www.canddi.com Open in urlscan Pro
151.139.242.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mail.canddi.co/dfb441978b3c4c7bf3424a815bf1043d83fe0ce2db1ba8a074e233e3ff3c8a84/e4b673e66dcdbce3e7a8d458c30da0f...
Effective URL:
https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29...
Submission: On November 25 via api (November 25th 2019, 1:46:50 pm UTC) from CH

Summary HTTP 83 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 20 domains to perform 83 HTTP transactions. The main IP is 151.139.242.5, located in Dallas, United States and belongs to HIGHWINDS2 - Highwinds Network Group, Inc., US. The main domain is www.canddi.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 18th 2019. Valid for: 2 years.

This is the only time www.canddi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	154.46.89.10 154.46.89.10	174 (COGENT-174) (COGENT-174 - Cogent Communications)
32	151.139.242.5 151.139.242.5	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:20e... 2600:9000:20eb:3a00:9:72eb:eb00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.84.181 147.75.84.181	54825 (PACKET) (PACKET - Packet Host)
1	2a02:26f0:10c... 2a02:26f0:10c:399::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.148.115.36 146.148.115.36	15169 (GOOGLE) (GOOGLE - Google LLC)
3	151.139.243.18 151.139.243.18	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
17	2606:4700:10:... 2606:4700:10::6814:24a1	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2600:9000:21f... 2600:9000:21f3:a200:c:2b4b:7a40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2a05:f500:11:... 2a05:f500:11:101::b93f:9001	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	147.75.84.33 147.75.84.33	54825 (PACKET) (PACKET - Packet Host)
1	147.75.100.189 147.75.100.189	54825 (PACKET) (PACKET - Packet Host)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	143.204.101.103 143.204.101.103	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	34.249.79.181 34.249.79.181	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	34.247.58.218 34.247.58.218	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.225.78.120 13.225.78.120	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
83	25

1 154.46.89.10 (United States) 1 redirects

ASN174 (COGENT-174 - Cogent Communications, US)

mail.canddi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 151.139.242.5 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

www.canddi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:3a00:9:72eb:eb00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

data.staticfiles.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.181 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:399::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.148.115.36 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 36.115.148.146.bc.googleusercontent.com

canddi.calltracks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.243.18 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

cdns.canddi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.179 (United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:10::6814:24a1 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
settings.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:a200:c:2b4b:7a40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn.ppcprotect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9001 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.33 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.100.189 (Central, Hong Kong)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-8

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.101.103 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-103.fra50.r.cloudfront.net

static.activedemand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.79.181 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-79-181.eu-west-1.compute.amazonaws.com

i.canddi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.247.58.218 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-247-58-218.eu-west-1.compute.amazonaws.com

s.canddi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.120 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-120.fra2.r.cloudfront.net

collection.activedemand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	canddi.com www.canddi.com cdns.canddi.com i.canddi.com	2 MB
17	crisp.chat client.crisp.chat settings.crisp.chat image.crisp.chat	336 KB
6	activedemand.com static.activedemand.com collection.activedemand.com	119 KB
3	canddi.io s.canddi.io	1 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	72 KB
2	facebook.com www.facebook.com	337 B
2	google.de www.google.de	220 B
2	google.com 1 redirects www.google.com	352 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
2	facebook.net connect.facebook.net	112 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	ppcprotect.com cdn.ppcprotect.com	322 B
1	simpli.fi tag.simpli.fi	766 B
1	calltracks.com canddi.calltracks.com	351 B
1	bizographics.com sjs.bizographics.com	2 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	staticfiles.io data.staticfiles.io	855 B
1	googletagmanager.com www.googletagmanager.com	24 KB
1	canddi.co 1 redirects mail.canddi.co	586 B
83	20

	Domain	Requested by
32	www.canddi.com	www.canddi.com
8	client.crisp.chat	www.canddi.com client.crisp.chat cdns.canddi.com
7	image.crisp.chat	client.crisp.chat
5	static.activedemand.com	data.staticfiles.io static.activedemand.com
3	s.canddi.io	cdns.canddi.com
3	cdns.canddi.com	www.googletagmanager.com cdns.canddi.com
2	i.canddi.com	cdns.canddi.com
2	settings.crisp.chat	client.crisp.chat
2	www.facebook.com	www.canddi.com connect.facebook.net
2	px.ads.linkedin.com	1 redirects www.canddi.com
2	www.google.de	www.canddi.com
2	www.google.com	1 redirects www.canddi.com
2	connect.facebook.net	www.canddi.com connect.facebook.net
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	collection.activedemand.com	static.activedemand.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	cdn.ppcprotect.com	www.canddi.com
1	tag.simpli.fi	www.googletagmanager.com
1	canddi.calltracks.com	www.canddi.com
1	sjs.bizographics.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	data.staticfiles.io	www.googletagmanager.com
1	www.googletagmanager.com	www.canddi.com
1	mail.canddi.co	1 redirects
83	29

This site contains links to these domains. Also see Links.

Domain
en-gb.facebook.com
twitter.com
www.youtube.com
plus.google.com
www.linkedin.com
medium.com
m.me
status.canddi.com
support.canddi.com

Subject Issuer	Validity	Valid
www.canddi.com Sectigo RSA Domain Validation Secure Server CA	`2019-08-18` - `2021-08-23`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.staticfiles.io Amazon	`2019-03-12` - `2020-04-12`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-10-06` - `2020-01-04`	3 months	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2018-04-13` - `2020-04-17`	2 years	crt.sh
*.calltracks.com Go Daddy Secure Certificate Authority - G2	`2018-11-06` - `2020-11-06`	2 years	crt.sh
cdns.canddi.com COMODO RSA Domain Validation Secure Server CA	`2017-07-25` - `2020-09-22`	3 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2017-05-11` - `2020-05-10`	3 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
crisp.chat CloudFlare Inc ECC CA-2	`2019-08-28` - `2020-08-27`	a year	crt.sh
cdn.ppcprotect.com Amazon	`2019-03-22` - `2020-04-22`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-10-06` - `2020-01-04`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-10-06` - `2020-01-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.activedemand.com Amazon	`2019-03-18` - `2020-04-18`	a year	crt.sh
i.canddi.com Amazon	`2019-04-08` - `2020-05-08`	a year	crt.sh
s.canddi.io Amazon	`2019-03-24` - `2020-04-24`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
Frame ID: 1F4191932732FBBFE76FCCEC88440994
Requests: 93 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Frame ID: 8C77FA7EAC38134E82526CCA60BDD895
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mail.canddi.co/dfb441978b3c4c7bf3424a815bf1043d83fe0ce2db1ba8a074e233e3ff3c8a84/e4b673e66dc... HTTP 302
https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWF... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Page Statistics

83
Requests

100 %
HTTPS

52 %
IPv6

20
Domains

29
Subdomains

25
IPs

6
Countries

2778 kB
Transfer

5917 kB
Size

13
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://en-gb.facebook.com/thisiscanddi/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/CANDDi
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCU7aljz8YC9IdPfxuxLY39g
Title:

Search URL Search Domain Scan URL

URL: https://plus.google.com/+Canddi
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/canddi-campaign-and-digital-intelligence-limited-/
Title:

Search URL Search Domain Scan URL

URL: https://medium.com/@CANDDi_Blog

Search URL Search Domain Scan URL

URL: https://m.me/126078980739722
Title: Continue on Messenger

Search URL Search Domain Scan URL

URL: https://twitter.com/canddi
Title: Continue on Twitter

Search URL Search Domain Scan URL

URL: https://status.canddi.com/
Title: See our status page

Search URL Search Domain Scan URL

URL: https://support.canddi.com/
Title: Search on Helpdesk

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mail.canddi.co/dfb441978b3c4c7bf3424a815bf1043d83fe0ce2db1ba8a074e233e3ff3c8a84/e4b673e66dcdbce3e7a8d458c30da0fd/le35 HTTP 302
https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1895580904&t=pageview&_s=1&dl=https%3A%2F%2Fwww.canddi.com%2Flanding%2Fturn-anonymous-warm-leads%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&ul=en-us&de=UTF-8&dt=Turn%20anonymous%20website%20visitors%20into%20warm%20leads!&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&_u=YEBAAAAB~&jid=369787594&gjid=893159847&cid=147649678.1574689593&tid=UA-15069217-1&_gid=205570173.1574689593&_r=1&gtm=2wgav95ZNJCH&z=741430987 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15069217-1&cid=147649678.1574689593&jid=369787594&_gid=205570173.1574689593&gjid=893159847&_v=j79&z=741430987 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=147649678.1574689593&jid=369787594&_v=j79&z=741430987 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=147649678.1574689593&jid=369787594&_v=j79&z=741430987&slf_rd=1&random=2761983715

Request Chain 35

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1232906&url=https%3A%2F%2Fwww.canddi.com%2Flanding%2Fturn-anonymous-warm-leads%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&time=1574689592763 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1232906%26url%3Dhttps%253A%252F%252Fwww.canddi.com%252Flanding%252Fturn-anonymous-warm-leads%252F%253Fce%253Dmarketing%2540vusa.com%2526cfn%253D%2526cln%253D%2526ce_b4%253DbWFya2V0aW5nQHZ1c2EuY29t%2526cfn_b4%253D%2526cln_b4%253D%2526cc_b4%253D%2526cph_b4%253D%2526utm_source%253De-shot%2526utm_medium%253Demail%2526utm_campaign%253DKnockknockLFUSA%26time%3D1574689592763%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1232906&url=https%3A%2F%2Fwww.canddi.com%2Flanding%2Fturn-anonymous-warm-leads%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&time=1574689592763&liSync=true

83 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.canddi.com/landing/turn-anonymous-warm-leads/
Redirect Chain

http://mail.canddi.co/dfb441978b3c4c7bf3424a815bf1043d83fe0ce2db1ba8a074e233e3ff3c8a84/e4b673e66dcdbce3e7a8d458c30da0fd/le35
https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campai...

