headspring.com Open in urlscan Pro
104.154.24.231 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://salesloft.headspring.com/t/7880/c/6277f292-df7b-42e4-a8ed-d49baf08b766/NB2HI4DTHIXS6Y3MNFRWWLTBOBUS4ZDSNFTHILTDN5WS6Y3MNF...
Effective URL:
https://headspring.com/insights/covid19/
Submission: On September 03 via api (September 3rd 2021, 12:59:54 pm UTC) from US

Summary HTTP 278 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 40 IPs in 6 countries across 26 domains to perform 278 HTTP transactions. The main IP is 104.154.24.231, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is headspring.com.
TLS certificate: Issued by R3 on July 9th 2021. Valid for: 3 months.

This is the only time headspring.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.235.103.212 54.235.103.212	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.81.246.26 54.81.246.26	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.205.236.172 54.205.236.172	14618 (AMAZON-AES) (AMAZON-AES)
39	104.154.24.231 104.154.24.231	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
4	192.28.155.3 192.28.155.3	15224 (OMNITURE) (OMNITURE)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	20.74.143.203 20.74.143.203	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.95.80 104.16.95.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
16	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2016	15169 (GOOGLE) (GOOGLE)
4	104.111.216.226 104.111.216.226	16625 (AKAMAI-AS) (AKAMAI-AS)
22	40.112.167.140 40.112.167.140	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
34	2620:1ec:bdf::63 2620:1ec:bdf::63	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:80f::2016	15169 (GOOGLE) (GOOGLE)
8	13.69.65.22 13.69.65.22	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
66	143.204.98.111 143.204.98.111	16509 (AMAZON-02) (AMAZON-02)
2	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
4	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
11	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.97.66 18.66.97.66	16509 (AMAZON-02) (AMAZON-02)
2	54.172.114.57 54.172.114.57	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
278	40

1 54.235.103.212 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-103-212.compute-1.amazonaws.com

salesloft.headspring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.246.26 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-246-26.compute-1.amazonaws.com

app.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.205.236.172 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-236-172.compute-1.amazonaws.com

click.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 104.154.24.231 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 231.24.154.104.bc.googleusercontent.com

headspring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.28.155.3 (United States)

ASN15224 (OMNITURE, US)

abrtp2-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abrtp2.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 20.74.143.203 (Dubai, United Arab Emirates)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

app.powerbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbivisuals.powerbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.95.80 (None, )

ASN13335 (CLOUDFLARENET, US)

app-ab23.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.216.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-226.deploy.static.akamaitechnologies.com

rtp-static.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 40.112.167.140 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

wabi-west-us-api.analysis.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2620:1ec:bdf::63 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

content.powerapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.69.65.22 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 143.204.98.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-111.fra50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flow.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.66 (United States)

ASN16509 (AMAZON-02, US)

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.172.114.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-114-57.compute-1.amazonaws.com

event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)

driftt.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	driftt.com js.driftt.com	762 KB
40	headspring.com 1 redirects salesloft.headspring.com headspring.com	1 MB
34	powerapps.com content.powerapps.com	2 MB
22	windows.net wabi-west-us-api.analysis.windows.net	44 KB
19	youtube.com www.youtube.com	1 MB
18	drift.com 1 redirects click.api.drift.com metrics.api.drift.com bootstrap.api.drift.com targeting.api.drift.com event.api.drift.com flow.api.drift.com	6 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com	189 KB
10	powerbi.com app.powerbi.com pbivisuals.powerbi.com	692 KB
9	marketo.com abrtp2-cdn.marketo.com app-ab23.marketo.com rtp-static.marketo.com abrtp2.marketo.com	191 KB
8	visualstudio.com dc.services.visualstudio.com	546 B
7	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net	2 KB
4	google.com www.google.com	13 KB
3	bing.com bat.bing.com	9 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	sentry.io sentry.io	613 B
2	ytimg.com i.ytimg.com	113 KB
2	ggpht.com yt3.ggpht.com	4 KB
2	google.de www.google.de	171 B
2	marketo.net munchkin.marketo.net	6 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googletagmanager.com www.googletagmanager.com	99 KB
1	imgix.net driftt.imgix.net	1 KB
1	driftcdn.com embeds.driftcdn.com	7 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	unpkg.com unpkg.com	8 KB
1	salesloft.com 1 redirects app.salesloft.com	647 B
278	26

	Domain	Requested by
66	js.driftt.com	headspring.com js.driftt.com
39	headspring.com	headspring.com
34	content.powerapps.com	app.powerbi.com content.powerapps.com
22	wabi-west-us-api.analysis.windows.net	app.powerbi.com content.powerapps.com
19	www.youtube.com	headspring.com www.googletagmanager.com www.youtube.com
14	fonts.gstatic.com	headspring.com www.youtube.com fonts.googleapis.com
8	dc.services.visualstudio.com	content.powerapps.com
6	targeting.api.drift.com	js.driftt.com
6	app.powerbi.com	headspring.com app.powerbi.com content.powerapps.com
4	metrics.api.drift.com	js.driftt.com
4	pbivisuals.powerbi.com	content.powerapps.com
4	rtp-static.marketo.com	abrtp2-cdn.marketo.com
4	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.youtube.com
4	www.google.com	headspring.com www.youtube.com
3	bootstrap.api.drift.com	js.driftt.com
3	abrtp2.marketo.com	abrtp2-cdn.marketo.com
3	www.gstatic.com	www.googletagmanager.com www.gstatic.com www.youtube.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com headspring.com
2	flow.api.drift.com	js.driftt.com
2	event.api.drift.com	js.driftt.com
2	fonts.googleapis.com	js.driftt.com
2	sentry.io	js.driftt.com
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	www.google.de	headspring.com
2	munchkin.marketo.net	headspring.com munchkin.marketo.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	headspring.com www.googletagmanager.com
1	driftt.imgix.net	js.driftt.com
1	embeds.driftcdn.com	js.driftt.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	app-ab23.marketo.com	headspring.com
1	unpkg.com	headspring.com
1	abrtp2-cdn.marketo.com	headspring.com
1	click.api.drift.com	1 redirects
1	app.salesloft.com	1 redirects
1	salesloft.headspring.com	1 redirects
278	39

This site contains links to these domains. Also see Links.

Domain
betterway.headspring.com
github.com
www.whitehouse.gov
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
headspring.com R3	`2021-07-09` - `2021-10-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.marketo.com DigiCert SHA2 Secure Server CA	`2019-12-09` - `2021-12-13`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
powerbi.com Microsoft RSA TLS CA 02	`2021-08-20` - `2022-02-20`	6 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
app-ab23.marketo.com Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
content.powerapps.com Microsoft RSA TLS CA 02	`2021-07-21` - `2022-07-21`	a year	crt.sh
*.analysis.windows.net Microsoft RSA TLS CA 02	`2021-07-05` - `2022-01-05`	6 months	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 01	`2021-07-22` - `2022-07-22`	a year	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://headspring.com/insights/covid19/
Frame ID: F68A7F832D0F39E8EA95C06815BE4F15
Requests: 81 HTTP requests in this frame

Frame: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9
Frame ID: EAA36941DF16BBC66AED6EC4EC26A547
Requests: 60 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
Frame ID: 486DB9E2E87AC65E48DDBBC0D744D702
Requests: 16 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
Frame ID: 2CC7C08A0E528104AB653971D7511B4C
Requests: 17 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
Frame ID: A1ABBA2A5EF0FF76B1B8BA2FB6F1D300
Requests: 45 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
Frame ID: A7052C2C02F6BCB7BF5EA401A93D2AE4
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

COVID19 - Headspring

Page URL History Show full URLs

https://salesloft.headspring.com/t/7880/c/6277f292-df7b-42e4-a8ed-d49baf08b766/NB2HI4DTHIXS6Y3MNFRWWLTBOBUS4Z... HTTP 302
https://app.salesloft.com/t/7880/c/6277f292-df7b-42e4-a8ed-d49baf08b766/NB2HI4DTHIXS6Y3MNFRWWLTBOBUS4Z... HTTP 302
https://click.api.drift.com/click/ca8eef00-b6e2-4be6-8a5e-012adad9e51d?u=https%3A%2F%2Fheadspring.com%2F... HTTP 307
https://headspring.com/insights/covid19/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /select2(?:\.min|\.full)?\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /select2(?:\.min|\.full)?\.js/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

278
Requests

99 %
HTTPS

57 %
IPv6

26
Domains

39
Subdomains

40
IPs

6
Countries

7201 kB
Transfer

29052 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://betterway.headspring.com/
Title: The Better Way

Search URL Search Domain Scan URL

URL: https://github.com/nytimes/covid-19-data
Title: New York Times’ Github-hosted coronavirus dataset

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/openingamerica/
Title: federal government’s phased re-entry guidelines

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HeadspringTeam/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/headspring
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://salesloft.headspring.com/t/7880/c/6277f292-df7b-42e4-a8ed-d49baf08b766/NB2HI4DTHIXS6Y3MNFRWWLTBOBUS4ZDSNFTHILTDN5WS6Y3MNFRWWL3DME4GKZLGGAYC2YRWMUZC2NDCMU3C2ODBGVSS2MBRGJQWIYLEHFSTKMLEH52T22DUORYHGJJTIESTERRFGJDGQZLBMRZXA4TJNZTS4Y3PNUSTERTJNZZWSZ3IORZSKMSGMNXXM2LEGE4SKMSGEZUD2MTBMI3DCOBXGE4TSMRUMY4DGMRTMI3DGZBSMIZTQMDCMZRTKYZY/click-api-drift-com-click-ca8eef00-b6e2-4be6-8a5e-012adad9e51d HTTP 302
https://app.salesloft.com/t/7880/c/6277f292-df7b-42e4-a8ed-d49baf08b766/NB2HI4DTHIXS6Y3MNFRWWLTBOBUS4ZDSNFTHILTDN5WS6Y3MNFRWWL3DME4GKZLGGAYC2YRWMUZC2NDCMU3C2ODBGVSS2MBRGJQWIYLEHFSTKMLEH52T22DUORYHGJJTIESTERRFGJDGQZLBMRZXA4TJNZTS4Y3PNUSTERTJNZZWSZ3IORZSKMSGMNXXM2LEGE4SKMSGEZUD2MTBMI3DCOBXGE4TSMRUMY4DGMRTMI3DGZBSMIZTQMDCMZRTKYZY/click-api-drift-com-click-ca8eef00-b6e2-4be6-8a5e-012adad9e51d HTTP 302
https://click.api.drift.com/click/ca8eef00-b6e2-4be6-8a5e-012adad9e51d?u=https%3A%2F%2Fheadspring.com%2Finsights%2Fcovid19%2F&h=2ab618719924f8323b63d2b380bfc5c8 HTTP 307
https://headspring.com/insights/covid19/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

278 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
headspring.com/insights/covid19/
Redirect Chain

https://salesloft.headspring.com/t/7880/c/6277f292-df7b-42e4-a8ed-d49baf08b766/NB2HI4DTHIXS6Y3MNFRWWLTBOBUS4ZDSNFTHILTDN5WS6Y3MNFRWWL3DME4GKZLGGAYC2YRWMUZC2NDCMU3C2ODBGVSS2MBRGJQWIYLEHFSTKMLEH52T22...
https://app.salesloft.com/t/7880/c/6277f292-df7b-42e4-a8ed-d49baf08b766/NB2HI4DTHIXS6Y3MNFRWWLTBOBUS4ZDSNFTHILTDN5WS6Y3MNFRWWL3DME4GKZLGGAYC2YRWMUZC2NDCMU3C2ODBGVSS2MBRGJQWIYLEHFSTKMLEH52T22DUORYHG...
https://click.api.drift.com/click/ca8eef00-b6e2-4be6-8a5e-012adad9e51d?u=https%3A%2F%2Fheadspring.com%2Finsights%2Fcovid19%2F&h=2ab618719924f8323b63d2b380bfc5c8
https://headspring.com/insights/covid19/

140 KB
29 KB

472ms
140ms

Document
text/html

104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 5e88603573d65fad3831a47762432af0f1a51e3a4ebbab0149393817b5b2f0b0

Request headers

:method: GET
:authority: headspring.com
:scheme: https
:path: /insights/covid19/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server: nginx
date: Fri, 03 Sep 2021 12:59:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
link: <https://headspring.com/wp-json/>; rel="https://api.w.org/" <https://headspring.com/wp-json/wp/v2/pages/38551>; rel="alternate"; type="application/json" <https://headspring.com/?p=38551>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
content-encoding: br

Redirect headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-length: 0
location: https://headspring.com/insights/covid19/
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
x-retrievetime: 0
requestid: d70decad54653935

GET
H2 200 cookie-law-info-public.js Show response
headspring.com/wp-content/plugins/cookie-law-info/public/js/ 34 KB
9 KB 134ms
130ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7739eefcdee8afcb00fbe9a35cc795fff0cff7092b10d56c4190484d42892433

Request headers

:path: /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Tue, 17 Aug 2021 14:14:13 GMT
server: nginx
etag: W/"611bc435-8960"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 modernizr.custom.js Show response
headspring.com/wp-content/plugins/divi-bars/assets/js/ 8 KB
4 KB 155ms
151ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/plugins/divi-bars/assets/js/modernizr.custom.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4271407807f1e49734ce4895663f3496efc37e546f30a960bffc5a23462b2139

