fcaefbc6a9c3dd638b332e61508f633de38364e1a9c87d3e2ccfb80101
8ec4aad1c40dff419c750195eb6a9d462c5e50e939add9f0a9ddf252b9f1ddd5
8f4482af19caf505dff8a22d503a22ebe2bfcc3f2e0081204efbe999ce836f77
91a4c6b72dac726b902364d1657a3874a5042c209d67486ff7d99ef4c76828de
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9fbe3671c09c04d89edba363baa65d0f22b8223e266efcb88780ccaacb573a22
ab56e9ca0491c6492ab70cf39f4e5f8ad2ac3d1c4f8f6e807eb7fa8ce33686c8
abd654a8166d2b6f943fc64404eea5eb58cceffe8bcded73560b243c28532f16
b08c2864ec27736c507b1ca4b3a225a19147841b861cd8494daf95fa370fe639
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bae437dbefe58377d88c9d579db7c59f4202f3fbf88866d0005fb375be6b2cd7
bff3c0c2907bcffd63dedc687b8fca61197e8b783c644b3d665ac3620c383e3c
c44c90039e1ac1aa63db7776deb5a167b54c619633dac1c3e1b1ef87cbc40c01
c73cb2249dfa3bce4ba434db98f64c36698865108a6af9f55e669b1b8e61ae90
c818b56446ae5a8d0466fc9c51d85104584e36f6d8b1c77e08a2d354e845e2cd
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
d7f01243816138ef54fc3e5211b3023bd7c2298e0338928d775a42cbad0dedc5
dc1df7794f3392867b0c45330d82578324b642dbf3f0925e23eb541664ca33fc
e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960
e4d29fc8b5df9204e712566f1cf1a651cd285d58552312316aeff668856c811e
e6c130a40411ff16386c8be98ebfcefecbd386719e43d2683038268a51c6a3fc
e8a5463ff98210d3017deee55d5a287ad01aaa11dbe7deb7d07f7d15d7f609f2
e8fcfb1552d918b5d9fd715f711255465d6dd4348b4dcedd362cb00df9d3dbef
e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769
eca60e349160c1fa35a10caac1b6eb0dc95e226bd913a5d684ace4a635029e87
ed9ffa2fba5ecc75af2f99e6ebadd5b927086f258037c2a848e94449cc579991
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef825a79bfee6d8fe85e77302bca11089739ce3129e006e76b7a80715ae6c919
f075fefc90d97da32d93ab7a2c9660a9d73b41a3b022497c8e6683cb6f98bf88
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f50d125b80655188f37ed12150994cfa191c5851ebcd2d8e0b3ab159e531bd15
fda5834ee65687fbb68ab1afd7c709ec144f42018d4a3766dc914816dbec19a9

counselor.chat Open in urlscan Pro 76.223.105.230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

80 %HTTPS

36 %IPv6

8 Domains

12 Subdomains

12 IPs

3 Countries

1521 kBTransfer

4091 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

counselor.chat Open in urlscan Pro
76.223.105.230 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

80 %
HTTPS

36 %
IPv6

8
Domains

12
Subdomains

12
IPs

3
Countries

1521 kB
Transfer

4091 kB
Size

4
Cookies

80 HTTP transactions
4 data transactions