30 KB
8 KB

395ms
290ms

Document
text/html

151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

616af0d86bc59ee130fb98145201ec99eaa244bfba72e4f25bade38a38871fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.canddi.com
:scheme: https
:path: /landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Mon, 25 Nov 2019 13:46:32 GMT
content-type: text/html
last-modified: Thu, 21 Nov 2019 10:48:53 GMT
etag: W/"64f003e1f3be2ce93fd436dd15b9ee5a"
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
if-you-can-read-this-then-contact-us: jobs@canddi.com
ignore: Now
content-encoding: gzip
vary: Accept-Encoding
x-cache: MISS
accept-ranges: bytes

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: 0
Location: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
Server: Microsoft-IIS/7.5
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge,chrome=1
Date: Mon, 25 Nov 2019 13:46:25 GMT
Content-Length: 372

GET
H2 200 fontawesome-webfont.woff2
www.canddi.com/static/fonts/ 75 KB
76 KB 223ms
222ms Font
font/woff2 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canddi.com/static/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.canddi.com
URL: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
Origin: https://www.canddi.com

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 77160
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:16 GMT
server: nginx
etag: "af7ae505a9eed503f8b8e6982036873e"
x-frame-options: SAMEORIGIN
content-type: font/woff2
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 053f7e575d936b1b46b604c1d7685046.css
www.canddi.com/static/css/ 364 KB
71 KB 214ms
213ms Stylesheet
text/css 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canddi.com/static/css/053f7e575d936b1b46b604c1d7685046.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

f60a71fac4d43f29a4bf997416dbbb087bf0dacdcbe1acd8cc9bcc1e8bd17e2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 21 Nov 2019 10:48:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"053f7e575d936b1b46b604c1d7685046"
vary: Accept-Encoding
content-type: text/css
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 logo.png
www.canddi.com/static/img/ 3 KB
4 KB 164ms
164ms Image
image/png 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

34e527f9cabcc408f7aa5d60aef2478722ec730561469b88b50f6cee105bfca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 3522
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 08 Oct 2019 15:39:31 GMT
server: nginx
etag: "a0789435e584e5d8d23059caf7fd9009"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 crm-mob.jpg
www.canddi.com/static/img/product/tour/ 124 KB
125 KB 201ms
200ms Image
image/jpeg 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/product/tour/crm-mob.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

361139388d38b9547337a3aeb1fc0296c989540d448135c381274b130d0a22a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 127141
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 08 Oct 2019 15:39:33 GMT
server: nginx
etag: "565619cd4fd19877493bab9f1b45d4b3"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 context-icon.svg
www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/svgs/ 121 KB
93 KB 399ms
398ms Image
image/svg+xml 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/svgs/context-icon.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

1a5079dfed8dc9895132a970e25a674eaecf4e174959de770b47979f92994dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"ff5a0e4b906545b669ad30099752d62c"
vary: Accept-Encoding
content-type: image/svg+xml
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 fluid-trust-icon.svg
www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/svgs/ 131 KB
101 KB 196ms
195ms Image
image/svg+xml 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/svgs/fluid-trust-icon.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

2d1cb8a826ba462cbed24c8cb202c17ba10914f9bb12d0ee4609f2dac4f3909a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"440c8477e178e56254fe1b30d8750164"
vary: Accept-Encoding
content-type: image/svg+xml
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 document-360.svg
www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/svgs/ 115 KB
82 KB 221ms
220ms Image
image/svg+xml 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/svgs/document-360.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

5ee24aa3dac6ab7e2b5ac97a6c0d33fa3ce465ff347ec73f0f9c4535b92b504e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2ba75d992ec3b0cc7b689ca00c65c4bd"
vary: Accept-Encoding
content-type: image/svg+xml
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 monitor.jpg
www.canddi.com/static/img/product/tour/ 102 KB
103 KB 248ms
247ms Image
image/jpeg 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/product/tour/monitor.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

07ef5ac09689e0203d027c85a385a9a19233b0645cdb59b5111d56b6031bc4c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 104939
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 08 Oct 2019 15:39:33 GMT
server: nginx
etag: "cfb9d7cda1d7dc4e45ee9152995eca90"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 monitor-mob.jpg
www.canddi.com/static/img/product/tour/ 22 KB
23 KB 217ms
216ms Image
image/jpeg 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/product/tour/monitor-mob.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

a59cc7a00603c7213c38d5fc8c1f0bf97a6375166ca6dc5f040fa23a06b77d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 22681
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 08 Oct 2019 15:39:33 GMT
server: nginx
etag: "b81bd0c0b03afa0705f3519c7dbfcb12"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 ip.jpg
www.canddi.com/static/img/product/tour/ 135 KB
135 KB 187ms
187ms Image
image/jpeg 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/product/tour/ip.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

f64973e854f1c87bb5a36ca9fa42cad9336feb6ee3a6b37b486f37e9d5f6b808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 137905
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 08 Oct 2019 15:39:33 GMT
server: nginx
etag: "42f42e00be75273859da8f13a10be988"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 ip-mob.jpg
www.canddi.com/static/img/product/tour/ 29 KB
30 KB 246ms
245ms Image
image/jpeg 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/product/tour/ip-mob.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

45f9a63705b8fae2c958ff944ca8600f9d1a5dbb7eb609e6fc93b3964b5b7f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 30047
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 08 Oct 2019 15:39:33 GMT
server: nginx
etag: "b774008474fcfb4036a61f8896076e01"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 identify.jpg
www.canddi.com/static/img/product/tour/ 210 KB
210 KB 171ms
170ms Image
image/jpeg 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/product/tour/identify.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

0c9b72af6d3d2e38010b8e56525e0081c8d1022f64f00351d210592968f13cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 214870
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 08 Oct 2019 15:39:33 GMT
server: nginx
etag: "e6be5c56fd4fb4aa6ca908735a72d65e"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 identify-mob.jpg
www.canddi.com/static/img/product/tour/ 45 KB
45 KB 412ms
411ms Image
image/jpeg 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/product/tour/identify-mob.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

689e498544e886f317c7f3b21d4ff1e7d78b61df728ee84ca1f0db74f068ea04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 45663
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 08 Oct 2019 15:39:33 GMT
server: nginx
etag: "2b344dac2e489a0b7a56f385b77fcaee"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 crm.jpg
www.canddi.com/static/img/product/tour/ 125 KB
126 KB 154ms
154ms Image
image/jpeg 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/product/tour/crm.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

59a6e50d43d5c8e85f95395ca39995191ce4ad36b5cb78552bb140ace9609cc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 128271
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 08 Oct 2019 15:39:33 GMT
server: nginx
etag: "eb671c956bf46c4a79b68102b81fa58a"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 1a1867b9446993044f9b52585ba34820.js Show response
www.canddi.com/static/js/ 546 KB
178 KB 242ms
241ms Script
application/javascript 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canddi.com/static/js/1a1867b9446993044f9b52585ba34820.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

efc2ad6fbf06c354f43596ca543becde5c8a97b377a8633f6addb99c5ab13b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 21 Nov 2019 10:48:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1a1867b9446993044f9b52585ba34820"
vary: Accept-Encoding
content-type: application/javascript
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 button-icons.png
www.canddi.com/static/img/design/ 8 KB
9 KB 226ms
225ms Image
image/png 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/design/button-icons.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

153357a8948e33dfefef3c5cb37f40b98bf4aaf45d573fed99eaee4efc5cf01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/static/css/053f7e575d936b1b46b604c1d7685046.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 8378
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 08 Oct 2019 15:39:27 GMT
server: nginx
etag: "73457c663eb56a87918cf1fbd39e9ccd"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 pricing-icon-white.svg
www.canddi.com/static/img/design/ 782 B
918 B 216ms
216ms Image
image/svg+xml 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/design/pricing-icon-white.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

fb9f9796835896dcfcd32f2e638622bcb9aa196eacde16f7f5a4c29379fe82fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/static/css/053f7e575d936b1b46b604c1d7685046.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 478
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 08 Oct 2019 15:39:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"795ac3e522a58b045b86e4b5afa5399a"
vary: Accept-Encoding
content-type: image/svg+xml
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 icon-lock.svg
www.canddi.com/static/img/design/ 2 KB
1 KB 212ms
211ms Image
image/svg+xml 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/design/icon-lock.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

c81e1f5969ce1dbdaf9103075b4526c4a482332c0133ded466d8416e1ebf10c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/static/css/053f7e575d936b1b46b604c1d7685046.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 08 Oct 2019 15:39:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1c50d1430ae759653bc187ccd8435c95"
vary: Accept-Encoding
content-type: image/svg+xml
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 SourceSansPro-Semibold.ttf
www.canddi.com/static/fonts/ 146 KB
147 KB 252ms
252ms Font
font/ttf 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canddi.com/static/fonts/SourceSansPro-Semibold.ttf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

ad9bf535fc18d27ba929b766058bf5381649bc3d9092232c00e069f420054232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.canddi.com/static/css/053f7e575d936b1b46b604c1d7685046.css
Origin: https://www.canddi.com