Request headers

:path: /wp-content/plugins/divi-bars/assets/js/modernizr.custom.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 27 Apr 2020 12:33:31 GMT
server: nginx
etag: W/"5ea6d11b-20b3"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.transit.min.js Show response
headspring.com/wp-content/plugins/divi-bars/assets/js/ 8 KB
3 KB 162ms
158ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/plugins/divi-bars/assets/js/jquery.transit.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3b87a00a3e5e259e48c3c73e45c02ce241a9ec58e727f2e3adcd858f899b177b

Request headers

:path: /wp-content/plugins/divi-bars/assets/js/jquery.transit.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 27 Apr 2020 12:33:31 GMT
server: nginx
etag: W/"5ea6d11b-1f61"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 actual.min.js Show response
headspring.com/wp-content/plugins/divi-bars/assets/js/ 936 B
732 B 179ms
175ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/plugins/divi-bars/assets/js/actual.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e9fbb3259383f2388c95bb3256cecd0c1c00b7c0dfe1c67f7779dbe9f06a0065

Request headers

:path: /wp-content/plugins/divi-bars/assets/js/actual.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 27 Apr 2020 12:33:31 GMT
server: nginx
etag: W/"5ea6d11b-3a8"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 slick.min.js Show response
headspring.com/wp-content/plugins/divi_module_slick/ 41 KB
11 KB 197ms
192ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/plugins/divi_module_slick/slick.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

:path: /wp-content/plugins/divi_module_slick/slick.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 02 Dec 2019 20:40:00 GMT
server: nginx
etag: W/"5de576a0-a3e1"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.exitintent.min.js Show response
headspring.com/wp-content/themes/Headspring/js/ 677 B
562 B 301ms
297ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/themes/Headspring/js/jquery.exitintent.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2dc22e35257d6b454f77ac9aab2601e5f6f093f11a3887b46439f002a970475e

Request headers

:path: /wp-content/themes/Headspring/js/jquery.exitintent.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 02 Dec 2019 20:40:01 GMT
server: nginx
etag: W/"5de576a1-2a5"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 custom.unified.js Show response
headspring.com/wp-content/themes/Divi/js/ 606 KB
145 KB 300ms
298ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/themes/Divi/js/custom.unified.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d8a377663b9becff08b69e74dd934402b5ed561e8aa3ce154ae615d132d89233

Request headers

:path: /wp-content/themes/Divi/js/custom.unified.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Tue, 17 Aug 2021 14:14:15 GMT
server: nginx
etag: W/"611bc437-97621"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 acme-divi-modules-public.js Show response
headspring.com/wp-content/plugins/acme-divi-modules/public/js/ 9 KB
2 KB 300ms
298ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/plugins/acme-divi-modules/public/js/acme-divi-modules-public.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ee42c26311be9a1faab43d45b234cbbc1b40299c6740e689b9fdf276640127e8

Request headers

:path: /wp-content/plugins/acme-divi-modules/public/js/acme-divi-modules-public.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Wed, 04 Mar 2020 03:54:33 GMT
server: nginx
etag: W/"5e5f2679-233e"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 main.min.js Show response
headspring.com/wp-content/themes/Headspring/js/ 17 KB
6 KB 145ms
143ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/themes/Headspring/js/main.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 718b457aa6b1cba64226c8256429dc3ef2c2097d7e2af0fe7a3cbbf8e4c01043

Request headers

:path: /wp-content/themes/Headspring/js/main.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Tue, 22 Dec 2020 06:51:21 GMT
server: nginx
etag: W/"5fe19769-43cc"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 custom254.min.js Show response
headspring.com/wp-content/themes/Headspring/js/ 17 KB
5 KB 175ms
174ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/themes/Headspring/js/custom254.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: a03a75968d36425cd52d0643ebfa9af7808bf651f88c2c36f66cf88caeb268d2

Request headers

:path: /wp-content/themes/Headspring/js/custom254.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Tue, 22 Dec 2020 06:51:21 GMT
server: nginx
etag: W/"5fe19769-4411"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 modules.ttf
headspring.com/wp-content/themes/Divi/core/admin/fonts/ 90 KB
91 KB 193ms
192ms Font
application/octet-stream 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

:path: /wp-content/themes/Divi/core/admin/fonts/modules.ttf
pragma: no-cache
origin: https://headspring.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://headspring.com
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
last-modified: Mon, 02 Dec 2019 20:40:01 GMT
server: nginx
etag: "5de576a1-168f0"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 92400

GET
H2 200 96093cb552f73e8a03383fbfa55ecd10.css
headspring.com/wp-content/cache/min/1/ 1 MB
119 KB 299ms
297ms Stylesheet
text/css 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/cache/min/1/96093cb552f73e8a03383fbfa55ecd10.css
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6d2be2469496afa04152da3ec154dcd5947ec57eba121e2d65aaa330405232c1

Request headers

:path: /wp-content/cache/min/1/96093cb552f73e8a03383fbfa55ecd10.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Wed, 01 Sep 2021 23:11:46 GMT
server: nginx
etag: W/"613008b2-117a55"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
headspring.com/wp-includes/js/jquery/ 87 KB
31 KB 291ms
286ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path: /wp-includes/js/jquery/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Tue, 17 Aug 2021 14:14:15 GMT
server: nginx
etag: W/"611bc437-15db1"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
headspring.com/wp-includes/js/jquery/ 11 KB
4 KB 290ms
286ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 cookie-law-info-public.js Show response
headspring.com/wp-content/cache/min/1/wp-content/plugins/cookie-law-info/public/js/ 27 KB
7 KB 290ms
286ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/cache/min/1/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=1629149304
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 44b86777b9cc7cffa99555b9dbd47db31a619ee5d9187553ae1353d8e2872ad3

Request headers

:path: /wp-content/cache/min/1/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=1629149304
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 16 Aug 2021 21:28:24 GMT
server: nginx
etag: W/"611ad878-6ca2"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 mos-searchable-grid-public.js Show response
headspring.com/wp-content/cache/min/1/wp-content/plugins/mos-searchable-grid/public/js/ 3 KB
1 KB 290ms
287ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/cache/min/1/wp-content/plugins/mos-searchable-grid/public/js/mos-searchable-grid-public.js?ver=1629149304
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 07764dc942095349472878a43e7c67438536144dd3fe3897bd8431fa9e32721b

Request headers

:path: /wp-content/cache/min/1/wp-content/plugins/mos-searchable-grid/public/js/mos-searchable-grid-public.js?ver=1629149304
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 16 Aug 2021 21:28:24 GMT
server: nginx
etag: W/"611ad878-a49"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 mos-case-studies-grid-public.js Show response
headspring.com/wp-content/cache/min/1/wp-content/plugins/mos-searchable-grid/public/js/ 3 KB
1 KB 290ms
287ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/cache/min/1/wp-content/plugins/mos-searchable-grid/public/js/mos-case-studies-grid-public.js?ver=1629149304
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f73a2f6c23ea2071cef1cc58b1f96f6491955ed0860f2c57392209f1b7f772ce

Request headers

:path: /wp-content/cache/min/1/wp-content/plugins/mos-searchable-grid/public/js/mos-case-studies-grid-public.js?ver=1629149304
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 16 Aug 2021 21:28:24 GMT
server: nginx
etag: W/"611ad878-c68"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 select2.min.js Show response
headspring.com/wp-content/plugins/mos-searchable-grid/public/js/ 69 KB
20 KB 290ms
287ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/plugins/mos-searchable-grid/public/js/select2.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c8467b98f112bb1b06a33cde66a70de85c05d22a455f91f592554c804a50a729

Request headers

:path: /wp-content/plugins/mos-searchable-grid/public/js/select2.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Tue, 20 Apr 2021 23:42:05 GMT
server: nginx
etag: W/"607f66cd-114eb"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 flatpickr.min.js Show response
headspring.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 47 KB
14 KB 291ms
287ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe2ac5219992a3608a5c9e2bc4759fac8fb2189b88d7a674d395ff6c435da536

Request headers

:path: /wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 14 Jun 2021 06:44:03 GMT
server: nginx
etag: W/"60c6fab3-bd86"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 select2.min.js Show response
headspring.com/wp-content/plugins/wp-user-avatar/assets/select2/ 69 KB
20 KB 291ms
287ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Request headers

:path: /wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 14 Jun 2021 06:44:03 GMT
server: nginx
etag: W/"60c6fab3-114c3"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 search-filter-build.min.js Show response
headspring.com/wp-content/plugins/search-filter-pro/public/assets/js/ 64 KB
19 KB 291ms
288ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/plugins/search-filter-pro/public/assets/js/search-filter-build.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e7fe6cddb7354738ba40784bab66dc4b6cce364ad55d117f08aaf19eb6ba88ef

Request headers

:path: /wp-content/plugins/search-filter-pro/public/assets/js/search-filter-build.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Tue, 04 May 2021 15:06:12 GMT
server: nginx
etag: W/"609162e4-100fc"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 chosen.jquery.min.js Show response
headspring.com/wp-content/plugins/search-filter-pro/public/assets/js/ 28 KB
7 KB 291ms
288ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/plugins/search-filter-pro/public/assets/js/chosen.jquery.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 73881513a7e7f8944a311bea8e80e9fad946e256ae74d62b5c8d469dc6df0186

Request headers

:path: /wp-content/plugins/search-filter-pro/public/assets/js/chosen.jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Tue, 04 May 2021 15:06:12 GMT
server: nginx
etag: W/"609162e4-71c1"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 snap.svg-min.js Show response
headspring.com/wp-content/plugins/divi-bars/assets/js/ 65 KB
24 KB 291ms
288ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/plugins/divi-bars/assets/js/snap.svg-min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3febd731867ee3bf9bd30b0b6ecca16e30179de101329318385cd7dd9a692ad9

Request headers

:path: /wp-content/plugins/divi-bars/assets/js/snap.svg-min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 27 Apr 2020 12:33:31 GMT
server: nginx
etag: W/"5ea6d11b-105b2"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 modernizr.custom.js Show response
headspring.com/wp-content/cache/min/1/wp-content/plugins/divi-bars/assets/js/ 8 KB
4 KB 291ms
288ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/cache/min/1/wp-content/plugins/divi-bars/assets/js/modernizr.custom.js?ver=1629149304
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1aca309a89d8b5fc970133e55d883d9ec34e503730bfb8dd0d87493351a7784e

Request headers

:path: /wp-content/cache/min/1/wp-content/plugins/divi-bars/assets/js/modernizr.custom.js?ver=1629149304
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 16 Aug 2021 21:28:24 GMT
server: nginx
etag: W/"611ad878-2006"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 slick.woff
headspring.com/wp-content/plugins/divi_module_slick/fonts/ 1 KB
2 KB 293ms
293ms Font
font/woff 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/plugins/divi_module_slick/fonts/slick.woff
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

:path: /wp-content/plugins/divi_module_slick/fonts/slick.woff
pragma: no-cache
origin: https://headspring.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://headspring.com
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
last-modified: Mon, 02 Dec 2019 20:40:00 GMT
server: nginx
etag: "5de576a0-564"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1380

GET
H2 200 headspring.png
headspring.com/wp-content/uploads/2017/02/ 2 KB
3 KB 291ms
288ms Image
image/png 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://headspring.com/wp-content/uploads/2017/02/headspring.png
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5f15dceda85b5fd9bf53d82ed6abb2125fca7fab27da99b0df2cd0b6de6f2c15

Request headers

:path: /wp-content/uploads/2017/02/headspring.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
last-modified: Mon, 13 Apr 2020 16:49:14 GMT
server: nginx
etag: "5e94980a-9b9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2489

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
60 KB 25ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N8MGRB9

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

690562ddcad306101c5822632b388eb6fcef858c782ee91f4d91a88266837fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61736
x-xss-protection: 0
last-modified: Fri, 03 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Sep 2021 12:59:31 GMT

GET
H/1.1 200
OK rtp.js Show response
abrtp2-cdn.marketo.com/rtp-api/v1/ 153 KB
42 KB 390ms
99ms Script
application/x-javascript 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=headspring

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

330c91bbaecf032057c69625eb1af60c0cf4b5544d01ee07119c256f7cec358a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 27 Aug 2021 23:32:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Aug 2021 23:32:10 GMT
Server: Jetty(7.3.1.v20110307)
Strict-Transport-Security: max-age=63113904
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=300
Transfer-Encoding: chunked
Connection: close

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzY5abuWI.woff2
fonts.gstatic.com/s/titilliumweb/v9/ 11 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v9/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzY5abuWI.woff2

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd6f4900abc2da200ad96c75852facfd8872610ce9dd259acf3cc82507490dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://headspring.com
Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 16:41:03 GMT
x-content-type-options: nosniff
age: 591508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11744
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:06:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 16:41:03 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzY5abuWI.woff2
fonts.gstatic.com/s/titilliumweb/v9/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v9/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzY5abuWI.woff2

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8658dcad983dacbb3bca7bc8217fd0b75f28df85bf9259bd0dccf69e58cb0ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://headspring.com
Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 20:07:26 GMT
x-content-type-options: nosniff
age: 579125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12276
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:10:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 20:07:26 GMT