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 149636
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:16 GMT
server: nginx
etag: "52984b3a4e09652a6feee711d5c169fd"
x-frame-options: SAMEORIGIN
content-type: font/ttf
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 SourceSansPro-Regular.ttf
www.canddi.com/static/fonts/ 146 KB
147 KB 179ms
178ms Font
font/ttf 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canddi.com/static/fonts/SourceSansPro-Regular.ttf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

6fc6e8f223cb7a88d7e0d07af0aa7c45084be3c2b330622c06b5e6c6d9f74768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.canddi.com/static/css/053f7e575d936b1b46b604c1d7685046.css
Origin: https://www.canddi.com

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 149972
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:16 GMT
server: nginx
etag: "ba6cad25afe01d394e830f548a7f94df"
x-frame-options: SAMEORIGIN
content-type: font/ttf
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 SourceSansPro-Light.ttf
www.canddi.com/static/fonts/ 147 KB
147 KB 211ms
210ms Font
font/ttf 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canddi.com/static/fonts/SourceSansPro-Light.ttf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

b013d99044fd95864c10bc2926e1afa2850a5a9836f136ee556fafd48c4ea76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.canddi.com/static/css/053f7e575d936b1b46b604c1d7685046.css
Origin: https://www.canddi.com

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 150244
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:16 GMT
server: nginx
etag: "b2e90cc01cdd1e2e6f214d5cb2ae5c26"
x-frame-options: SAMEORIGIN
content-type: font/ttf
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 74 KB
24 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZNJCH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1c29bb7c828e77ce200e0dd5ea994fd869650979c8085fae062c38ce0f859cf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: br
last-modified: Mon, 25 Nov 2019 12:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 24679
x-xss-protection: 0
expires: Mon, 25 Nov 2019 13:46:32 GMT

GET
H2 200 load.js Show response
data.staticfiles.io/accounts/8066aa8f-4e6548-71715d10/ 505 B
855 B 479ms
408ms Script
application/x-javascript 2600:9000:20eb:3a00:9:72eb:eb00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://data.staticfiles.io/accounts/8066aa8f-4e6548-71715d10/load.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNJCH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:3a00:9:72eb:eb00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3b7dc096a27557fc9970aca1037ddc42526402bf5ca6e51892117aef5a8beec

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:34 GMT
via: 1.1 d8328954e51c0912a8419c1a67cea1dc.cloudfront.net (CloudFront)
last-modified: Mon, 18 Nov 2019 14:50:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "77464a73aa2744f821cc5d435818988e"
x-cache: Miss from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 505
x-amz-cf-id: xS1B4W-Jf_y7OPJ4EpErORUxqpIdsH9NNCvEVvbCqndGoYKJyTV72w==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNJCH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4375
date: Mon, 25 Nov 2019 12:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 25 Nov 2019 14:33:37 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 25 KB
10 KB 325ms
30ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNJCH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

69e3a796f4b120879065a812b95b56fd4d28f88faf8c1976ad9b0fa2f31dc0eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9614
x-xss-protection: 0
server: cafe
etag: 5296095546589048175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Nov 2019 13:46:33 GMT

GET
H2 200 hotjar-1323384.js Show response
static.hotjar.com/c/ 3 KB
2 KB 140ms
140ms Script
application/javascript 147.75.84.181
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1323384.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNJCH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.84.181 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

Software

openresty /

Resource Hash

35861636155f909d5bf1ae64dcbfef644adccbce7489abf17ccd81f16bd21d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-cache: Miss
x-cache-hit: 1
server: openresty
x-frame-options: SAMEORIGIN
etag: W/690c3d8bd14184d30dbc4d07dac75e94
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.077
accept-ranges: bytes
section-io-id: ded4e752ebeca6e36abc3f5a031ef888

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 3 KB
2 KB 40ms
9ms Script
application/x-javascript 2a02:26f0:10c:399::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNJCH
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:399::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 13:46:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=23620
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H/1.1 206
Partial Content loader.js Show response
canddi.calltracks.com/wnd/ 70 B
351 B 170ms
25ms Script
text/javascript 146.148.115.36
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://canddi.calltracks.com/wnd/loader.js
Requested by: Host: www.canddi.com
URL: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.148.115.36 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 36.115.148.146.bc.googleusercontent.com
Software: Calltracks /
Resource Hash: cbd91955580dba0003f49ccea7b4722091f82bd29c09c6b7c10231048b78f524

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.003588
Date: Mon, 25 Nov 2019 13:46:32 GMT
Server: Calltracks
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
X-Request-Id: 3a201d64-6153-410d-8019-9dbd7a0fcdba

GET
H2 200 ee4f9bc0af0bbed6283e07c8dd334f49.js Show response
cdns.canddi.com/p/ 97 KB
35 KB 536ms
250ms Script
application/javascript 151.139.243.18
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNJCH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.243.18 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

8e294a96be419e04c05744fef9dd3cd4acb18076e7c1c8f8806f14d9f82cfc84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:33 GMT
content-encoding: gzip
last-modified: Mon, 25 Nov 2019 13:46:33 GMT
server: nginx
vary: Accept, Accept-Encoding
x-cache: MISS
p3p: policyref="https://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
status: 200
cache-control: max-age=1800, public
x-server: dashboard-i-02f4fd21a13896135
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Nov 2019 14:16:33 GMT

GET
H2 200 43f4b410-5c4e-0136-4aed-067f653fa718 Show response
tag.simpli.fi/sifitag/ 0
766 B 308ms
19ms Script
application/javascript 169.50.137.179
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/43f4b410-5c4e-0136-4aed-067f653fa718

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNJCH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 25 Nov 2019 13:46:28 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
x-request-id: 2nd6nlkaiaa9td52g0qm0j61
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
26 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f20f83cb7683a1a3138cd52201d83436e33a5e67ef0b9c96bbdab860b5f7da16

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 26765
x-xss-protection: 0
pragma: public
x-fb-debug: QPaQPuMjSA57E5HmX/BhGrNiQNzWBBDwahPwIJGczV1UxAua2WlxnmyZU5f/nA1rTcdXwLWNA1niVEIDktwbQA==
x-fb-trip-id: 420120009
date: Mon, 25 Nov 2019 13:46:32 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 l.js Show response
client.crisp.chat/ 11 KB
4 KB 57ms
26ms Script
application/javascript 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1df35b464ca66ab5f03a478a311068caad7e065b924081b3cad0083382fe6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 545
status: 200
access-control-max-age: 300
alt-svc: h3-23=":443"; ma=86400
last-modified: Fri, 11 Oct 2019 15:07:44 GMT
server: cloudflare
etag: W/"5da09ac0-2c98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=86400
access-control-allow-credentials: false
cf-ray: 53b411c2c84ccba4-VIE
access-control-allow-headers: Content-Type, Origin
expires: Tue, 26 Nov 2019 13:37:27 GMT

GET
H2 200 va-monitor.js Show response
cdn.ppcprotect.com/tracking/ 0
322 B 59ms
6ms Script
application/javascript 2600:9000:21f3:a200:c:2b4b:7a40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ppcprotect.com/tracking/va-monitor.js
Requested by: Host: www.canddi.com
URL: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:a200:c:2b4b:7a40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 02:39:07 GMT
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified: Sun, 13 Oct 2019 16:54:13 GMT
server: AmazonS3
age: 40046
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: lx0T8zJdxB4MopSUyCRLTE4AwOGhgmQhTESm3Ou8NaV61eQ6E74NnA==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1895580904&t=pageview&_s=1&dl=https%3A%2F%2Fwww.canddi.com%2Flanding%2Fturn-anonymous-warm-leads%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cl...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15069217-1&cid=147649678.1574689593&jid=369787594&_gid=205570173.1574689593&gjid=893159847&_v=j79&z=741430987
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=147649678.1574689593&jid=369787594&_v=j79&z=741430987
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=147649678.1574689593&jid=369787594&_v=j79&z=741430987&slf_rd=1&random=2761983715

42 B
109 B

28ms
28ms

Image
image/gif

2a00:1450:4001:800::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=147649678.1574689593&jid=369787594&_v=j79&z=741430987&slf_rd=1&random=2761983715

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15069217-1&cid=147649678.1574689593&jid=369787594&_v=j79&z=741430987&slf_rd=1&random=2761983715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 292704578056651 Show response
connect.facebook.net/signals/config/ 349 KB
86 KB 58ms
58ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/292704578056651?v=2.9.13&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

fb110056d496b51e4a36eeef35b08edc61a14bb870b7c3651ecac687482c8d24

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 0xSJywunnf+wDTVJO+C3zLfHudXsru7ZN3oVcYx98DXnqICGNYK7ddLqzLIhwpUleqrKE0YcEuL/T8+pF2VggQ==
x-fb-trip-id: 420120009
date: Mon, 25 Nov 2019 13:46:32 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1232906&url=https%3A%2F%2Fwww.canddi.com%2Flanding%2Fturn-anonymous-warm-leads%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1232906%26url%3Dhttps%253A%252F%252Fwww.canddi.com%252Flanding%252Fturn-anonymous...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1232906&url=https%3A%2F%2Fwww.canddi.com%2Flanding%2Fturn-anonymous-warm-leads%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0...