GET
H3-29 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2
fonts.gstatic.com/s/titilliumweb/v9/ 12 KB
12 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v9/NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://headspring.com
Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:02:43 GMT
x-content-type-options: nosniff
age: 539808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12344
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:07:08 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 07:02:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8MGRB9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5232
date: Fri, 03 Sep 2021 11:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 03 Sep 2021 13:32:19 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 47ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8MGRB9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: 9F193172BCBF4F3EA5F1DD0CFD625293 Ref B: FRAEDGE1220 Ref C: 2021-09-03T12:59:31Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-972802666

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8MGRB9

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b7ad7df60b63c377ed1f2f3fd7ee767ff2cbb9f2c0d0a8f9246a3bb0e3f3880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39220
x-xss-protection: 0
last-modified: Fri, 03 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Sep 2021 12:59:31 GMT

GET
H2 200 masonry.pkgd.min.js Show response
headspring.com/wp-content/plugins/acme-divi-modules/public/js/ 23 KB
8 KB 214ms
211ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/plugins/acme-divi-modules/public/js/masonry.pkgd.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b267f36c60cf1a612ba21cba4f81983b01389bfd7de413ef17cd00f3d5f6de3e

Request headers

:path: /wp-content/plugins/acme-divi-modules/public/js/masonry.pkgd.min.js
pragma: no-cache
cookie: _gcl_au=1.1.397507559.1630673972
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Wed, 04 Mar 2020 03:54:33 GMT
server: nginx
etag: W/"5e5f2679-5c31"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 custom.unified.js Show response
headspring.com/wp-content/cache/min/1/wp-content/themes/Divi/js/ 604 KB
144 KB 215ms
212ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/cache/min/1/wp-content/themes/Divi/js/custom.unified.js?ver=1629149305
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d32beaf81a015569aca21c8aba15195dee3b629349a9c7b87d7be08d682682de

Request headers

:path: /wp-content/cache/min/1/wp-content/themes/Divi/js/custom.unified.js?ver=1629149305
pragma: no-cache
cookie: _gcl_au=1.1.397507559.1630673972
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 16 Aug 2021 21:28:25 GMT
server: nginx
etag: W/"611ad879-9715f"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 acme-divi-modules-public.js Show response
headspring.com/wp-content/cache/min/1/wp-content/plugins/acme-divi-modules/public/js/ 5 KB
2 KB 215ms
212ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/cache/min/1/wp-content/plugins/acme-divi-modules/public/js/acme-divi-modules-public.js?ver=1629149305
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ef950306b7ceefdce709cf8a3330b8e3586fd325744c88d3050334cd433dfe01

Request headers

:path: /wp-content/cache/min/1/wp-content/plugins/acme-divi-modules/public/js/acme-divi-modules-public.js?ver=1629149305
pragma: no-cache
cookie: _gcl_au=1.1.397507559.1630673972
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 16 Aug 2021 21:28:25 GMT
server: nginx
etag: W/"611ad879-1595"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.js Show response
headspring.com/wp-content/plugins/wp-user-avatar/assets/js/ 9 KB
2 KB 214ms
211ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 205988b80eeedc442aa4ba78fd4bda5b1b139415f3dc88043fc73adcd71cbae2

Request headers

:path: /wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js
pragma: no-cache
cookie: _gcl_au=1.1.397507559.1630673972
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 14 Jun 2021 06:44:03 GMT
server: nginx
etag: W/"60c6fab3-236e"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 core.min.js Show response
headspring.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 214ms
212ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-includes/js/jquery/ui/core.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

:path: /wp-includes/js/jquery/ui/core.min.js
pragma: no-cache
cookie: _gcl_au=1.1.397507559.1630673972
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
server: nginx
etag: W/"605cec4b-5133"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 datepicker.min.js Show response
headspring.com/wp-includes/js/jquery/ui/ 35 KB
11 KB 214ms
212ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-includes/js/jquery/ui/datepicker.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c

Request headers

:path: /wp-includes/js/jquery/ui/datepicker.min.js
pragma: no-cache
cookie: _gcl_au=1.1.397507559.1630673972
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Tue, 17 Aug 2021 14:14:15 GMT
server: nginx
etag: W/"611bc437-8d34"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 common.min.js Show response
headspring.com/wp-content/themes/Headspring/js/ 545 B
566 B 214ms
212ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/themes/Headspring/js/common.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8a9eaafed5b5886a549417d36b0a3274350ee902caf21dc5a64adbb06cc74bf0

Request headers

:path: /wp-content/themes/Headspring/js/common.min.js
pragma: no-cache
cookie: _gcl_au=1.1.397507559.1630673972
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 02 Dec 2019 20:40:01 GMT
server: nginx
etag: W/"5de576a1-221"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 custom.min.js Show response
headspring.com/wp-content/themes/Headspring/js/ 14 KB
3 KB 214ms
212ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/themes/Headspring/js/custom.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3aa106c2d778779877819e263ece7c70f572711e980f23d10c3c6487cb88f96d

Request headers

:path: /wp-content/themes/Headspring/js/custom.min.js
pragma: no-cache
cookie: _gcl_au=1.1.397507559.1630673972
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Mon, 02 Dec 2019 20:40:01 GMT
server: nginx
etag: W/"5de576a1-3939"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
headspring.com/wp-includes/js/ 1 KB
947 B 214ms
212ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-includes/js/wp-embed.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js
pragma: no-cache
cookie: _gcl_au=1.1.397507559.1630673972
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
etag: W/"5ff5d754-592"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 lazyload.min.js Show response
headspring.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 214ms
213ms Script
application/javascript 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspring.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

:path: /wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
pragma: no-cache
cookie: _gcl_au=1.1.397507559.1630673972
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
last-modified: Sat, 15 May 2021 06:26:43 GMT
server: nginx
etag: W/"609f69a3-1ed2"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 view Show response
app.powerbi.com/ Frame EAA3 28 KB
7 KB 397ms
129ms Document
text/html 20.74.143.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.74.143.203 Dubai, United Arab Emirates, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7a3dc3bcde4684bcd852e9f50536e0c46ca317c86398ce74e7d96b5d26836106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: app.powerbi.com
:scheme: https
:path: /view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://headspring.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://headspring.com/

Response headers

cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 6933
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: Fri, 10 Sep 2021 12:59:32 GMT
vary: Accept-Encoding
set-cookie: WFESessionId=96c2e0ab-3476-4a39-84b5-d979d6312340; path=/; secure; HttpOnly; SameSite=None ARRAffinity=8709cede3dff6cc96c3687614f6f6d07d26f1b7354152bf58fb5a84fbfd96a8a;Path=/;HttpOnly;Secure;Domain=app.powerbi.com ARRAffinitySameSite=8709cede3dff6cc96c3687614f6f6d07d26f1b7354152bf58fb5a84fbfd96a8a;Path=/;HttpOnly;SameSite=None;Secure;Domain=app.powerbi.com
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Fri, 03 Sep 2021 12:59:32 GMT

GET
H2 200 ns6mbaDakOI Show response
www.youtube.com/embed/ Frame 486D 55 KB
23 KB 70ms
68ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ns6mbaDakOI?start=1

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f129c316238688d2ecf3eae90f8bbb1b18f5e57405367641038b68100cc50f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/ns6mbaDakOI?start=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://headspring.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://headspring.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 03 Sep 2021 12:59:31 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=gmLUAO6MxkM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=MXIUwKRw8i0; Domain=.youtube.com; Expires=Wed, 02-Mar-2022 12:59:31 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+683; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 masonry.pkgd.min.js Show response
unpkg.com/masonry-layout@4.2.2/dist/ 24 KB
8 KB 15ms
13ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/masonry-layout@4.2.2/dist/masonry.pkgd.min.js

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14226595
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"5e27-0gJSz3bDvorzeoQV0TrTaMditNg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 02e1ea5726f95a6f7aa47c7fa3f0faf6
cache-control: public, max-age=31536000
cf-ray: 688f27e45b464e49-FRA

GET
H2 200 forms2.min.js Show response
app-ab23.marketo.com/js/forms2/js/ 205 KB
68 KB 100ms
44ms Script
application/x-javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab23.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 10 Aug 2021 17:41:08 GMT
server: cloudflare
age: 1443
etag: "2280b78-33210-5c93801bbf500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 688f27e4bc0b4013-CDG
vary: Accept-Encoding
expires: Fri, 03 Sep 2021 16:59:31 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 85ms
29ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 12:59:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 May 2021 01:40:41 GMT
Server: AkamaiNetStorage
ETag: "5379c4a40ff8ae9d2fc6484dd1c57349:1622166041.794746"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://headspring.com
Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:16:11 GMT
x-content-type-options: nosniff
age: 258200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 13:16:11 GMT

GET
H2 200 Business-Intelligence@2x.png
headspring.com/wp-content/uploads/2018/07/ 348 KB
348 KB 199ms
197ms Image
image/png 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://headspring.com/wp-content/uploads/2018/07/Business-Intelligence@2x.png
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 676f7597b3f624216f081671eb05fa087fe24dc327882f64990e70c6031a36e0

Request headers

:path: /wp-content/uploads/2018/07/Business-Intelligence@2x.png
pragma: no-cache
cookie: _gcl_au=1.1.397507559.1630673972
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:31 GMT
last-modified: Mon, 13 Apr 2020 16:49:12 GMT
server: nginx
etag: "5e949808-56faa"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 356266

GET
H3-29 200 NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzY5abuWI.woff2
fonts.gstatic.com/s/titilliumweb/v9/ 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v9/NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzY5abuWI.woff2

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

678b330b9d28a53f93783dc1640432231b0630399fc8448de7f6b10683f42208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://headspring.com
Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:21:17 GMT
x-content-type-options: nosniff
age: 488294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10440
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:08:48 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 21:21:17 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://headspring.com
Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 20:35:30 GMT
x-content-type-options: nosniff
age: 231841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 20:35:30 GMT

GET
H3-29 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v18/ 10 KB
10 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://headspring.com
Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 08:42:00 GMT
x-content-type-options: nosniff
age: 533851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9728
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 08:42:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1672952794&t=pageview&_s=1&dl=https%3A%2F%2Fheadspring.com%2Finsights%2Fcovid19%2F&ul=en-us&de=UTF-8&dt=COVID19%20-%20Headspring&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2075024771&gjid=813661264&cid=1600199346.1630673972&tid=UA-8213270-10&_gid=1371283261.1630673972&_r=1&gtm=2wg910N8MGRB9&cd2=1600199346.1630673972&z=748465627

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 12:59:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://headspring.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ns6mbaDakOI Show response
www.youtube.com/embed/ Frame 486D 55 KB
23 KB 76ms
74ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8MGRB9

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6263595b77c5f48b99023951baeb30362db3fc076d29aed2b801ec2d994fefb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://headspring.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=gmLUAO6MxkM; VISITOR_INFO1_LIVE=MXIUwKRw8i0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://headspring.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 03 Sep 2021 12:59:32 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+311; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 iframe_api Show response
www.youtube.com/ 980 B
511 B 34ms
32ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8MGRB9

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f329ad1d40ab6e7853714833ca98e760b3ff93588a75fae5852a14fdbc103bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:32 GMT
content-encoding: br
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
expires: Fri, 03 Sep 2021 12:59:32 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/160/ 11 KB
5 KB 29ms
28ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/160/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 12:59:32 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 02:54:38 GMT
Server: AkamaiNetStorage
ETag: "19a9335fd71267d56e65bc19390f3100:1613703278.138281"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4811
Expires: Sun, 12 Dec 2021 12:59:32 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 65ms
30ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972802666

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a53b289843b15d58a9574645ea05db23c5dd6663fc5e39f5c61528ae13de22f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14079
x-xss-protection: 0
server: cafe
etag: 18326714422570925345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 12:59:32 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972802666

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:07:13 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
age: 3139
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
expires: Fri, 03 Sep 2021 13:07:13 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-8213270-10&cid=1600199346.1630673972&jid=2075024771&gjid=813661264&_gid=1371283261.1630673972&_u=YEBAAEAAAAAAAC~&z=1089635862

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 03 Sep 2021 12:59:32 GMT
content-type: text/plain
access-control-allow-origin: https://headspring.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 26354719.js Show response
bat.bing.com/p/action/ 0
132 B 232ms
231ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/26354719.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Sep 2021 12:59:32 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: BBB3BA4698344695A0F7A5D2811BF570 Ref B: FRAEDGE1220 Ref C: 2021-09-03T12:59:32Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26354719&tm=gtm002&Ver=2&mid=6a05343d-f74c-4d38-9ee9-3c18e6c5946e&sid=c7fdbb500cb611ecaf9a7d15a4289548&vid=c7fdca900cb611ecb547793b424943fd&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=COVID19%20-%20Headspring&p=https%3A%2F%2Fheadspring.com%2Finsights%2Fcovid19%2F&r=&pt=1630673970083,,,,,1188,1190,1190,1190,1520,1196,1521,1661,1765,1667,1814,,,,,&pn=0,0&evt=pageLoad&msclkid=N&sv=1&rn=632499
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 03 Sep 2021 12:59:31 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 568A1032BC7C4D37A470FF367A407900 Ref B: FRAEDGE1220 Ref C: 2021-09-03T12:59:32Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 10:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 526040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21020
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 22:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 10:52:12 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
119 B 34ms
33ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-8213270-10&cid=1600199346.1630673972&jid=2075024771&_u=YEBAAEAAAAAAAC~&z=238732029

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 12:59:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-8213270-10&cid=1600199346.1630673972&jid=2075024771&_u=YEBAAEAAAAAAAC~&z=238732029