0
110 B

175ms
174ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1232906&url=https%3A%2F%2Fwww.canddi.com%2Flanding%2Fturn-anonymous-warm-leads%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&time=1574689592763&liSync=true
Requested by: Host: www.canddi.com
URL: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:33 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 20
x-li-uuid: mLKoitdr2hXAhgismysAAA==

Redirect headers

date: Mon, 25 Nov 2019 13:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
x-li-pop: prod-tln1
content-length: 20
x-li-uuid: cE/wgNdr2hVwb1/aAisAAA==
pragma: no-cache
server: Play
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1232906&url=https%3A%2F%2Fwww.canddi.com%2Flanding%2Fturn-anonymous-warm-leads%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&time=1574689592763&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 client.js Show response
client.crisp.chat/static/javascripts/ 517 KB
100 KB 32ms
31ms Script
application/javascript 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?b51444a

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bae2a27d8d82e056ea53c5771cad8107201cfd3da69e687b0e0d7be8b923b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 544
status: 200
access-control-max-age: 300
alt-svc: h3-23=":443"; ma=86400
last-modified: Fri, 11 Oct 2019 15:07:44 GMT
server: cloudflare
etag: W/"5da09ac0-8137e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
cf-ray: 53b411c2f8cfcba4-VIE
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client_default.css
client.crisp.chat/static/stylesheets/ 506 KB
48 KB 32ms
31ms Stylesheet
text/css 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?b51444a

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

13bda6ad7990f7edd80fe96cb4b3314d30ef7fa4d5dba9dca0f56d9d695e1887

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 545
status: 200
access-control-max-age: 300
alt-svc: h3-23=":443"; ma=86400
last-modified: Fri, 11 Oct 2019 15:07:44 GMT
server: cloudflare
etag: W/"5da09ac0-7e84b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
cf-ray: 53b411c2f8d0cba4-VIE
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search.json Show response
www.canddi.com/ 155 KB
25 KB 133ms
133ms XHR
application/json 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canddi.com/search.json

Requested by

Host: www.canddi.com
URL: https://www.canddi.com/static/js/1a1867b9446993044f9b52585ba34820.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

f9f63713fb3f5413ddc4b4b182e0064c552595ef1beb6c61a9f0dcbf4676da15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 21 Nov 2019 10:48:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"e2fb8336b362f4e232187d9032ff4d72"
if-you-can-read-this-then-contact-us: jobs@canddi.com
strict-transport-security: max-age=31536000; includeSubdomains
content-type: application/json
cache-control: max-age=2592000
accept-ranges: bytes
expires: Wed, 25 Dec 2019 13:46:32 GMT

GET
H2 200 logo2x.svg
www.canddi.com/static/img/ 10 KB
4 KB 81ms
79ms Image
image/svg+xml 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/logo2x.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

71f2f495be40a09089c6e18f6c6c8a0dd871d982dd74a293412d1484bb4275ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"afdc5b5d5a638d4d95f4c928c2a52529"
vary: Accept-Encoding
content-type: image/svg+xml
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 heading-banner-image.png
www.canddi.com/static/img/design/ 43 KB
43 KB 107ms
106ms Image
image/png 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/design/heading-banner-image.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

613b9f6fdf9b4ad328db5ea860da929d9ee1ef59a89799ce7d0b5ed2d868ca7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 43594
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 08 Oct 2019 15:39:28 GMT
server: nginx
etag: "05230d5821a80b64b83c056cfbae6513"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 step-1.png
www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/ 6 KB
6 KB 81ms
80ms Image
image/png 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/step-1.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

e701a9fed7fecfc8496bf245213b5f41916db2f62edd83639fad43ad1f5ebf45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 5925
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:20 GMT
server: nginx
etag: "7c14fd8ddd05cb2e46b17339f1503f18"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 step-2.png
www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/ 3 KB
4 KB 87ms
86ms Image
image/png 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/step-2.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

95ec91930cb5584ca9562f4c1c71533dd6440fc2af54780ba6217fc7bf45c9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 3281
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:20 GMT
server: nginx
etag: "84538f14b2d47411f9e635eca16a54ff"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 step-3.png
www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/ 3 KB
4 KB 82ms
81ms Image
image/png 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/step-3.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

1034cd6ba5cba6a03f2610c0c84d5985a23697dfb545b7da2591fb6fa7c7fd59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 3258
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:20 GMT
server: nginx
etag: "088f37e3dd19244df8fa969a0ce082da"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 identify-icon.svg
www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/svgs/icons/ 8 KB
4 KB 96ms
95ms Image
image/svg+xml 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/svgs/icons/identify-icon.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

b4f1b9391591ce1bfba15980465af4b16f39a7bd2338d0e64d39909065dbfa2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"ebe9c7bd7393d252fdedd3b3cb45f71f"
vary: Accept-Encoding
content-type: image/svg+xml
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 pioritize-icon.svg
www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/svgs/icons/ 6 KB
2 KB 83ms
82ms Image
image/svg+xml 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/svgs/icons/pioritize-icon.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

8b209d97cbf11e4866be62f6368fe95ed0dae75c10f515a09ecc3c33bb1d26e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"035c3001bf14f6f65bde9da35b1fddaa"
vary: Accept-Encoding
content-type: image/svg+xml
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 optimize-icon.svg
www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/svgs/icons/ 10 KB
5 KB 86ms
85ms Image
image/svg+xml 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/svgs/icons/optimize-icon.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

7e2defeb2b787cb3877ccb6090cca398c85cc335ca762f1fba063958ba94262e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"3359850fffc816e37346dccfd2966a11"
vary: Accept-Encoding
content-type: image/svg+xml
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 make-timely-icon.svg
www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/svgs/icons/ 8 KB
4 KB 88ms
87ms Image
image/svg+xml 151.139.242.5
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canddi.com/static/img/landing-pages/turn-anonymous-warm-leads/svgs/icons/make-timely-icon.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.242.5 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

3b814dcb91f702603a1197284dfdb6b512eadd9261e10319caed5f0f7bd47544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canddi.com/landing/turn-anonymous-warm-leads/?ce=marketing@vusa.com&cfn=&cln=&ce_b4=bWFya2V0aW5nQHZ1c2EuY29t&cfn_b4=&cln_b4=&cc_b4=&cph_b4=&utm_source=e-shot&utm_medium=email&utm_campaign=KnockknockLFUSA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: MISS
status: 200
ignore: Now
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Nov 2019 11:06:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"a5736df00ae6804c4062db9e31af76ed"
vary: Accept-Encoding
content-type: image/svg+xml
expires: Wed, 25 Dec 2019 13:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
if-you-can-read-this-then-contact-us: jobs@canddi.com

GET
H2 200 /
www.facebook.com/tr/ 44 B
256 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=292704578056651&ev=PageView&dl=https%3A%2F%2Fwww.canddi.com%2Flanding%2Fturn-anonymous-warm-leads%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&rl=&if=false&ts=1574689592899&sw=1600&sh=1200&v=2.9.13&r=stable&ec=0&o=30&fbp=fb.1.1574689592898.1319775238&it=1574689592748&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Mon, 25 Nov 2019 13:46:32 GMT

GET
H2 200 modules.9447269af5bc5fb31020.js Show response
script.hotjar.com/ 399 KB
70 KB 35ms
35ms Script
application/javascript 147.75.84.33
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.9447269af5bc5fb31020.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1323384.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.84.33 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software: /
Resource Hash: ed04a4f7a5147b7dc5f87315dd42bcb5fed826b66460a588bfbe80c36128e4b6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:32 GMT
content-encoding: br
last-modified: Mon, 25 Nov 2019 12:36:55 GMT
access-control-allow-origin: *
etag: "54deed1ca67aca1f7f91732786b0f16b"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.026
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: 52817ad243a9c68f3b5d084c89daaafc
content-length: 71046

GET
H2 200 / Show response
settings.crisp.chat/client/website/de227cd0-2f63-4cc0-a00a-8c6fb9983abd/prelude/ 78 B
221 B 77ms
73ms Script
application/javascript 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.crisp.chat/client/website/de227cd0-2f63-4cc0-a00a-8c6fb9983abd/prelude/?callback=window.%24crisp.__spool.website_handler&2019-10-25-14-46

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b51444a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

52aa7878d55c696e14ae20021c2256fb681cdc53e23c7c28ac87249a960ec7de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 53b411c40c02cba4-VIE
alt-svc: h3-23=":443"; ma=86400
expires: Mon, 25 Nov 2019 14:16:33 GMT

GET
H2 200 box-b736908ce6b0e933fad3a2e45df61b38.html
vars.hotjar.com/ Frame 8C77 0
0 25ms
25ms Document
text/html 147.75.100.189
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1323384.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.100.189 Central, Hong Kong, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-8
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-b736908ce6b0e933fad3a2e45df61b38.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 25 Nov 2019 13:46:32 GMT
content-type: text/html
content-length: 808
cache-control: max-age=31536000
content-encoding: br
last-modified: Tue, 12 Nov 2019 13:04:25 GMT
etag: "ed7551919779fd07dbfe6d776c643379"
section-io-origin-status: 200
section-io-origin-time-seconds: 0.028
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: e176a53eb9c84b25acc53de748b4fe85

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1017440597/ 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017440597/?random=1574689593051&cv=9&fst=1574689593051&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.canddi.com%2Flanding%2Fturn-anonymous-warm-leads%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&tiba=Turn%20anonymous%20website%20visitors%20into%20warm%20leads!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

2a6738cbfdba5d77fe54166f7042de857177653d6a62ef7fa810f993cde4c05a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 13:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1079
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1017440597/ 42 B
161 B 21ms
21ms Image
image/gif 2a00:1450:4001:818::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1017440597/?random=1574689593051&cv=9&fst=1574686800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&frm=0&url=https%3A%2F%2Fwww.canddi.com%2Flanding%2Fturn-anonymous-warm-leads%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&tiba=Turn%20anonymous%20website%20visitors%20into%20warm%20leads!&async=1&fmt=3&is_vtc=1&random=3218317842&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 13:46:33 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1017440597/ 42 B
111 B 21ms
21ms Image
image/gif 2a00:1450:4001:800::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1017440597/?random=1574689593051&cv=9&fst=1574686800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&frm=0&url=https%3A%2F%2Fwww.canddi.com%2Flanding%2Fturn-anonymous-warm-leads%2F%3Fce%3Dmarketing%40vusa.com%26cfn%3D%26cln%3D%26ce_b4%3DbWFya2V0aW5nQHZ1c2EuY29t%26cfn_b4%3D%26cln_b4%3D%26cc_b4%3D%26cph_b4%3D%26utm_source%3De-shot%26utm_medium%3Demail%26utm_campaign%3DKnockknockLFUSA&tiba=Turn%20anonymous%20website%20visitors%20into%20warm%20leads!&async=1&fmt=3&is_vtc=1&random=3218317842&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 13:46:33 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ad.collect.min.js.jgz Show response
static.activedemand.com/public/javascript/ 96 KB
34 KB 121ms
43ms Script
application/javascript 143.204.101.103
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activedemand.com/public/javascript/ad.collect.min.js.jgz
Requested by: Host: data.staticfiles.io
URL: https://data.staticfiles.io/accounts/8066aa8f-4e6548-71715d10/load.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.103 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e43ad81f077a21469d64f353001163e051064f63013a6f685233b11871147d2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 00:50:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Sep 2018 19:26:33 GMT
Server: AmazonS3
Age: 46577
ETag: "e7de37c79345d4e42bafd5f076a2ae4c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34332
X-Amz-Cf-Id: cLJLoT1vB5qgD8lnUSO9c1ZVP7DozzMjEoC9DWKbGbbuQqA5StJbUw==

GET
H2 200 / Show response
settings.crisp.chat/client/website/de227cd0-2f63-4cc0-a00a-8c6fb9983abd/ 4 KB
1 KB 48ms
48ms Script
application/javascript 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.crisp.chat/client/website/de227cd0-2f63-4cc0-a00a-8c6fb9983abd/?callback=window.%24crisp.__spool.website_handler&1574676080818

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b51444a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0c1b48701cb5d4dd2f4fbf0b844ee4d48bf0b00d50c2913454fc96da94d7708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 53b411c5d887cba4-VIE
alt-svc: h3-23=":443"; ma=86400
expires: Mon, 25 Nov 2019 14:08:41 GMT

GET
H/1.1 200
OK i.js Show response
i.canddi.com/ 193 B
772 B 157ms
35ms Script
application/javascript 34.249.79.181
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://i.canddi.com/i.js

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.79.181 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-249-79-181.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8d51a1a5bce6e09e7d942bdade7d56a66d559dd6c2822dcc701c2da402825b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 13:46:33 GMT
Last-Modified: Mon, 25 Nov 2019 13:46:33 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: policyref="http://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
Cache-Control: max-age=94608000, private
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 193
Expires: Thu, 24 Nov 2022 13:46:33 GMT

GET
H2 200 capture.js Show response
cdns.canddi.com/ 289 KB
82 KB 24ms
24ms Script
application/javascript 151.139.243.18
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.canddi.com/capture.js

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.243.18 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

1fad652d06a7eba612b13a8580de0cce88ecef991d2217de7acabff03522e762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:33 GMT
content-encoding: gzip
last-modified: Mon, 25 Nov 2019 13:33:36 GMT
server: nginx
etag: W/"5ddbd830-4838a"
vary: Accept-Encoding
x-cache: HIT
p3p: policyref="https://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
status: 200
cache-control: max-age=31104000
x-server: dashboard-i-02f4fd21a13896135
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 19 Nov 2020 13:36:27 GMT

GET
H2 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 6 KB
2 KB 27ms
27ms Script
application/javascript 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?b51444a

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b51444a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

87ac469a931d767510a20a34c4cd257607708968781651683457765100b4ac41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 526
status: 200
access-control-max-age: 300
alt-svc: h3-23=":443"; ma=86400
last-modified: Fri, 11 Oct 2019 15:07:44 GMT
server: cloudflare
etag: W/"5da09ac0-1725"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
cf-ray: 53b411c649cccba4-VIE
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 null Show response
cdns.canddi.com/i/ee4f9bc0af0bbed6283e07c8dd334f49/ip/bid/ 63 B
497 B 481ms
481ms Script
application/javascript 151.139.243.18
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.canddi.com/i/ee4f9bc0af0bbed6283e07c8dd334f49/ip/bid/null

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.243.18 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

a7b23c89ee977750dd03b53d0bb715cf84933af95f576f0a73700723e5da4bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:33 GMT
x-cache: MISS
p3p: policyref="https://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 63
last-modified: Mon, 25 Nov 2019 13:46:33 GMT
server: nginx
etag: 4dc38338cbff928f726f03a85ff14ccf
vary: Accept
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800, public
x-server: dashboard-i-0b253dc646cc144be
accept-ranges: bytes
expires: Mon, 25 Nov 2019 14:16:33 GMT

GET
H/1.1 200
OK ad.main.min.js.jgz Show response
static.activedemand.com/public/javascript/ 46 KB
12 KB 33ms
32ms Script
application/javascript 143.204.101.103
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activedemand.com/public/javascript/ad.main.min.js.jgz?_=1574689593383
Requested by: Host: static.activedemand.com
URL: https://static.activedemand.com/public/javascript/ad.collect.min.js.jgz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.103 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 087155ea423b3973d3bf16f2a4ece851891a2977e4549a515b636ec0a84b8e38

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 00:50:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Nov 2019 23:21:57 GMT
Server: AmazonS3
Age: 46576
ETag: "87ce5a6ee8f28bf63d6bf940147d8b83"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11696
X-Amz-Cf-Id: hc4uayOJtn6_8sHZW4iXnjmsjKoJBM8f5xmm-PrgQcs9BVIeuP9glw==

GET
DATA 200
OK truncated
/ 947 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 008dd386dfafcd48e846499b13ead5a5461657ef655da0862362b411cdd4d961

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 /
www.facebook.com/tr/ 0
81 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://www.canddi.com
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary0DM6lZ5B36o0wtuM

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://www.canddi.com
date: Mon, 25 Nov 2019 13:46:33 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-23=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK jquery-ui.min.js.jgz Show response
static.activedemand.com/public/javascript/ 222 KB
60 KB 55ms
55ms Script
application/javascript 143.204.101.103
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activedemand.com/public/javascript/jquery-ui.min.js.jgz?_=1574689593384
Requested by: Host: static.activedemand.com
URL: https://static.activedemand.com/public/javascript/ad.collect.min.js.jgz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.103 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91d26eeeb46860dd9d1dabffc92d8b8b1bbb57a0630cdf64082e51a88ef0ead7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 00:50:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jun 2018 18:59:30 GMT
Server: AmazonS3
Age: 46575
ETag: "54d1f9cfd9099d7acde848dd59c67792"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61007
X-Amz-Cf-Id: NwW3H8xZIt0_-cpkcylUw4URM24qyDnIKJ7C7lXkG_zSatCHfj0PVg==

GET
H/1.1 200
OK ad.localization.min.js.jgz Show response
static.activedemand.com/public/javascript/ 15 KB
5 KB 93ms
31ms Script
application/javascript 143.204.101.103
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activedemand.com/public/javascript/ad.localization.min.js.jgz?_=1574689593385
Requested by: Host: static.activedemand.com
URL: https://static.activedemand.com/public/javascript/ad.collect.min.js.jgz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.103 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eece02732d6defa753c85796aed547c6e14e3d7a45d2c9fda6886ba268a18550

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 00:50:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Jun 2019 21:02:53 GMT
Server: AmazonS3
Age: 46575
ETag: "44ce943219ee6ec13bc9596202fdc6e2"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4585
X-Amz-Cf-Id: k00O_oz5c-HGyatrgeJLk_QFWFFS1OAyBVWPnyV0rTJvQDYcNMJ3_g==

GET
H/1.1 200
OK jquery.validate.min.js.jgz Show response
static.activedemand.com/public/javascript/ 22 KB
7 KB 92ms
30ms Script
application/javascript 143.204.101.103
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.activedemand.com/public/javascript/jquery.validate.min.js.jgz?_=1574689593386
Requested by: Host: static.activedemand.com
URL: https://static.activedemand.com/public/javascript/ad.collect.min.js.jgz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.103 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 779029ad36ee545ce0b814d48c313f36a52328fed0b9d9c8f5b543eeb7e0cd84

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 00:50:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jun 2018 21:40:57 GMT
Server: AmazonS3
Age: 46575
ETag: "050492a1f30b187333d44cba5c390681"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6947
X-Amz-Cf-Id: i_eEptLYb-GAM1hHZe4ZmRvA_qXsRdHtEAHHPrQ9c7XEvI0dbvoYbQ==

GET
H/1.1 200
OK s.js Show response
i.canddi.com/s/ee4f9bc0af0bbed6283e07c8dd334f49/ 134 B
739 B 38ms
37ms Script
application/javascript 34.249.79.181
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://i.canddi.com/s/ee4f9bc0af0bbed6283e07c8dd334f49/s.js

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.79.181 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-249-79-181.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9cda8461923130ef3260ea38bd77070437d9e1e718501201a32e6ad53042949b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 13:46:33 GMT
Last-Modified: Mon, 25 Nov 2019 13:46:33 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: policyref="http://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
Cache-Control: max-age=3600, private
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 134
Expires: Mon, 25 Nov 2019 15:46:33 GMT