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 12:59:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/f5eab513/www-widgetapi.vflset/ 134 KB
44 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edbb7d6bc8a209db04b11d97fa5c5860ec96acedc1615cf793ab387d13c45678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 09:34:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 12287
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44725
x-xss-protection: 0
expires: Sat, 03 Sep 2022 09:34:45 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/972802666/ 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972802666/?random=1630673972135&cv=9&fst=1630673972135&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fheadspring.com%2Finsights%2Fcovid19%2F&tiba=COVID19%20-%20Headspring&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684b02d463084a166adaa9e41c08289e378dedc8f6c26faefe312bf68719ab1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 12:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1034
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/f5eab513/ Frame 486D 329 KB
45 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57d0a0866681113ad01e5870d69ced67f4454ed4ca50ac666745e4acc315c294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 08:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 15113
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46326
x-xss-protection: 0
expires: Sat, 03 Sep 2022 08:47:39 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/f5eab513/www-embed-player.vflset/ Frame 486D 200 KB
66 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7d3dec6d28f0f63a370a2d63562b6cdc44e88fe2a89d7f0e9b6dfd86d5e7486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 00:21:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 45465
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67106
x-xss-protection: 0
expires: Sat, 03 Sep 2022 00:21:47 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/ Frame 486D 2 MB
502 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

454552f06934bf318852c700126d15d50cac7e9db95a1f585bdbbbc1d7922122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514108
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 13:37:39 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/f5eab513/fetch-polyfill.vflset/ Frame 486D 8 KB
3 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 170556
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Thu, 01 Sep 2022 13:36:56 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 486D 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:21:30 GMT
x-content-type-options: nosniff
age: 5882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 11:21:30 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/972802666/ 42 B
64 B 27ms
22ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/972802666/?random=1630673972135&cv=9&fst=1630670400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fheadspring.com%2Finsights%2Fcovid19%2F&tiba=COVID19%20-%20Headspring&async=1&fmt=3&is_vtc=1&random=3833788490&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 12:59:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/972802666/ 42 B
64 B 32ms
22ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/972802666/?random=1630673972135&cv=9&fst=1630670400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fheadspring.com%2Finsights%2Fcovid19%2F&tiba=COVID19%20-%20Headspring&async=1&fmt=3&is_vtc=1&random=3833788490&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 12:59:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 486D 113 B
161 B 24ms
21ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a113656d0147f720a39d1167d70660f14fce21a241ec6f86ce55880cfaf7da44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 486D 29 B
423 B 27ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:57:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 94
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Fri, 03 Sep 2021 13:12:58 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://headspring.com
Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:21:32 GMT
x-content-type-options: nosniff
age: 5880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 11:21:32 GMT

GET
H3-29 200 remote.js
www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/ Frame 486D 95 KB
0 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:37:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 170512
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29752
x-xss-protection: 0
expires: Thu, 01 Sep 2022 13:37:40 GMT

GET
H3-29 200 TfFoB2a7yVVGE2tGGw51LMET2bfVRgJEPfkhgeY_Qv4.js
www.google.com/js/th/ Frame 486D 35 KB
0 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/TfFoB2a7yVVGE2tGGw51LMET2bfVRgJEPfkhgeY_Qv4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 12:42:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13387
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 09:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Sep 2022 12:42:43 GMT

GET
H3-29 200 embed.js
www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/ Frame 486D 24 KB
0 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 170072
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7285
x-xss-protection: 0
expires: Thu, 01 Sep 2022 13:45:00 GMT

GET
DATA 200
OK truncated
/ Frame 486D 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRJvTJPv-ko5LC3ZRKkT1qJqCFucWXVf1hUbR0U=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 486D 2 KB
2 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRJvTJPv-ko5LC3ZRKkT1qJqCFucWXVf1hUbR0U=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c517e512930785249e9f6602d648b75a367a7628a47986d299b0e442f37e702e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:03 GMT
x-content-type-options: nosniff
age: 29
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2070
x-xss-protection: 0
server: fife
etag: "v37"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 04 Sep 2021 12:59:03 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/ns6mbaDakOI/ Frame 486D 31 KB
31 KB 43ms
43ms Image
image/jpeg 2a00:1450:4001:802::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ns6mbaDakOI/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be5af2aa62a139d6a7e44161baae12e776cdf423be54b5bac03815ee6f95a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:32 GMT
x-content-type-options: nosniff
server: sffe
etag: "1589072664"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32051
x-xss-protection: 0
expires: Fri, 03 Sep 2021 14:59:32 GMT

GET
H/1.1 200
OK jquery.min.js Show response
rtp-static.marketo.com/rtp/libs/jquery/1.8.3/ 91 KB
33 KB 73ms
31ms Script
application/x-javascript 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery/1.8.3/jquery.min.js
Requested by: Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=headspring
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 12:59:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Sep 2015 11:20:15 GMT
Server: AkamaiNetStorage
ETag: "3576a6e73c9dccdbbc4a2cf8ff544ad7:1441624815"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 33467

GET
H/1.1 200
OK jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 22 KB
4 KB 62ms
22ms Stylesheet
text/css 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by: Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=headspring
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 12:59:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:57:42 GMT
Server: AkamaiNetStorage
ETag: "7f5b0bee9b1f7af8413b351cbceca223:1510045062"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3752

GET
H/1.1 200
OK trw Show response
abrtp2.marketo.com/gw1/ 0
435 B 386ms
96ms Script
application/x-javascript 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2.marketo.com/gw1/trw?aid=headspring&trwv.uid=headspring-1630673972632-9b56db32&trwv.vc=1&trwsa.sid=headspring-1630673972633-29a55506&trwsb.cpv=1&ctzo=+02:00&uri=https%3A%2F%2Fheadspring.com%2Finsights%2Fcovid19%2F&pm=&viewedTypes=&rts=1630673972635

Requested by

Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=headspring

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 12:59:32 GMT
Cache-Control: no-cache
Server: Jetty(7.3.1.v20110307)
Connection: close
Content-Length: 0
Strict-Transport-Security: max-age=63113904
Content-Type: application/x-javascript; charset=UTF-8

GET
H/1.1 200
OK ga-integration-2.0.4.js Show response
rtp-static.marketo.com/rtp/libs/ 17 KB
6 KB 75ms
26ms Script
application/x-javascript 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.4.js
Requested by: Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=headspring
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 278cd45917f5fee0e5710b34f2c03a3652544fe5a6ccea56cbbd0bd7324bf5e7

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 12:59:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 07:56:23 GMT
Server: AkamaiNetStorage
ETag: "cfd84ea6865e772828527b0485a0eb7e:1622706982.648039"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 5540

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://headspring.com
Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 08:02:34 GMT
x-content-type-options: nosniff
age: 17818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 08:02:34 GMT

POST atr
www.youtube.com/api/stats/ Frame 486D 0
0

GET
H2 200 ns6mbaDakOI Show response
www.youtube.com/embed/ Frame 2CC7 55 KB
23 KB 48ms
48ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Requested by

Host: headspring.com
URL: https://headspring.com/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9f1174fbb07d73b44d0a3bccfb9c1bb24106e4e6d58a89234f654f95906fe24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://headspring.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://headspring.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 03 Sep 2021 12:59:32 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=RC54wUEmn_A; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=HOuPrlk-QI0; Domain=.youtube.com; Expires=Wed, 02-Mar-2022 12:59:32 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+518; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H/1.1 200
OK modelsAndExploration
wabi-west-us-api.analysis.windows.net/public/reports/c74128e0-a47b-44c7-beda-0e31ec0f87cf/ Frame 0
0 658ms
162ms Preflight 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wabi-west-us-api.analysis.windows.net/public/reports/c74128e0-a47b-44c7-beda-0e31ec0f87cf/modelsAndExploration?preferReadOnlySession=true
Protocol: HTTP/1.1
Server: 40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: activityid,requestid,x-powerbi-resourcekey
Origin: https://app.powerbi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Access-Control-Allow-Headers: activityid,requestid,x-powerbi-resourcekey
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Access-Control-Allow-Methods: GET
Date: Fri, 03 Sep 2021 12:59:33 GMT

OPTIONS
H/1.1 200
OK conceptualschema
wabi-west-us-api.analysis.windows.net/public/reports/c74128e0-a47b-44c7-beda-0e31ec0f87cf/ Frame 0
0 660ms
162ms Preflight 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wabi-west-us-api.analysis.windows.net/public/reports/c74128e0-a47b-44c7-beda-0e31ec0f87cf/conceptualschema
Protocol: HTTP/1.1
Server: 40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: activityid,requestid,x-powerbi-resourcekey
Origin: https://app.powerbi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Access-Control-Allow-Headers: activityid,requestid,x-powerbi-resourcekey
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Access-Control-Allow-Methods: GET
Date: Fri, 03 Sep 2021 12:59:33 GMT

GET
H2 200 reportembed.bundle.min.3cd012c6f005e8e6b106.css
content.powerapps.com/resource/powerbiwfe/styles/ Frame EAA3 526 KB
53 KB 57ms
22ms Stylesheet
text/css 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/styles/reportembed.bundle.min.3cd012c6f005e8e6b106.css

Requested by

Host: app.powerbi.com
URL: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

06249a1253df8a3bd62df6e67412661ea847bdc9442aca696df7686f41b56b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 05mswYQAAAABZkExeIzp7Q6f9dd69KTCPTE9OMjFFREdFMDIxMwAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=640.9,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 53714
timing-allow-origin: *
x-ms-islandgateway: ga0000003
server: Kestrel
date: Fri, 03 Sep 2021 12:59:31 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NBwyYQAAAAB3JPUFtXxpQIo3MWSm1yY3RlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: ef9f2824-d232-4aa3-a55d-cce834a15606
x-ms-service-request-id: 04db2a08-adb5-42ee-8a03-05deb5f784fe
x-ms-static-content: al0000001

GET
H2 200 globalize.min.8e8ec43af69cf3d5d7aa.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/jquery.globalize/ Frame EAA3 15 KB
6 KB 104ms
69ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/jquery.globalize/globalize.min.8e8ec43af69cf3d5d7aa.js

Requested by

Host: app.powerbi.com
URL: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4626c0fc01a26a8061936336c4a9f252b78c0272ce6bd1d4ee849985807355ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0aworYQAAAAAtbT4pXGciSq+XjjBwgvO2TE9OMjFFREdFMDEwNgAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=487.7,x-ms-igw-req-overhead;dur=0.3
vary: Accept-Encoding
content-length: 5399
timing-allow-origin: *
x-ms-islandgateway: al000000F
server: Kestrel
date: Fri, 03 Sep 2021 12:59:31 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NBwyYQAAAABEYzKpt3aKSKfMgVXeUJRrRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 0727fe8e-7ac6-4b15-a96e-cc80a9fb76dd
x-ms-service-request-id: fc2cadb2-848d-480a-a631-24fc8d04d44e
x-ms-static-content: al000000F

GET
H2 200 globalize.culture.en-US.07ca294f77f622a072a5.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/jquery.globalize/ Frame EAA3 786 B
680 B 80ms
43ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/jquery.globalize/globalize.culture.en-US.07ca294f77f622a072a5.js

Requested by

Host: app.powerbi.com
URL: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3b271325e90ddb188a858500b4939d6d4bbc0e28720da2c486266704c715a8db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0f7MtYQAAAAAUw4q4vCGxQY16PvlSkRyyTE9OMjFFREdFMDExMQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=118.4,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 336
timing-allow-origin: *
x-ms-islandgateway: ga0000000
server: Kestrel
date: Fri, 03 Sep 2021 12:59:31 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NBwyYQAAAADCO9SAWIcbRJ4vwbaINTK9RlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 2333678c-93d6-4350-9a10-55e4d77ca17f
x-ms-service-request-id: ea27ba05-229f-4031-88db-7a405f3d8294
x-ms-static-content: al0000000

GET
H2 200 hash-manifest.js Show response
app.powerbi.com/13.0.16691.56/scripts/ Frame EAA3 383 KB
79 KB 132ms
130ms Script
application/javascript 20.74.143.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.powerbi.com/13.0.16691.56/scripts/hash-manifest.js

Requested by

Host: app.powerbi.com
URL: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.74.143.203 Dubai, United Arab Emirates, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fb39c1aa5c4a5318ff253d89786d6bc38f45c860f6128ecbd8b3806e506d2753

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://teams.powerbi.com https://teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 18:55:12 GMT
etag: "02881e4629fd71:0"
x-frame-options: deny
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://teams.powerbi.com
date: Fri, 03 Sep 2021 12:59:32 GMT
content-security-policy: frame-ancestors https://teams.powerbi.com https://teams.microsoft.com;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 80967
x-xss-protection: 1; mode=block

GET
H2 200 reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 910 KB
259 KB 57ms
22ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Requested by

Host: app.powerbi.com
URL: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ca2cffd8ac4ece93787940f26b202209899b61ea111b7c46fe4324f32cfba26e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0TfgqYQAAAAC1Qc5uLpP5Q5wLDtE8Vp9DTE9OMjFFREdFMDIxOAAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=488.5,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 264502
timing-allow-origin: *
x-ms-islandgateway: al0000003
server: Kestrel
date: Fri, 03 Sep 2021 12:59:31 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NBwyYQAAAACCgf6p+tK2Q7878g9slNf6RlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: cc45a3ee-7e01-40dd-8f5b-d41e7f0a46bf
x-ms-service-request-id: 8f5065ba-9bc7-49db-9a57-61056f684f15
x-ms-static-content: al0000009