GET
H/1.1 200
OK s.js Show response
s.canddi.io/ 79 B
441 B 150ms
33ms Script
application/javascript 34.247.58.218
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://s.canddi.io/s.js?Id={%22B%22:%220db8f146c8ec9286bf27f99cd702cd65%22,%22FP%22:%220ac029ac9d6c5699217511d849d79e41%22}&S={%22SId%22:%22ec5b1b10572134a1032ca9c6ee43da85%22,%20%22TId%22:%22ee4f9bc0af0bbed6283e07c8dd334f49%22,%20%22GNo%22:%221%22}&G-GT=&G-P=&G-T=VHVybiBhbm9ueW1vdXMgd2Vic2l0ZSB2aXNpdG9ycyBpbnRvIHdhcm0gbGVhZHMh&G-U=aHR0cHM6Ly93d3cuY2FuZGRpLmNvbS9sYW5kaW5nL3R1cm4tYW5vbnltb3VzLXdhcm0tbGVhZHMvP2NlPW1hcmtldGluZ0B2dXNhLmNvbSZjZm49JmNsbj0mY2VfYjQ9YldGeWEyVjBhVzVuUUhaMWMyRXVZMjl0JmNmbl9iND0mY2xuX2I0PSZjY19iND0mY3BoX2I0PSZ1dG1fc291cmNlPWUtc2hvdCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1Lbm9ja2tub2NrTEZVU0E%3D&G-V=GET&G-TA=%5B%5D&G-TR=%5B%5D&Ref=&T=[{%22GAUA%22:%22GA1.2.147649678.1574689593%22}]&v=12.2.0&rand=77711183

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.58.218 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-247-58-218.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cabd01bf6349b508c021ef3e6af7ef05454d33b052f10ab31678a2c8fcb7048a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Nov 2019 13:46:33 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, max-age=0
Connection: keep-alive
Content-Length: 79
Expires: Mon, 25 Nov 2019 13:46:34 GMT

GET
H/1.1 200
OK visit.js Show response
collection.activedemand.com/submit/ 89 B
960 B 243ms
180ms Script
text/javascript 13.225.78.120
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://collection.activedemand.com/submit/visit.js?js%5Bparams%5D=document.title%3DTurn%2520anonymous%2520website%2520visitors%2520into%2520warm%2520leads!%26document.referrer%3D%26document.URL%3Dhttps%253A%252F%252Fwww.canddi.com%252Flanding%252Fturn-anonymous-warm-leads%252F%253Fce%253Dmarketing%2540vusa.com%2526cfn%253D%2526cln%253D%2526ce_b4%253DbWFya2V0aW5nQHZ1c2EuY29t%2526cfn_b4%253D%2526cln_b4%253D%2526cc_b4%253D%2526cph_b4%253D%2526utm_source%253De-shot%2526utm_medium%253Demail%2526utm_campaign%253DKnockknockLFUSA%26document.location.host%3Dwww.canddi.com%26document.location.hostname%3Dwww.canddi.com%26document.location.href%3Dhttps%253A%252F%252Fwww.canddi.com%252Flanding%252Fturn-anonymous-warm-leads%252F%253Fce%253Dmarketing%2540vusa.com%2526cfn%253D%2526cln%253D%2526ce_b4%253DbWFya2V0aW5nQHZ1c2EuY29t%2526cfn_b4%253D%2526cln_b4%253D%2526cc_b4%253D%2526cph_b4%253D%2526utm_source%253De-shot%2526utm_medium%253Demail%2526utm_campaign%253DKnockknockLFUSA%26navigator.language%3Den-US%26navigator.platform%3DLinux%2520x86_64%26navigator.userAgent%3DMozilla%252F5.0%2520(Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F74.0.3729.169%2520Safari%252F537.36%26window.width%3D1585%26browser%3Dchrome%26ga_cid%3D147649678.1574689593%26&js%5Bsession%5D=49751d8a-6a10-77f6-89593522-2720-525eaa619675&js%5Beguid%5D=&ad_web_keys%5B%5D=web-d49ea0-7dca64-67716b&version=2.0.28&callback=jQuery1123020535220865951787_1574689593387&_=1574689593388

Requested by

Host: static.activedemand.com
URL: https://static.activedemand.com/public/javascript/ad.collect.min.js.jgz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.78.120 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-225-78-120.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

5b2337cf2ac60c057728108c5a65f3eefd1e96bb770d4682658e2076f595051f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 13:46:33 GMT
Via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
WWW-Authenticate: NoAuthRequired
X-Amz-Cf-Pop: FRA2-C2
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a26bcb07-0ab8-47e9-8ae7-8e11fe0d84e8
X-Runtime: 0.025305
Server: Apache
ETag: W/"5b2337cf2ac60c057728108c5a65f3ee"
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Id: P0xM7U5p7zajWPpJbdDI-zsRcZkWIEXdKK8UXg1GV5NsX4KaLUcwzw==
X-Content-Type-Options: nosniff

GET
DATA 200
OK truncated
/ 258 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce38572c44184f2168c0b6e393318c674da0a0704e8fcb35d0dc5bfb1a6e303f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 484 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4f30d39b5b4d6a72db444127844d1379b457ce3f5f75e38ae748cce113be321

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
image.crisp.chat/avatar/operator/68d343d9-7422-4b5d-9d93-3337d14fe40a/240/ 7 KB
8 KB 69ms
66ms Image
image/jpeg 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/avatar/operator/68d343d9-7422-4b5d-9d93-3337d14fe40a/240/?1574676080818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4452729a3e9345e3207595b0a2be482cc4789dedab9fbafa4aa523d58f8738f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 7620
last-modified: Sun, 24 Nov 2019 15:33:02 GMT
server: cloudflare
etag: W/"1dc4-16e9e0b7ab7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 53b411d33dd2cba4-VIE
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 noto_sans_bold.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 10 KB
10 KB 86ms
57ms Font
application/font-woff2 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_bold.woff2?b51444a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://client.crisp.chat/static/stylesheets/client_default.css?b51444a
Origin: https://www.canddi.com

Response headers

date: Mon, 25 Nov 2019 13:46:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-23=":443"; ma=86400
content-length: 10252
last-modified: Fri, 11 Oct 2019 15:07:31 GMT
server: cloudflare
etag: "5da09ab3-280c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 53b411d3692ccbb0-VIE
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 noto_sans_regular.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 10 KB
11 KB 85ms
56ms Font
application/font-woff2 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_regular.woff2?b51444a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://client.crisp.chat/static/stylesheets/client_default.css?b51444a
Origin: https://www.canddi.com

Response headers

date: Mon, 25 Nov 2019 13:46:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-23=":443"; ma=86400
content-length: 10340
last-modified: Fri, 11 Oct 2019 15:07:31 GMT
server: cloudflare
etag: "5da09ab3-2864"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 53b411d3692ecbb0-VIE
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
image.crisp.chat/avatar/operator/68d343d9-7422-4b5d-9d93-3337d14fe40a/240/ 7 KB
8 KB 34ms
33ms Image
image/jpeg 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/avatar/operator/68d343d9-7422-4b5d-9d93-3337d14fe40a/240/?1574676080818

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b51444a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4452729a3e9345e3207595b0a2be482cc4789dedab9fbafa4aa523d58f8738f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 7620
last-modified: Sun, 24 Nov 2019 15:33:02 GMT
server: cloudflare
etag: W/"1dc4-16e9e0b7ab7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 53b411e5eb5ccba4-VIE
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
image.crisp.chat/avatar/operator/bbe98ba4-a5f7-43ac-a32f-b914c3702195/240/ 43 B
113 B 160ms
159ms Image
image/gif 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/avatar/operator/bbe98ba4-a5f7-43ac-a32f-b914c3702195/240/?1574676080818

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b51444a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
status: 200
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 53b411e5fb61cba4-VIE
alt-svc: h3-23=":443"; ma=86400
content-length: 43
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
image.crisp.chat/process/thumbnail/ 73 KB
73 KB 194ms
193ms Image
image/png 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2F8309031baaa1f000%2Fme_1hvp5gw.png&width=240&height=240&1574676080818

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b51444a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f58e93d09a5d81aac77a4aa9ecdc42a855de99a74604279c4e1070832af3e9fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 74997
last-modified: Sun, 24 Nov 2019 12:58:44 GMT
server: cloudflare
etag: W/"124f5-16e9d7e3710"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 53b411e5fb62cba4-VIE
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 258 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79f3ffc7609350418ea3739d39b638c87227bd6ccaf3b40a19e1a34f715007c1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 chat-message-receive.oga Show response
client.crisp.chat/static/sounds/events/ 17 KB
17 KB 56ms
55ms XHR
audio/ogg 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/sounds/events/chat-message-receive.oga?b51444a

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8178860bce1556b83b68cd7596909cd46aacd79f4d4b58c45b48408080f3f765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://www.canddi.com

Response headers

date: Mon, 25 Nov 2019 13:46:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
access-control-max-age: 300
alt-svc: h3-23=":443"; ma=86400
content-length: 17114
last-modified: Fri, 11 Oct 2019 15:07:26 GMT
server: cloudflare
etag: "5da09aae-42da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: audio/ogg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 53b411e60955cbb0-VIE
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
image.crisp.chat/avatar/website/de227cd0-2f63-4cc0-a00a-8c6fb9983abd/240/ 22 KB
22 KB 75ms
74ms Image
image/png 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/avatar/website/de227cd0-2f63-4cc0-a00a-8c6fb9983abd/240/?1574676080818