GET
H2 200 powerbiportal.dependencies.bundle.min.f8f129b44c9e8fc02fb4.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 2 MB
321 KB 44ms
9ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/powerbiportal.dependencies.bundle.min.f8f129b44c9e8fc02fb4.js

Requested by

Host: app.powerbi.com
URL: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

309c0b5d3b1a01345df29ea274e975ae077b5f175ea3919439fa8c82310205de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0V7ExYQAAAAAbl+gA6NO5Qagp7KMfO1nNTE9OMjFFREdFMDIxMwAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
age: 580
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=1.2,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 328172
timing-allow-origin: *
x-ms-islandgateway: al000000E
server: Kestrel
date: Fri, 03 Sep 2021 12:59:31 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NBwyYQAAAADsW3ccGXrTS5fitl6V0TxVRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 21b27455-68ed-418e-b11f-97bc00efc0a9
x-ms-service-request-id: c1aa5f5c-2dca-4f2a-9481-b64d5a6be20d
x-ms-static-content: al000000F

GET
H2 200 reportembed.common.bundle.min.5776aff8444271f00ce9.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 1 MB
220 KB 71ms
37ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.common.bundle.min.5776aff8444271f00ce9.js

Requested by

Host: app.powerbi.com
URL: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

71330046d1c5e59dfebcf926f3a577fc498d1bcf2ba2576e1c55d72a26d4dbf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 04yUrYQAAAAAS5gWr2UuqQ7hUVywqytbSTE9OMjFFREdFMDEyMAAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=983.0,x-ms-igw-req-overhead;dur=0.2
vary: Accept-Encoding
content-length: 225054
timing-allow-origin: *
x-ms-islandgateway: al000000A
server: Kestrel
date: Fri, 03 Sep 2021 12:59:31 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NBwyYQAAAAA0m4/U0i27QbNU4txUd2SlRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: ff7579e0-1379-45bc-b72d-c5de8a8fae6e
x-ms-service-request-id: 8230caef-6ece-4461-b3dc-e57baf3e136e
x-ms-static-content: al0000000

GET
H2 200 explore.min.0b4463b5cd03657646f0.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 711 KB
125 KB 73ms
39ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/explore.min.0b4463b5cd03657646f0.js

Requested by

Host: app.powerbi.com
URL: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b5da6e176a66dbd7f777108ab55e4b26cfab2da22f673e5e2d44aef57d2b644d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 04yUrYQAAAAC9v0XvEIbUQIAbb4yMJYq6TE9OMjFFREdFMDIxNAAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=341.9,x-ms-igw-req-overhead;dur=0.2
vary: Accept-Encoding
content-length: 127840
timing-allow-origin: *
x-ms-islandgateway: ga0000004
server: Kestrel
date: Fri, 03 Sep 2021 12:59:31 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NBwyYQAAAACKdnHqPHnDTo2WwOIJyuSwRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: cf2d7e0d-c579-4993-898b-cb84cbf80d91
x-ms-service-request-id: 418c8beb-4960-49d2-abca-bc6dff854539
x-ms-static-content: al000000A

GET
H2 200 exploreui.min.js Show response
app.powerbi.com/13.0.16691.56/scripts/ Frame EAA3 593 KB
127 KB 132ms
130ms Script
application/javascript 20.74.143.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.powerbi.com/13.0.16691.56/scripts/exploreui.min.js

Requested by

Host: app.powerbi.com
URL: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.74.143.203 Dubai, United Arab Emirates, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

04f30b537f572f1f6b0e88a9f9da536cd477690469fb287f1296a3d7d2066ca4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://teams.powerbi.com 'self' https://teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 18:55:10 GMT
etag: "0fb4fe3629fd71:0"
x-frame-options: sameorigin
content-type: application/javascript; charset=utf-8
cache-control: no-cache, must-revalidate, max-age=0
date: Fri, 03 Sep 2021 12:59:32 GMT
content-security-policy: frame-ancestors https://teams.powerbi.com 'self' https://teams.microsoft.com;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 129197
x-xss-protection: 1; mode=block

GET
H2 200 reportembed.bundle.min.fb923fa66090ff98122c.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 423 KB
70 KB 84ms
51ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.bundle.min.fb923fa66090ff98122c.js

Requested by

Host: app.powerbi.com
URL: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5bfd94b6a0ceb768e022d925a466c6c2634b939faa5bb5028f9fc62218ec84cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 04yUrYQAAAAB2c01WGUxvR6wVTDkXLTQgTE9OMjFFREdFMDExNQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=366.4,x-ms-igw-req-overhead;dur=0.5
vary: Accept-Encoding
content-length: 70937
timing-allow-origin: *
x-ms-islandgateway: al0000001
server: Kestrel
date: Fri, 03 Sep 2021 12:59:31 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NBwyYQAAAABj6HGkaESQSbJT1oxLiBpuRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 1e86ecdf-5a92-49eb-bd86-e2caef3fe73c
x-ms-service-request-id: 22527f35-791b-478a-8e1a-440349beb617
x-ms-static-content: al0000008

GET
H2 200 reportEmbed.min.0590117a42331cfa8b77.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 7 MB
1 MB 91ms
58ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.min.0590117a42331cfa8b77.js

Requested by

Host: app.powerbi.com
URL: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

98fc2ceae9de1cdee24f6767e689bcaff32d71fe3c71764c0801efc989e14a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 04yUrYQAAAAAAf+SVKKFDTI0N278+nwywTE9OMjFFREdFMDExOAAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=1024.9,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 1094396
timing-allow-origin: *
x-ms-islandgateway: al0000006
server: Kestrel
date: Fri, 03 Sep 2021 12:59:31 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NBwyYQAAAABPlI8wEO9VQqMVVmkc0ULyRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 0a0ab424-b98b-4e2a-8e43-15a202a7db5e
x-ms-service-request-id: 28aa1a76-ec83-4b6d-96eb-536bd350a0fa
x-ms-static-content: al000000E

GET
H/1.1 200
OK modelsAndExploration Show response
wabi-west-us-api.analysis.windows.net/public/reports/c74128e0-a47b-44c7-beda-0e31ec0f87cf/ Frame EAA3 174 KB
20 KB 169ms
165ms XHR
application/json 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://wabi-west-us-api.analysis.windows.net/public/reports/c74128e0-a47b-44c7-beda-0e31ec0f87cf/modelsAndExploration?preferReadOnlySession=true

Requested by

Host: app.powerbi.com
URL: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7fb957af9ffa197a3e767584409b95e9a01e5b222f6be077afa257f9f8ec15b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Accept: application/json
Referer: https://app.powerbi.com/
X-PowerBI-ResourceKey: c74128e0-a47b-44c7-beda-0e31ec0f87cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
RequestId: 0d27043c-b2d3-4318-82d6-2a948ce58143
ActivityId: d1340298-e24b-422b-a5d7-987d8e03cbed

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 03 Sep 2021 12:59:33 GMT
RequestId: 850b747d-397c-4c3e-923e-11b7e06fed4d
X-Frame-Options: deny
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: requestId,retry-after
Cache-Control: no-store, must-revalidate, no-cache
Content-Length: 19545

GET
H/1.1 200
OK conceptualschema Show response
wabi-west-us-api.analysis.windows.net/public/reports/c74128e0-a47b-44c7-beda-0e31ec0f87cf/ Frame EAA3 8 KB
2 KB 167ms
164ms XHR
application/json 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://wabi-west-us-api.analysis.windows.net/public/reports/c74128e0-a47b-44c7-beda-0e31ec0f87cf/conceptualschema

Requested by

Host: app.powerbi.com
URL: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f8174db70e4192157b33359b98bb6b1c393c4b731b6d8d5f5ae6cd5877bc4106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Accept: application/json
Referer: https://app.powerbi.com/
X-PowerBI-ResourceKey: c74128e0-a47b-44c7-beda-0e31ec0f87cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
RequestId: 3f332645-a3c8-46ad-89cb-c9f44b05fbc8
ActivityId: d1340298-e24b-422b-a5d7-987d8e03cbed

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 03 Sep 2021 12:59:33 GMT
RequestId: 5b007d34-cb63-69c8-7ea1-56b9bc671d46
X-Frame-Options: deny
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: requestId,retry-after
Cache-Control: no-store, must-revalidate, no-cache
Content-Length: 1647

GET
H/1.1 200
OK msg Show response
abrtp2.marketo.com/gw1/ 0
494 B 410ms
121ms Script
text/javascript 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2.marketo.com/gw1/msg?a=2&sid=headspring-1630673972633-29a55506&aid=headspring&viewedTypes=&0.6731873499515533&rts=1630673972752

Requested by

Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=headspring

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 12:59:33 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Connection: close
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904

GET
H/1.1 200
OK jquery-custom-ui.min.js Show response
rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/ 126 KB
35 KB 34ms
33ms Script
application/x-javascript 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/jquery-custom-ui.min.js
Requested by: Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=headspring
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 12:59:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 12:54:21 GMT
Server: AkamaiNetStorage
ETag: "5a9f8dd85d85afd20544bd437a505338:1515502461"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 35484

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/f5eab513/ Frame 2CC7 329 KB
45 KB 33ms
9ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57d0a0866681113ad01e5870d69ced67f4454ed4ca50ac666745e4acc315c294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 08:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 15113
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46326
x-xss-protection: 0
expires: Sat, 03 Sep 2022 08:47:39 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/f5eab513/www-embed-player.vflset/ Frame 2CC7 200 KB
66 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7d3dec6d28f0f63a370a2d63562b6cdc44e88fe2a89d7f0e9b6dfd86d5e7486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 00:21:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 45465
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67106
x-xss-protection: 0
expires: Sat, 03 Sep 2022 00:21:47 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/ Frame 2CC7 2 MB
502 KB 44ms
20ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

454552f06934bf318852c700126d15d50cac7e9db95a1f585bdbbbc1d7922122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514108
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 13:37:39 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/f5eab513/fetch-polyfill.vflset/ Frame 2CC7 8 KB
3 KB 48ms
24ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 170556
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Thu, 01 Sep 2022 13:36:56 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2CC7 15 KB
15 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:21:30 GMT
x-content-type-options: nosniff
age: 5882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 11:21:30 GMT

GET
H/1.1 200
OK msg Show response
abrtp2.marketo.com/gw1/ 0
494 B 283ms
96ms Script
text/javascript 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2.marketo.com/gw1/msg?a=2&sid=headspring-1630673972633-29a55506&aid=headspring&viewedTypes=&0.6778595874948017&rts=1630673973043

Requested by

Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=headspring

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 12:59:33 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Connection: close
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 2CC7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

18ms
15ms

XHR
application/json

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b89c773c0d35e1714f0e9b395f9bea5797b25b516fb6828c8ef1f5ac351319ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Sep 2021 12:59:33 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 2CC7 29 B
90 B 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:57:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 95
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Fri, 03 Sep 2021 13:12:58 GMT

GET
H2 200 ai.0.js Show response
app.powerbi.com/13.0.16691.56/scripts/ Frame EAA3 93 KB
21 KB 127ms
126ms Script
application/javascript 20.74.143.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.powerbi.com/13.0.16691.56/scripts/ai.0.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.min.0590117a42331cfa8b77.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.74.143.203 Dubai, United Arab Emirates, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

742e3956adcdec2c0e47aa76ff0a4e8411a5fb41a5c0ceb99c8d6a83e35ebc9e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://teams.powerbi.com https://teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 18:55:10 GMT
etag: "0fb4fe3629fd71:0"
x-frame-options: deny
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://teams.powerbi.com
date: Fri, 03 Sep 2021 12:59:33 GMT
content-security-policy: frame-ancestors https://teams.powerbi.com https://teams.microsoft.com;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 21062
x-xss-protection: 1; mode=block

GET
H2 200 reportEmbed.json-contracts.min.2f8606fbb2238740edc7.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 13 KB
3 KB 8ms
7ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.json-contracts.min.2f8606fbb2238740edc7.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.min.0590117a42331cfa8b77.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9a655698d35a22ebc29b642f346c310199eee0c32a46db981c0dadc54a615604

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0WmswYQAAAAA28cbVH/sET4mslYKi/XNmTE9OMjFFREdFMTUxMQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=128.3,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 3155
timing-allow-origin: *
x-ms-islandgateway: ga0000004
server: Kestrel
date: Fri, 03 Sep 2021 12:59:32 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NRwyYQAAAADb9cPve/okTofp7gwpw1ssRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 3be1d465-6c53-4510-bea5-f1531a71f721
x-ms-service-request-id: 0e2decef-0913-4e41-98c6-e6d3dc8d9c43
x-ms-static-content: al000000C

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/ Frame 2CC7 95 KB
29 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

459f3786cd68cd5d072e7249ba5f8305d8a11e820096dcee12fb58335df6cd68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:37:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 170513
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29752
x-xss-protection: 0
expires: Thu, 01 Sep 2022 13:37:40 GMT

GET
H2 200 TfFoB2a7yVVGE2tGGw51LMET2bfVRgJEPfkhgeY_Qv4.js Show response
www.google.com/js/th/ Frame 2CC7 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/TfFoB2a7yVVGE2tGGw51LMET2bfVRgJEPfkhgeY_Qv4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df1680766bbc95546136b461b0e752cc113d9b7d54602443df92181e63f42fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 12:42:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13387
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 09:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Sep 2022 12:42:43 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/ Frame 2CC7 24 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8070ef9daef25ec3260e1935207dca82b584a9dc527f82469849f1637702b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 170073
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7285
x-xss-protection: 0
expires: Thu, 01 Sep 2022 13:45:00 GMT

GET
DATA 200
OK truncated
/ Frame 2CC7 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRJvTJPv-ko5LC3ZRKkT1qJqCFucWXVf1hUbR0U=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2CC7 2 KB
2 KB 6ms
5ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRJvTJPv-ko5LC3ZRKkT1qJqCFucWXVf1hUbR0U=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c517e512930785249e9f6602d648b75a367a7628a47986d299b0e442f37e702e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:03 GMT
x-content-type-options: nosniff
age: 30
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2070
x-xss-protection: 0
server: fife
etag: "v37"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 04 Sep 2021 12:59:03 GMT

GET
H3-29 200 maxresdefault.jpg
i.ytimg.com/vi/ns6mbaDakOI/ Frame 2CC7 81 KB
81 KB 22ms
18ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ns6mbaDakOI/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69b2f433b5095129fe585d56ec765653202ed6953db2e9d0fdc4263e1ae5dba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:03 GMT
x-content-type-options: nosniff
server: sffe
age: 30
etag: "1589072664"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83229
x-xss-protection: 0
expires: Fri, 03 Sep 2021 14:59:03 GMT

GET
H2 200 powerbi-models.min.f0998a8b19f0aee083ef.js Show response
content.powerapps.com/resource/powerbiwfe/externals/ Frame EAA3 91 KB
10 KB 12ms
11ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/externals/powerbi-models.min.f0998a8b19f0aee083ef.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c2c4ff7326de5ab555422dc1326bcd78cecd24b577e64e1f969fc0704564f17b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0ZLExYQAAAAClSq6Bl5W3TLJe24tyItM/TE9OMjFFREdFMTUxNwAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=117.3,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 9376
timing-allow-origin: *
x-ms-islandgateway: al000000F
server: Kestrel
date: Fri, 03 Sep 2021 12:59:33 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NhwyYQAAAAB/V0lw5Y6JRJgIrFJFDa/HRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 31b7e183-7669-4a69-a85c-2bbcc002df90
x-ms-service-request-id: 74bf38d8-b799-4ff9-9524-a021ad85a390
x-ms-static-content: al000000C

GET
H2 200 jsonfilter.min.21336cc6080ffed8f434.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 32 KB
8 KB 13ms
12ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/jsonfilter.min.21336cc6080ffed8f434.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

94d4e74be3a91e58ae87d295004f05d54570427d592bce826399ba363a69c013

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0vQorYQAAAAB6fzza7dpfS6xTvZBl7obgTE9OMjFFREdFMDExMQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=528.6,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 7696
timing-allow-origin: *
x-ms-islandgateway: al0000003
server: Kestrel
date: Fri, 03 Sep 2021 12:59:33 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NhwyYQAAAAAC9DG6S6ETQIikhNOtDdrsRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: f1f5cafe-e09d-42b8-be46-c259046e435b
x-ms-service-request-id: f76cbd27-cf76-4c79-8239-1c47b6531b2e
x-ms-static-content: al000000E

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 2CC7 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:34 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Fri, 03 Sep 2021 12:59:34 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 2CC7 0
9 B 22ms
14ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?KxeL9g
Requested by: Host: headspring.com
URL: https://headspring.com/insights/covid19/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 85ms
19ms Preflight 13.69.65.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

13.69.65.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://app.powerbi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 03 Sep 2021 12:59:34 GMT
content-length: 0

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 15ms
13ms Preflight 13.69.65.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

13.69.65.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://app.powerbi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 03 Sep 2021 12:59:34 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ Frame EAA3 51 B
121 B 918ms
916ms XHR
application/json 13.69.65.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.65.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

acccc5a3d88639d20c7f8ec2b7e9eef80917f4c7c283197a85b8239cc66df346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: A42E1557-1C82-4DA3-BD75-C8FA813767DA
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 03 Sep 2021 12:59:34 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 51

GET
H2 200 approvedResources.json Show response
pbivisuals.powerbi.com/ Frame EAA3 154 KB
36 KB 390ms
128ms XHR
application/json 20.74.143.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbivisuals.powerbi.com/approvedResources.json
Requested by: Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.74.143.203 Dubai, United Arab Emirates, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cc6d17a5907b78d23c3e0d4f4a4ed77269176c99f4748da1345f84de1961f01f

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:34 GMT
content-encoding: gzip
etag: "0081b969ad71:0"
last-modified: Thu, 26 Aug 2021 16:19:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 36623

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ Frame EAA3 49 B
166 B 543ms
542ms XHR
application/json 13.69.65.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.65.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

76dc829025cdfa2c12dfaf8863662fc69c15a5a16535f2835bc9c5e0d14942b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 334DD5F3-DFFA-49AB-982D-A1165E50980F
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 03 Sep 2021 12:59:34 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 49

GET
H2 200 jquery-ui.min.60b2fc2bc042fc6831db.css
content.powerapps.com/resource/powerbiwfe/externals/ Frame EAA3 21 KB
4 KB 10ms
10ms Stylesheet
text/css 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/externals/jquery-ui.min.60b2fc2bc042fc6831db.css

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/powerbiportal.dependencies.bundle.min.f8f129b44c9e8fc02fb4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

58ba95ff001c45ace69724e41a0507a6e5e8ce0729ea6bafb81ce1eaf01e4e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 02bUtYQAAAADnMU10MSMzRr3MrCIj/msTTE9OMjFFREdFMTUyMgAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=471.4,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 3614
timing-allow-origin: *
x-ms-islandgateway: ga0000003
server: Kestrel
date: Fri, 03 Sep 2021 12:59:33 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NhwyYQAAAACxt9YhW4ODT65ddy/WyKUCRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: b98aef72-86a5-4291-8868-0838eaa27735
x-ms-service-request-id: 228e352f-94d2-4ba5-965a-f716e020ab12
x-ms-static-content: al0000002

GET
H2 200 PowrMDL2.da4b329556e76a570b38.woff
content.powerapps.com/resource/powerbiwfe/fonts/ Frame EAA3 46 KB
47 KB 29ms
9ms Font
font/woff 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/fonts/PowrMDL2.da4b329556e76a570b38.woff

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/styles/reportembed.bundle.min.3cd012c6f005e8e6b106.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

38fb0fd19ebd10fd16c84eb0cdbeb64f94c561ae31d94b768400954b2edcc2ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://app.powerbi.com
Referer: https://content.powerapps.com/resource/powerbiwfe/styles/reportembed.bundle.min.3cd012c6f005e8e6b106.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0tC0xYQAAAADjIET2kfbASZ5mrgL0NiaLTE9OMjFFREdFMDIxOQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=129.1,x-ms-igw-req-overhead;dur=0.9
vary: Accept-Encoding
content-length: 47552
timing-allow-origin: *
x-ms-islandgateway: al0000006
server: Kestrel
date: Fri, 03 Sep 2021 12:59:34 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NhwyYQAAAABrAuVXkMR3SIoStttF6vfSRlJBRURHRTEwMjAAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: df7c9d48-0675-4328-9b26-63136593ab27
x-ms-service-request-id: 7487b9c0-a95d-4781-ace7-9d9b1f10b2ca
x-ms-static-content: al0000009

GET
H2 200 SegoeUI-SemiBold-final.83b7261d0e6f3994ed6d.woff
content.powerapps.com/resource/powerbiwfe/fonts/ Frame EAA3 30 KB
30 KB 10ms
8ms Font
font/woff 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/fonts/SegoeUI-SemiBold-final.83b7261d0e6f3994ed6d.woff

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/styles/reportembed.bundle.min.3cd012c6f005e8e6b106.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3859434608f281a7cac3bad36f788a8d900c26491d1e10b68210188336da9b5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://app.powerbi.com
Referer: https://content.powerapps.com/resource/powerbiwfe/styles/reportembed.bundle.min.3cd012c6f005e8e6b106.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0n7ExYQAAAACWVcLxNjaMTIZxISd5CAxvTE9OMjFFREdFMDIxMgAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=217.4,x-ms-igw-req-overhead;dur=0.2
vary: Accept-Encoding
content-length: 30345
timing-allow-origin: *
x-ms-islandgateway: al0000002
server: Kestrel
date: Fri, 03 Sep 2021 12:59:34 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NhwyYQAAAABaPmkPVTsVTqEua7I3Uz9qRlJBRURHRTEwMjAAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 38286162-9641-471d-b723-efc272403cad
x-ms-service-request-id: 725abe73-4c7b-4468-a13c-f1c02a64f61d
x-ms-static-content: al000000E

GET
H2 200 jquery-ui.min.4c7ff13c0dbe8675f106.js Show response
content.powerapps.com/resource/powerbiwfe/externals/ Frame EAA3 98 KB
25 KB 11ms
9ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/externals/jquery-ui.min.4c7ff13c0dbe8675f106.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

955f2585fc5dbd9b075871f64327aa830ec156a715772b7a6d84af87c202b2df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0EdUxYQAAAABC4Kon929rQ5JsbRSdPFHcTE9OMjFFREdFMDIwNwAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=210.7,x-ms-igw-req-overhead;dur=0.2
vary: Accept-Encoding
content-length: 24932
timing-allow-origin: *
x-ms-islandgateway: al0000000
server: Kestrel
date: Fri, 03 Sep 2021 12:59:33 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NhwyYQAAAAB3ujSZWiOVTb5h0Ek4A7/iRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 90743c97-e369-444c-a195-ceb37550524e
x-ms-service-request-id: e6147b5d-027f-4c82-a58b-4f4c9afe9743
x-ms-static-content: al0000000

GET
H2 200 reportEmbed.exploration-persistent-state.min.d8e56ee2afb98bdfea5b.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 22 KB
5 KB 9ms
7ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.exploration-persistent-state.min.d8e56ee2afb98bdfea5b.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.min.0590117a42331cfa8b77.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

fb392049cf4eba9337b0a21a40a10c03e62fc4e5a066478c2caefcd8496b10b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0DiYrYQAAAAC+zdmzrV3WQIM73aix3lTYTE9OMjFFREdFMDIxMQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=148.8,x-ms-igw-req-overhead;dur=0.2
vary: Accept-Encoding
content-length: 5167
timing-allow-origin: *
x-ms-islandgateway: ga0000001
server: Kestrel
date: Fri, 03 Sep 2021 12:59:33 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NhwyYQAAAADcle88nf1KSLAbw4inX1tIRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: eefcc67a-c32b-4d86-812c-b859d49d210f
x-ms-service-request-id: f4340b3f-de2c-445c-8cbe-832222344230
x-ms-static-content: al0000007

GET
H2 200 SegoeUI-Regular-final.8956d1f5b4190f537497.woff
content.powerapps.com/resource/powerbiwfe/fonts/ Frame EAA3 33 KB
33 KB 8ms
8ms Font
font/woff 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/fonts/SegoeUI-Regular-final.8956d1f5b4190f537497.woff

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/styles/reportembed.bundle.min.3cd012c6f005e8e6b106.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c8ae1941c0005e49dc92e79ce05b8f7daa36c6960bc94fa80e15a83cd524ea63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://app.powerbi.com
Referer: https://content.powerapps.com/resource/powerbiwfe/styles/reportembed.bundle.min.3cd012c6f005e8e6b106.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0yrUtYQAAAACukIFUEWhaRo3TPdqmvFyXTE9OMjFFREdFMTUyMAAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=130.3,x-ms-igw-req-overhead;dur=0.2
vary: Accept-Encoding
content-length: 33407
timing-allow-origin: *
x-ms-islandgateway: al0000002
server: Kestrel
date: Fri, 03 Sep 2021 12:59:34 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NhwyYQAAAADz4n5KsuD7ToNVI9u0HBgiRlJBRURHRTEwMjAAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 1c58e436-b0af-4b7c-b1f2-aa70fa94513b
x-ms-service-request-id: 7762cca1-1215-485c-830a-8de8025044fa
x-ms-static-content: al0000007

GET
H2 200 SegoeUI-SemiLight-final.eeb383ef99f353ef64c7.woff
content.powerapps.com/resource/powerbiwfe/fonts/ Frame EAA3 25 KB
25 KB 14ms
13ms Font
font/woff 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/fonts/SegoeUI-SemiLight-final.eeb383ef99f353ef64c7.woff

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/styles/reportembed.bundle.min.3cd012c6f005e8e6b106.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://app.powerbi.com
Referer: https://content.powerapps.com/resource/powerbiwfe/styles/reportembed.bundle.min.3cd012c6f005e8e6b106.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0GtUxYQAAAADTH5OqM0GyRKJy531xPeLXTE9OMjFFREdFMTUwNgAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=118.4,x-ms-igw-req-overhead;dur=0.2
vary: Accept-Encoding
content-length: 25543
timing-allow-origin: *
x-ms-islandgateway: al0000009
server: Kestrel
date: Fri, 03 Sep 2021 12:59:34 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NhwyYQAAAACHDmXiXKgaQp22r9PsNxUoRlJBRURHRTEwMjAAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: c1a4afa5-436f-47b9-9a42-2e7da21a605a
x-ms-service-request-id: 0f345c6c-f042-452c-b070-3c78cb9a6fd0
x-ms-static-content: al0000001