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b51444a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba5d63f7ac212ca1c822267f4ff6c81c63789092759d11116934d3da90811e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 22837
last-modified: Sun, 24 Nov 2019 17:37:36 GMT
server: cloudflare
etag: W/"5935-16e9e7d848e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 53b411e61bb2cba4-VIE
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 502 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cccdd6417d568d04fca3fa20480010a75cf07edaf309913553ac2d16641b9be

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 313 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24bf2122497528e662985373e6b52684c1a7ae16f5868a9bb7ce8f30fc4d3c1f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK e.js Show response
s.canddi.io/ 79 B
441 B 33ms
33ms Script
application/javascript 34.247.58.218
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://s.canddi.io/e.js?Id={%22B%22:%220db8f146c8ec9286bf27f99cd702cd65%22,%22FP%22:%220ac029ac9d6c5699217511d849d79e41%22}&S={%22SId%22:%22ec5b1b10572134a1032ca9c6ee43da85%22,%20%22TId%22:%22ee4f9bc0af0bbed6283e07c8dd334f49%22,%20%22GNo%22:%222%22}&G-GT=livechat&G-P=eyJlbWFpbCI6bnVsbCwicGhvbmUiOm51bGwsIm5pY2tuYW1lIjoidmlzaXRvcjExMzIzIiwiY29tcGFueSI6bnVsbH0%3D&G-T=Y2hhdC9tZXNzYWdldG92aXNpdG9y&G-U=aHR0cHM6Ly93d3cuY2FuZGRpLmNvbS9sYW5kaW5nL3R1cm4tYW5vbnltb3VzLXdhcm0tbGVhZHMvP2NlPW1hcmtldGluZ0B2dXNhLmNvbSZjZm49JmNsbj0mY2VfYjQ9YldGeWEyVjBhVzVuUUhaMWMyRXVZMjl0JmNmbl9iND0mY2xuX2I0PSZjY19iND0mY3BoX2I0PSZ1dG1fc291cmNlPWUtc2hvdCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1Lbm9ja2tub2NrTEZVU0E%3D&G-V=EVENT&G-TGT=TWVzc2FnZSB0byBWaXNpdG9y&v=12.2.0&rand=61136226

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.58.218 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-247-58-218.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

bf998bbeef15f868e053742c407fd3cd53abdadf7ddda6fa74650d19a9b09408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Nov 2019 13:46:38 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, max-age=0
Connection: keep-alive
Content-Length: 79
Expires: Mon, 25 Nov 2019 13:46:39 GMT

GET
H2 200 chat-message-receive.oga Show response
client.crisp.chat/static/sounds/events/ 17 KB
17 KB 24ms
23ms XHR
audio/ogg 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/sounds/events/chat-message-receive.oga?b51444a

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8178860bce1556b83b68cd7596909cd46aacd79f4d4b58c45b48408080f3f765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://www.canddi.com

Response headers

date: Mon, 25 Nov 2019 13:46:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
status: 200
access-control-max-age: 300
alt-svc: h3-23=":443"; ma=86400
content-length: 17114
last-modified: Fri, 11 Oct 2019 15:07:26 GMT
server: cloudflare
etag: "5da09aae-42da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: audio/ogg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 53b411e7bdcacbb0-VIE
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
image.crisp.chat/avatar/operator/68d343d9-7422-4b5d-9d93-3337d14fe40a/240/ 7 KB
8 KB 27ms
27ms Image
image/jpeg 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/avatar/operator/68d343d9-7422-4b5d-9d93-3337d14fe40a/240/?1574676080818

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b51444a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4452729a3e9345e3207595b0a2be482cc4789dedab9fbafa4aa523d58f8738f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 7620
last-modified: Sun, 24 Nov 2019 15:33:02 GMT
server: cloudflare
etag: W/"1dc4-16e9e0b7ab7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 53b411e7f8eccba4-VIE
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK e.js Show response
s.canddi.io/ 79 B
441 B 35ms
34ms Script
application/javascript 34.247.58.218
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://s.canddi.io/e.js?Id={%22B%22:%220db8f146c8ec9286bf27f99cd702cd65%22,%22FP%22:%220ac029ac9d6c5699217511d849d79e41%22}&S={%22SId%22:%22ec5b1b10572134a1032ca9c6ee43da85%22,%20%22TId%22:%22ee4f9bc0af0bbed6283e07c8dd334f49%22,%20%22GNo%22:%223%22}&G-GT=livechat&G-P=eyJtZXNzYWdlIjoiSGkgdGhlcmUhXG5cbkNhbiBJIGhlbHAgdG8gZ2V0IHlvdSBzZXQgdXAgd2l0aCBhIHF1aWNrIGRlbW8gb2YgQ0FORERpPyA6KSIsImVtYWlsIjpudWxsLCJwaG9uZSI6bnVsbCwibmlja25hbWUiOiJ2aXNpdG9yMTEzMjMiLCJjb21wYW55IjpudWxsfQ%3D%3D&G-T=Y2hhdC9tZXNzYWdldG92aXNpdG9y&G-U=aHR0cHM6Ly93d3cuY2FuZGRpLmNvbS9sYW5kaW5nL3R1cm4tYW5vbnltb3VzLXdhcm0tbGVhZHMvP2NlPW1hcmtldGluZ0B2dXNhLmNvbSZjZm49JmNsbj0mY2VfYjQ9YldGeWEyVjBhVzVuUUhaMWMyRXVZMjl0JmNmbl9iND0mY2xuX2I0PSZjY19iND0mY3BoX2I0PSZ1dG1fc291cmNlPWUtc2hvdCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1Lbm9ja2tub2NrTEZVU0E%3D&G-V=EVENT&G-TGT=TWVzc2FnZSB0byBWaXNpdG9y&v=12.2.0&rand=79286822

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/ee4f9bc0af0bbed6283e07c8dd334f49.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.58.218 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-247-58-218.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

bf562796ad099a81b7efc5438a14e8c81f9a5672c46e1fe3b7ff566a1a10405b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Nov 2019 13:46:38 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, max-age=0
Connection: keep-alive
Content-Length: 79
Expires: Mon, 25 Nov 2019 13:46:39 GMT

GET
DATA 200
OK truncated
/ 350 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3c55cb595837939a5339cbc02c3f747c76aafc186508c49a206f97773057f66

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b2e01d9a087f8d0ed6637690b2430998faac8269cacf328445322ee400fdcc3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d775a14f85a23802cfa6d73a4b3e8598da128d5b297e6389ee69517266930ac3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 371 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae91293836805c67722ed776586920e0447620019b6d892e810c374be2e4c222

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 922 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d34587402f58064f858ac8f034e7c6fb15d0bac76e366aa28a2ea4b8f59f5428

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
image.crisp.chat/avatar/operator/68d343d9-7422-4b5d-9d93-3337d14fe40a/240/ 7 KB
8 KB 28ms
27ms Image
image/jpeg 2606:4700:10::6814:24a1
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/avatar/operator/68d343d9-7422-4b5d-9d93-3337d14fe40a/240/?1574676080818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24a1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4452729a3e9345e3207595b0a2be482cc4789dedab9fbafa4aa523d58f8738f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 13:46:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 7620
last-modified: Sun, 24 Nov 2019 15:33:02 GMT
server: cloudflare
etag: W/"1dc4-16e9e0b7ab7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 53b411e86a2ccba4-VIE
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.canddi.com/	1969-12-31 23:59:59	Name: _ccs Value: 2.c[~0,~0,~0,~0,109.236.94.21,94.46.144.30]s()
.canddi.com/	1970-01-22 21:00:49	Name: activedemand_session_guid Value: 49751d8a-6a10-77f6-89593522-2720-525eaa619675
.canddi.com/	1970-01-19 05:24:51	Name: CAN_SId Value: ec5b1b10572134a1032ca9c6ee43da85!1574689593!1![{"GAUA":"GA1.2.147649678.1574689593"}]![]
.canddi.com/	1970-01-22 21:00:49	Name: _CAN_BId Value: 0db8f146c8ec9286bf27f99cd702cd65
.canddi.com/	1970-01-19 13:57:27	Name: _hjid Value: 61646371-4f71-48c9-b4be-e0bd93c896bd
.canddi.com/	1969-12-31 23:59:59	Name: _CAN_FPId Value: 0ac029ac9d6c5699217511d849d79e41
.canddi.com/	1970-01-19 05:24:49	Name: _gat_UA-15069217-1 Value: 1
.canddi.com/	1970-01-19 09:47:37	Name: crisp-client%2Fsession%2Fde227cd0-2f63-4cc0-a00a-8c6fb9983abd Value: session_2d6f9207-8e5d-4786-985f-4d268b60f11c
www.canddi.com/	1970-01-19 14:10:25	Name: _ccw Value: 2.u[e-shot,email,~0,~0,KnockknockLFUSA]v[~fmimy,~1,~0]a()
.canddi.com/	1970-01-19 07:34:25	Name: _fbp Value: fb.1.1574689592898.1319775238
www.canddi.com/	1970-01-19 14:10:25	Name: _ccu Value: ae40445b-e032-4e10-8c69-6cd5d850ef01
.canddi.com/	1970-01-19 05:26:15	Name: _gid Value: GA1.2.205570173.1574689593
.canddi.com/	1970-01-19 22:56:01	Name: _ga Value: GA1.2.147649678.1574689593