GET
H2 200 resizeSensor.min.8f6f816503171fdd5d43.js Show response
content.powerapps.com/resource/powerbiwfe/externals/ Frame EAA3 7 KB
2 KB 9ms
8ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/externals/resizeSensor.min.8f6f816503171fdd5d43.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

55775285279b2a6a9d4322db3a8a65e7e372e166d6c0a5f3a1b8bb277dcaad76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0EM4qYQAAAAAVHq4B0bUCSI3MQi5PlBp0TE9OMjFFREdFMDEyMQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=537.7,x-ms-igw-req-overhead;dur=0.2
vary: Accept-Encoding
content-length: 1612
timing-allow-origin: *
x-ms-islandgateway: al0000001
server: Kestrel
date: Fri, 03 Sep 2021 12:59:33 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NhwyYQAAAADihd4BJPWGQaUnmDIZLHL5RlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 6f4402e6-3592-4a00-bd85-5e85a365e7b2
x-ms-service-request-id: 6ce28480-4e45-4780-81ef-66de0062ad81
x-ms-static-content: al000000A

OPTIONS
H/1.1 200
OK 1%2F5725658f-55ef-40cc-80a5-83b0407b72d9%2FResourcePackage%2FBlobIdV2-5e1edae4-93d6-4739-b101-64896ed4fbb2ooHmYyITZ5dVAfz5Xw73tRiuJOEY8TS9xleuEbNtcCs%3D.json
wabi-west-us-api.analysis.windows.net/public/reports/resourcePackage/94818165/ Frame 0
0 169ms
168ms Preflight 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wabi-west-us-api.analysis.windows.net/public/reports/resourcePackage/94818165/1%2F5725658f-55ef-40cc-80a5-83b0407b72d9%2FResourcePackage%2FBlobIdV2-5e1edae4-93d6-4739-b101-64896ed4fbb2ooHmYyITZ5dVAfz5Xw73tRiuJOEY8TS9xleuEbNtcCs%3D.json
Protocol: HTTP/1.1
Server: 40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: activityid,requestid,x-powerbi-resourcekey
Origin: https://app.powerbi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Access-Control-Allow-Headers: activityid,requestid,x-powerbi-resourcekey
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Access-Control-Allow-Methods: GET
Date: Fri, 03 Sep 2021 12:59:34 GMT

GET
H/1.1 200
OK 1%2F5725658f-55ef-40cc-80a5-83b0407b72d9%2FResourcePackage%2FBlobIdV2-5e1edae4-93d6-4739-b101-64896ed4fbb2ooHmYyITZ5dVAfz5Xw73tRiuJOEY8TS9xleuEbNtcCs%3D.json Show response
wabi-west-us-api.analysis.windows.net/public/reports/resourcePackage/94818165/ Frame EAA3 8 KB
3 KB 164ms
163ms XHR
application/octet-stream 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://wabi-west-us-api.analysis.windows.net/public/reports/resourcePackage/94818165/1%2F5725658f-55ef-40cc-80a5-83b0407b72d9%2FResourcePackage%2FBlobIdV2-5e1edae4-93d6-4739-b101-64896ed4fbb2ooHmYyITZ5dVAfz5Xw73tRiuJOEY8TS9xleuEbNtcCs%3D.json

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

58ad42af0c1190e34f414f071dfd4e4efd2f03a0bc12e8ec555688e5d7c750d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.powerbi.com/
X-PowerBI-ResourceKey: c74128e0-a47b-44c7-beda-0e31ec0f87cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
RequestId: 2b636f9d-fa1f-57cf-7202-9365d8ff0f31
ActivityId: 579cdb2d-78a9-663e-35b0-c1bea92b02df

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 03 Sep 2021 12:59:34 GMT
RequestId: 077b62a9-2616-38c5-4622-1c87d0c4b57c
X-Frame-Options: deny
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: requestId,retry-after
Cache-Control: no-store, must-revalidate, no-cache
Content-Length: 2689

GET
H2 200 CY19SU12.json Show response
app.powerbi.com/13.0.16691.56/sharedresources/BaseThemes/ Frame EAA3 7 KB
1 KB 131ms
131ms XHR
application/json 20.74.143.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.powerbi.com/13.0.16691.56/sharedresources/BaseThemes/CY19SU12.json

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.74.143.203 Dubai, United Arab Emirates, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

17b93391b9920aedeb261aa868e08f105fb76c5e1949c37f997f5f9b71fd16f4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://teams.powerbi.com https://teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9
X-PowerBI-ResourceKey: c74128e0-a47b-44c7-beda-0e31ec0f87cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
RequestId: c9fb2af6-80c5-54f9-bd88-c0a2da51f13f
ActivityId: 579cdb2d-78a9-663e-35b0-c1bea92b02df

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 18:55:14 GMT
etag: "055b2e5629fd71:0"
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://teams.powerbi.com
date: Fri, 03 Sep 2021 12:59:34 GMT
content-security-policy: frame-ancestors https://teams.powerbi.com https://teams.microsoft.com;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1378
x-xss-protection: 1; mode=block

GET
H2 200 headspring.png
headspring.com/wp-content/uploads/2017/02/ 2 KB
3 KB 116ms
113ms Image
image/png 104.154.24.231
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://headspring.com/wp-content/uploads/2017/02/headspring.png
Requested by: Host: headspring.com
URL: https://headspring.com/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.24.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.24.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5f15dceda85b5fd9bf53d82ed6abb2125fca7fab27da99b0df2cd0b6de6f2c15

Request headers

:path: /wp-content/uploads/2017/02/headspring.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: headspring.com
referer: https://headspring.com/insights/covid19/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://headspring.com/insights/covid19/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:35 GMT
last-modified: Mon, 13 Apr 2020 16:49:14 GMT
server: nginx
etag: "5e94980a-9b9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2489

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 14ms
14ms Preflight 13.69.65.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

13.69.65.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://app.powerbi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 03 Sep 2021 12:59:34 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ Frame EAA3 51 B
141 B 879ms
878ms XHR
application/json 13.69.65.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.65.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bd38b5fc88e88bfda855b553aa66a0c4971adf7b35b5bcf1c8d022a461ed0039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 420E9460-02CC-4BC8-9EFD-43D58A43A27C
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 03 Sep 2021 12:59:35 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 51

GET
H2 200 PBI_CV_16948668_E17D_454B_8664_2F2C470EA8C1.1.1.7.ba3ec400208755d8e7e8f07af131bab27cc2ef5c2c4ce808feb095686b256461.pbiviz.json Show response
pbivisuals.powerbi.com/ Frame EAA3 165 KB
70 KB 150ms
150ms XHR
application/json 20.74.143.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbivisuals.powerbi.com/PBI_CV_16948668_E17D_454B_8664_2F2C470EA8C1.1.1.7.ba3ec400208755d8e7e8f07af131bab27cc2ef5c2c4ce808feb095686b256461.pbiviz.json
Requested by: Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.74.143.203 Dubai, United Arab Emirates, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ba3ec400208755d8e7e8f07af131bab27cc2ef5c2c4ce808feb095686b256461

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:34 GMT
content-encoding: gzip
etag: "02a50ff949ad71:0"
last-modified: Thu, 26 Aug 2021 16:11:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 wishyoulizationbarchartrace.1.0.0.2299c6d7700abf43e5774fb4656903739712476c68d816ae589584425919b4a8.pbiviz.json Show response
pbivisuals.powerbi.com/ Frame EAA3 309 KB
128 KB 259ms
258ms XHR
application/json 20.74.143.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbivisuals.powerbi.com/wishyoulizationbarchartrace.1.0.0.2299c6d7700abf43e5774fb4656903739712476c68d816ae589584425919b4a8.pbiviz.json
Requested by: Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.74.143.203 Dubai, United Arab Emirates, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2299c6d7700abf43e5774fb4656903739712476c68d816ae589584425919b4a8

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:34 GMT
content-encoding: gzip
etag: "038776959ad71:0"
last-modified: Thu, 26 Aug 2021 16:11:28 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 choropleth4C77906D867C4C09AFE83BA5E2AA106A.1.0.2.a352d16f4ccc8147826a4ad37a6f2d2cbdbb51e4e6475f4e671505cce32e2b13.pbiviz.json Show response
pbivisuals.powerbi.com/ Frame EAA3 530 KB
213 KB 258ms
258ms XHR
application/json 20.74.143.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbivisuals.powerbi.com/choropleth4C77906D867C4C09AFE83BA5E2AA106A.1.0.2.a352d16f4ccc8147826a4ad37a6f2d2cbdbb51e4e6475f4e671505cce32e2b13.pbiviz.json
Requested by: Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.74.143.203 Dubai, United Arab Emirates, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a352d16f4ccc8147826a4ad37a6f2d2cbdbb51e4e6475f4e671505cce32e2b13

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:34 GMT
content-encoding: gzip
etag: "084b21959ad71:0"
last-modified: Thu, 26 Aug 2021 16:11:20 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 StandardFont.c332ed958e3c0c331e69.woff
content.powerapps.com/resource/powerbiwfe/fonts/ Frame EAA3 15 KB
16 KB 7ms
7ms Font
font/woff 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/fonts/StandardFont.c332ed958e3c0c331e69.woff

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/styles/reportembed.bundle.min.3cd012c6f005e8e6b106.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

29a94eec1df373317c85dfd9a77bd86e3ed4f464e6f2afb6e09d33fa22d75e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://app.powerbi.com
Referer: https://content.powerapps.com/resource/powerbiwfe/styles/reportembed.bundle.min.3cd012c6f005e8e6b106.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 047UtYQAAAAALRzzHm02QRZ/Nvk3ZYe5BTE9OMjFFREdFMDEyMAAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=125.8,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 15741
timing-allow-origin: *
x-ms-islandgateway: ga0000003
server: Kestrel
date: Fri, 03 Sep 2021 12:59:34 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NxwyYQAAAABAc6bcGl5aToDZ71YTRjhORlJBRURHRTEwMjAAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: cce32b83-0adf-4a5a-944e-8565c6563763
x-ms-service-request-id: 2d3b1a8a-601f-4832-896e-99e0f7c19ae1
x-ms-static-content: al0000004

GET
H2 200 imageVisual.min.7a417a941c2c5b4e691f.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 2 KB
1 KB 14ms
7ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/imageVisual.min.7a417a941c2c5b4e691f.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e9a15694af1f4a4ed7278204bedaae9d3d27805516a2ac2763e5cb78d185af27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0P/gqYQAAAADmz3QBVZfcT5+6bdp/esBSTE9OMjFFREdFMDIyMgAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=117.7,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 672
timing-allow-origin: *
x-ms-islandgateway: al0000000
server: Kestrel
date: Fri, 03 Sep 2021 12:59:34 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NxwyYQAAAAA+Bn/ue7YxRqKcPsk4YXf8RlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: e97f5972-7c9e-4bf7-992b-5c298f9621d0
x-ms-service-request-id: 83254aeb-68ed-4490-b53f-881562679b8f
x-ms-static-content: al0000008

GET
H2 200 textboxVisual.min.cb7cf7abc400ba2f3878.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 47 KB
12 KB 8ms
8ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/textboxVisual.min.cb7cf7abc400ba2f3878.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9018c9cde969f67f3ef9aeebb0462386ec0835eccd6f90ac59fb2634c2ddabc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0EtUxYQAAAACuzunu0EeRSZFz49EvomeQTE9OMjFFREdFMTUxMgAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=420.1,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 11905
timing-allow-origin: *
x-ms-islandgateway: ga0000005
server: Kestrel
date: Fri, 03 Sep 2021 12:59:34 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NxwyYQAAAADXS+VK48ngQITZYsMcfjQlRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: a80e3ba8-26dd-4797-b084-0d6907f79033
x-ms-service-request-id: 171c114c-0405-4a7f-8a70-28496e6d4901
x-ms-static-content: al000000C

GET
H2 200 singleValueVisuals.min.1304804782728e852f93.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 37 KB
9 KB 8ms
8ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/singleValueVisuals.min.1304804782728e852f93.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8ec6b991cb1b2573beb8b63846dad6ad125755c7ffbc38aa093db28c1343912a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0nM0qYQAAAAA8AxbuRqqNSZyyY1fp9NF9TE9OMjFFREdFMDIxMAAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=147.3,x-ms-igw-req-overhead;dur=0.2
vary: Accept-Encoding
content-length: 9122
timing-allow-origin: *
x-ms-islandgateway: al000000N
server: Kestrel
date: Fri, 03 Sep 2021 12:59:34 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NxwyYQAAAABgEIL6Y7pTQqEMLKVK5QyERlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 2bd3be96-cfcd-4b61-ae0e-c8ea8ed0bbbc
x-ms-service-request-id: d83edfae-e699-429f-82d3-91030d5dccc4
x-ms-static-content: al0000008

GET
H2 200 slicerVisual.min.1774ab7e7470445faed9.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 148 KB
30 KB 8ms
8ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/slicerVisual.min.1774ab7e7470445faed9.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a5f5aa67c5247bf353a5668ec0671fb272ddc3b344112b07a63df196e1425db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0sc0qYQAAAADPm1KrpW1gQYPoJ6Nce/PlTE9OMjFFREdFMDIxNQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=567.9,x-ms-igw-req-overhead;dur=0.2
vary: Accept-Encoding
content-length: 30278
timing-allow-origin: *
x-ms-islandgateway: ga0000004
server: Kestrel
date: Fri, 03 Sep 2021 12:59:34 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NxwyYQAAAAB6wYohIFYyT4ldzsz68GjXRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: d169d017-e936-4321-98bd-47adcea08d01
x-ms-service-request-id: 16b598d3-9a50-4f92-acf6-3ff743c43078
x-ms-static-content: al0000002