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

canddi.calltracks.com
cdn.ppcprotect.com
cdns.canddi.com
client.crisp.chat
collection.activedemand.com
connect.facebook.net
data.staticfiles.io
googleads.g.doubleclick.net
i.canddi.com
image.crisp.chat
mail.canddi.co
px.ads.linkedin.com
s.canddi.io
script.hotjar.com
settings.crisp.chat
sjs.bizographics.com
static.activedemand.com
static.hotjar.com
stats.g.doubleclick.net
tag.simpli.fi
vars.hotjar.com
www.canddi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
13.225.78.120
143.204.101.103
146.148.115.36
147.75.100.189
147.75.84.181
147.75.84.33
151.139.242.5
151.139.243.18
154.46.89.10
169.50.137.179
172.217.16.130
2600:9000:20eb:3a00:9:72eb:eb00:93a1
2600:9000:21f3:a200:c:2b4b:7a40:93a1
2606:4700:10::6814:24a1
2a00:1450:4001:800::2003
2a00:1450:4001:815::2002
2a00:1450:4001:818::2004
2a00:1450:4001:81b::200e
2a00:1450:4001:821::2008
2a00:1450:400c:c08::9d
2a02:26f0:10c:399::3adf
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9001
2a05:f500:11:101::b93f:9005
34.247.58.218
34.249.79.181
008dd386dfafcd48e846499b13ead5a5461657ef655da0862362b411cdd4d961
07ef5ac09689e0203d027c85a385a9a19233b0645cdb59b5111d56b6031bc4c2
087155ea423b3973d3bf16f2a4ece851891a2977e4549a515b636ec0a84b8e38
0c9b72af6d3d2e38010b8e56525e0081c8d1022f64f00351d210592968f13cbf
0e43ad81f077a21469d64f353001163e051064f63013a6f685233b11871147d2
1034cd6ba5cba6a03f2610c0c84d5985a23697dfb545b7da2591fb6fa7c7fd59
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13bda6ad7990f7edd80fe96cb4b3314d30ef7fa4d5dba9dca0f56d9d695e1887
153357a8948e33dfefef3c5cb37f40b98bf4aaf45d573fed99eaee4efc5cf01b
1a5079dfed8dc9895132a970e25a674eaecf4e174959de770b47979f92994dc9
1b2e01d9a087f8d0ed6637690b2430998faac8269cacf328445322ee400fdcc3
1fad652d06a7eba612b13a8580de0cce88ecef991d2217de7acabff03522e762
24bf2122497528e662985373e6b52684c1a7ae16f5868a9bb7ce8f30fc4d3c1f
2a6738cbfdba5d77fe54166f7042de857177653d6a62ef7fa810f993cde4c05a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cccdd6417d568d04fca3fa20480010a75cf07edaf309913553ac2d16641b9be
2d1cb8a826ba462cbed24c8cb202c17ba10914f9bb12d0ee4609f2dac4f3909a
34e527f9cabcc408f7aa5d60aef2478722ec730561469b88b50f6cee105bfca5
35861636155f909d5bf1ae64dcbfef644adccbce7489abf17ccd81f16bd21d80
361139388d38b9547337a3aeb1fc0296c989540d448135c381274b130d0a22a6
3b814dcb91f702603a1197284dfdb6b512eadd9261e10319caed5f0f7bd47544
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4452729a3e9345e3207595b0a2be482cc4789dedab9fbafa4aa523d58f8738f1
45f9a63705b8fae2c958ff944ca8600f9d1a5dbb7eb609e6fc93b3964b5b7f55
52aa7878d55c696e14ae20021c2256fb681cdc53e23c7c28ac87249a960ec7de
59a6e50d43d5c8e85f95395ca39995191ce4ad36b5cb78552bb140ace9609cc2
5b2337cf2ac60c057728108c5a65f3eefd1e96bb770d4682658e2076f595051f
5ee24aa3dac6ab7e2b5ac97a6c0d33fa3ce465ff347ec73f0f9c4535b92b504e
613b9f6fdf9b4ad328db5ea860da929d9ee1ef59a89799ce7d0b5ed2d868ca7f
616af0d86bc59ee130fb98145201ec99eaa244bfba72e4f25bade38a38871fbd
689e498544e886f317c7f3b21d4ff1e7d78b61df728ee84ca1f0db74f068ea04
69e3a796f4b120879065a812b95b56fd4d28f88faf8c1976ad9b0fa2f31dc0eb
6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5
6bae2a27d8d82e056ea53c5771cad8107201cfd3da69e687b0e0d7be8b923b2a
6fc6e8f223cb7a88d7e0d07af0aa7c45084be3c2b330622c06b5e6c6d9f74768
71f2f495be40a09089c6e18f6c6c8a0dd871d982dd74a293412d1484bb4275ae
73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973
779029ad36ee545ce0b814d48c313f36a52328fed0b9d9c8f5b543eeb7e0cd84
79f3ffc7609350418ea3739d39b638c87227bd6ccaf3b40a19e1a34f715007c1
7e2defeb2b787cb3877ccb6090cca398c85cc335ca762f1fba063958ba94262e
8178860bce1556b83b68cd7596909cd46aacd79f4d4b58c45b48408080f3f765
87ac469a931d767510a20a34c4cd257607708968781651683457765100b4ac41
8b209d97cbf11e4866be62f6368fe95ed0dae75c10f515a09ecc3c33bb1d26e1
8d51a1a5bce6e09e7d942bdade7d56a66d559dd6c2822dcc701c2da402825b4a
8e294a96be419e04c05744fef9dd3cd4acb18076e7c1c8f8806f14d9f82cfc84
91d26eeeb46860dd9d1dabffc92d8b8b1bbb57a0630cdf64082e51a88ef0ead7
95ec91930cb5584ca9562f4c1c71533dd6440fc2af54780ba6217fc7bf45c9a4
9cda8461923130ef3260ea38bd77070437d9e1e718501201a32e6ad53042949b
a3b7dc096a27557fc9970aca1037ddc42526402bf5ca6e51892117aef5a8beec
a3c55cb595837939a5339cbc02c3f747c76aafc186508c49a206f97773057f66
a59cc7a00603c7213c38d5fc8c1f0bf97a6375166ca6dc5f040fa23a06b77d57
a7b23c89ee977750dd03b53d0bb715cf84933af95f576f0a73700723e5da4bcf
ad9bf535fc18d27ba929b766058bf5381649bc3d9092232c00e069f420054232
ae91293836805c67722ed776586920e0447620019b6d892e810c374be2e4c222
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b013d99044fd95864c10bc2926e1afa2850a5a9836f136ee556fafd48c4ea76f
b1c29bb7c828e77ce200e0dd5ea994fd869650979c8085fae062c38ce0f859cf
b4f1b9391591ce1bfba15980465af4b16f39a7bd2338d0e64d39909065dbfa2f
ba5d63f7ac212ca1c822267f4ff6c81c63789092759d11116934d3da90811e37
bf562796ad099a81b7efc5438a14e8c81f9a5672c46e1fe3b7ff566a1a10405b
bf998bbeef15f868e053742c407fd3cd53abdadf7ddda6fa74650d19a9b09408
c81e1f5969ce1dbdaf9103075b4526c4a482332c0133ded466d8416e1ebf10c7
cabd01bf6349b508c021ef3e6af7ef05454d33b052f10ab31678a2c8fcb7048a
cbd91955580dba0003f49ccea7b4722091f82bd29c09c6b7c10231048b78f524
ce38572c44184f2168c0b6e393318c674da0a0704e8fcb35d0dc5bfb1a6e303f
d34587402f58064f858ac8f034e7c6fb15d0bac76e366aa28a2ea4b8f59f5428
d775a14f85a23802cfa6d73a4b3e8598da128d5b297e6389ee69517266930ac3
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f30d39b5b4d6a72db444127844d1379b457ce3f5f75e38ae748cce113be321
e701a9fed7fecfc8496bf245213b5f41916db2f62edd83639fad43ad1f5ebf45
ed04a4f7a5147b7dc5f87315dd42bcb5fed826b66460a588bfbe80c36128e4b6
eece02732d6defa753c85796aed547c6e14e3d7a45d2c9fda6886ba268a18550
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1df35b464ca66ab5f03a478a311068caad7e065b924081b3cad0083382fe6b
efc2ad6fbf06c354f43596ca543becde5c8a97b377a8633f6addb99c5ab13b02
f0c1b48701cb5d4dd2f4fbf0b844ee4d48bf0b00d50c2913454fc96da94d7708
f20f83cb7683a1a3138cd52201d83436e33a5e67ef0b9c96bbdab860b5f7da16
f58e93d09a5d81aac77a4aa9ecdc42a855de99a74604279c4e1070832af3e9fa
f60a71fac4d43f29a4bf997416dbbb087bf0dacdcbe1acd8cc9bcc1e8bd17e2f
f64973e854f1c87bb5a36ca9fa42cad9336feb6ee3a6b37b486f37e9d5f6b808
f9f63713fb3f5413ddc4b4b182e0064c552595ef1beb6c61a9f0dcbf4676da15
fb110056d496b51e4a36eeef35b08edc61a14bb870b7c3651ecac687482c8d24
fb9f9796835896dcfcd32f2e638622bcb9aa196eacde16f7f5a4c29379fe82fc

www.canddi.com Open in urlscan Pro 151.139.242.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

100 %HTTPS

52 %IPv6

20 Domains

29 Subdomains

25 IPs

6 Countries

2778 kBTransfer

5917 kBSize

13 Cookies

10 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.canddi.com Open in urlscan Pro
151.139.242.5 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

100 %
HTTPS

52 %
IPv6

20
Domains

29
Subdomains

25
IPs

6
Countries

2778 kB
Transfer

5917 kB
Size

13
Cookies

83 HTTP transactions
11 data transactions