GET
H2 200 multiRowCardVisual.min.f5675c979517908857e9.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 17 KB
5 KB 8ms
7ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/multiRowCardVisual.min.f5675c979517908857e9.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

056bda7125c8c4f48e75479498b37cdf78e30f925a728799115d6f3b8ca65d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0EH0qYQAAAAAo9oF/Ca/AR672ey9DvbSiTE9OMjFFREdFMDIwNwAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=126.9,x-ms-igw-req-overhead;dur=0.2
vary: Accept-Encoding
content-length: 4568
timing-allow-origin: *
x-ms-islandgateway: al0000002
server: Kestrel
date: Fri, 03 Sep 2021 12:59:34 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NxwyYQAAAABDG2bQlCL+QJ4iRxHPgyRERlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 5b43676b-72f6-49d5-ac13-578c49bb28ba
x-ms-service-request-id: 57ce078d-4e52-4931-8404-e51b7f0e2edf
x-ms-static-content: al0000008

GET
H2 200 cartesianVisuals.min.4e01f69c94dc9972a7d2.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 459 KB
86 KB 9ms
9ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/cartesianVisuals.min.4e01f69c94dc9972a7d2.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

292c45f06be415aea369a7167a85f462a26547f1e6020a3610f91685a844daa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0UaUvYQAAAACW+brCC5vnT7bkYsYUSuQxTE9OMjFFREdFMDIxMQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=210.0,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 87878
timing-allow-origin: *
x-ms-islandgateway: ga0000001
server: Kestrel
date: Fri, 03 Sep 2021 12:59:34 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NxwyYQAAAADwK9lWmGGWQLn3zOqkXErIRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 1d5c7d80-4960-40f4-a486-c8c0f59273ba
x-ms-service-request-id: 8f11ff83-764f-40ca-aff4-7bba3fa78c87
x-ms-static-content: al0000000

GET
H2 200 basicShapeVisual.min.6174a3399ece77292c60.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 37 KB
9 KB 16ms
7ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/basicShapeVisual.min.6174a3399ece77292c60.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e6ed5ad99facbe81ae92038663e4931f0000f73847fc60e64a46517f912aae8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0NC0xYQAAAACKPbbuQTG6SapB0oaTPhtSTE9OMjFFREdFMDIwOQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=119.2,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 9282
timing-allow-origin: *
x-ms-islandgateway: ga0000002
server: Kestrel
date: Fri, 03 Sep 2021 12:59:34 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NxwyYQAAAAAxEzmGeYyITY03vPXZvKW4RlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: de118813-aef8-453a-b304-8a09deb50ad6
x-ms-service-request-id: a97f5ed1-03ea-4db2-8bfd-93f3f861989c
x-ms-static-content: al0000000

GET
H2 200 shapeMapVisual.min.1566fd1414a0989c79d9.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 19 KB
5 KB 15ms
9ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/shapeMapVisual.min.1566fd1414a0989c79d9.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

62b935b6636ec4db95ce6adc07dc8da028fa6c75364127aa48254f25e968ff8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0qeQqYQAAAACOhqWv3o5jS4F3vaijKMeZTE9OMjFFREdFMTUxNwAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=466.4,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 5232
timing-allow-origin: *
x-ms-islandgateway: al0000000
server: Kestrel
date: Fri, 03 Sep 2021 12:59:34 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0NxwyYQAAAABTnwIxp4h2S6Ls7c0lTcY0RlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 55503edb-4d97-4c76-9a29-f50af1976b22
x-ms-service-request-id: 7c3cac25-a592-4224-9e2e-f5d672c9db87
x-ms-static-content: al000000E

OPTIONS
H/1.1 200
OK 1%2F5725658f-55ef-40cc-80a5-83b0407b72d9%2FResourcePackage%2FBlobIdV2-2d2d0310-eb7a-412b-9fba-bd54642a74a3RPZOP5HhAlxdP2CRwabn7-D7TlA2CeLyuYbCLj-wM2M%3D.png
wabi-west-us-api.analysis.windows.net/public/reports/resourcePackage/94818165/ Frame 0
0 168ms
167ms Preflight 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wabi-west-us-api.analysis.windows.net/public/reports/resourcePackage/94818165/1%2F5725658f-55ef-40cc-80a5-83b0407b72d9%2FResourcePackage%2FBlobIdV2-2d2d0310-eb7a-412b-9fba-bd54642a74a3RPZOP5HhAlxdP2CRwabn7-D7TlA2CeLyuYbCLj-wM2M%3D.png
Protocol: HTTP/1.1
Server: 40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: activityid,requestid,x-powerbi-resourcekey
Origin: https://app.powerbi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Access-Control-Allow-Headers: activityid,requestid,x-powerbi-resourcekey
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Access-Control-Allow-Methods: GET
Date: Fri, 03 Sep 2021 12:59:34 GMT

GET
H/1.1 200
OK 1%2F5725658f-55ef-40cc-80a5-83b0407b72d9%2FResourcePackage%2FBlobIdV2-2d2d0310-eb7a-412b-9fba-bd54642a74a3RPZOP5HhAlxdP2CRwabn7-D7TlA2CeLyuYbCLj-wM2M%3D.png Show response
wabi-west-us-api.analysis.windows.net/public/reports/resourcePackage/94818165/ Frame EAA3 6 KB
6 KB 165ms
165ms XHR
image/png 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://wabi-west-us-api.analysis.windows.net/public/reports/resourcePackage/94818165/1%2F5725658f-55ef-40cc-80a5-83b0407b72d9%2FResourcePackage%2FBlobIdV2-2d2d0310-eb7a-412b-9fba-bd54642a74a3RPZOP5HhAlxdP2CRwabn7-D7TlA2CeLyuYbCLj-wM2M%3D.png

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

01143553a9cd827ef0285bc7940624a98a437c130a76435ba150f8fda3cbb58a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.powerbi.com/
X-PowerBI-ResourceKey: c74128e0-a47b-44c7-beda-0e31ec0f87cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
RequestId: 87f5b597-1314-d0be-2f89-2640759c3ab6
ActivityId: 579cdb2d-78a9-663e-35b0-c1bea92b02df

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 03 Sep 2021 12:59:35 GMT
RequestId: c361e0e6-29d9-00ab-04cc-8ce7f8bcd714
X-Frame-Options: deny
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: requestId,retry-after
Cache-Control: no-store, must-revalidate, no-cache
Content-Length: 6001

OPTIONS
H/1.1 200
OK querydata
wabi-west-us-api.analysis.windows.net/public/reports/ Frame 0
0 165ms
163ms Preflight 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wabi-west-us-api.analysis.windows.net/public/reports/querydata?synchronous=true
Protocol: HTTP/1.1
Server: 40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: activityid,content-type,requestid,x-powerbi-resourcekey
Origin: https://app.powerbi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Access-Control-Allow-Headers: activityid,content-type,requestid,x-powerbi-resourcekey
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Access-Control-Allow-Methods: POST
Date: Fri, 03 Sep 2021 12:59:35 GMT

POST
H/1.1 200
OK querydata Show response
wabi-west-us-api.analysis.windows.net/public/reports/ Frame EAA3 2 KB
1 KB 172ms
168ms XHR
text/plain 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://wabi-west-us-api.analysis.windows.net/public/reports/querydata?synchronous=true

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

de36bf3179ce4698f14284cb51f78f12734dec47c538a9ac1ac2d78c8caa63fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.powerbi.com/
X-PowerBI-ResourceKey: c74128e0-a47b-44c7-beda-0e31ec0f87cf
ActivityId: 579cdb2d-78a9-663e-35b0-c1bea92b02df
Content-Type: application/json;charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
RequestId: 68cb5410-3a2f-0c1b-355f-040eb0a22b58

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 03 Sep 2021 12:59:35 GMT
X-PowerBI-Cache-Age: 3600
X-Frame-Options: deny
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
RequestId: fc601583-c88a-aee4-43b4-4747b1a83b3c
Cache-Control: no-store, must-revalidate, no-cache
Content-Length: 920
Access-Control-Expose-Headers: requestId,retry-after

POST
H/1.1 200
OK querydata Show response
wabi-west-us-api.analysis.windows.net/public/reports/ Frame EAA3 2 KB
1 KB 339ms
178ms XHR
text/plain 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://wabi-west-us-api.analysis.windows.net/public/reports/querydata?synchronous=true

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c7bf220d3895d4f8b174a1136dbc832ed092bfd0846903d5436cb6a25257f7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.powerbi.com/
X-PowerBI-ResourceKey: c74128e0-a47b-44c7-beda-0e31ec0f87cf
ActivityId: 579cdb2d-78a9-663e-35b0-c1bea92b02df
Content-Type: application/json;charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
RequestId: 426c3f19-bb32-7d2d-d4bf-c73fc33ccb7f

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 03 Sep 2021 12:59:35 GMT
X-PowerBI-Cache-Age: 3600
X-Frame-Options: deny
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
RequestId: a3d1e024-ac01-a93b-be80-0c06aee1a5f6
Cache-Control: no-store, must-revalidate, no-cache
Content-Length: 919
Access-Control-Expose-Headers: requestId,retry-after

POST
H/1.1 200
OK querydata Show response
wabi-west-us-api.analysis.windows.net/public/reports/ Frame EAA3 2 KB
1 KB 170ms
167ms XHR
text/plain 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://wabi-west-us-api.analysis.windows.net/public/reports/querydata?synchronous=true

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a9897379efd4d492f9d36b50c61f628e4c764b1b4d5e6ce82f4e2ba5c84dda79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.powerbi.com/
X-PowerBI-ResourceKey: c74128e0-a47b-44c7-beda-0e31ec0f87cf
ActivityId: 579cdb2d-78a9-663e-35b0-c1bea92b02df
Content-Type: application/json;charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
RequestId: 4d26cac8-ab7f-f907-2473-36616f862cf9

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 03 Sep 2021 12:59:36 GMT
X-PowerBI-Cache-Age: 3600
X-Frame-Options: deny
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
RequestId: 9ba2dba8-783e-0ac9-9333-cb9866a813e2
Cache-Control: no-store, must-revalidate, no-cache
Content-Length: 746
Access-Control-Expose-Headers: requestId,retry-after

OPTIONS
H/1.1 200
OK querydata
wabi-west-us-api.analysis.windows.net/public/reports/ Frame 0
0 164ms
163ms Preflight 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wabi-west-us-api.analysis.windows.net/public/reports/querydata?synchronous=true
Protocol: HTTP/1.1
Server: 40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: activityid,content-type,requestid,x-powerbi-resourcekey
Origin: https://app.powerbi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Access-Control-Allow-Headers: activityid,content-type,requestid,x-powerbi-resourcekey
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Access-Control-Allow-Methods: POST
Date: Fri, 03 Sep 2021 12:59:35 GMT

OPTIONS
H/1.1 200
OK querydata
wabi-west-us-api.analysis.windows.net/public/reports/ Frame 0
0 324ms
164ms Preflight 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wabi-west-us-api.analysis.windows.net/public/reports/querydata?synchronous=true
Protocol: HTTP/1.1
Server: 40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: activityid,content-type,requestid,x-powerbi-resourcekey
Origin: https://app.powerbi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Access-Control-Allow-Headers: activityid,content-type,requestid,x-powerbi-resourcekey
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Access-Control-Allow-Methods: POST
Date: Fri, 03 Sep 2021 12:59:35 GMT

GET
H2 200 topojson.min.d89b8f70fcb476e31ac3.js Show response
content.powerapps.com/resource/powerbiwfe/externals/ Frame EAA3 6 KB
3 KB 17ms
14ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/externals/topojson.min.d89b8f70fcb476e31ac3.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4c8c31fb67fb7fd5bc69d480ee0622f19a50a9f8f96b582421d1e475e373cdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0TLItYQAAAABLAprregPeQ4T6j9xmMGkfTE9OMjFFREdFMTUxMgAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=117.9,x-ms-igw-req-overhead;dur=0.2
vary: Accept-Encoding
content-length: 2256
timing-allow-origin: *
x-ms-islandgateway: ga0000003
server: Kestrel
date: Fri, 03 Sep 2021 12:59:35 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0OBwyYQAAAACt7a8Aj7nESKHyp1/DABk1RlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 720de735-3f8b-4fea-9f2a-2ee852af4c68
x-ms-service-request-id: f982674b-9fb9-4edc-86a8-317e92c3f089
x-ms-static-content: al000000A

GET
H2 200 d3-geo.min.359a0887e4a0161329bd.js Show response
content.powerapps.com/resource/powerbiwfe/externals/ Frame EAA3 35 KB
12 KB 17ms
15ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/externals/d3-geo.min.359a0887e4a0161329bd.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0404017b5189af6fc7ff18b50e7716bcf70d043cb64592e6fac30635cb0a9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0eGswYQAAAAApvLEtpG5uQ7lkvxg55A3GTE9OMjFFREdFMDEyMQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=478.1,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 11325
timing-allow-origin: *
x-ms-islandgateway: ga0000001
server: Kestrel
date: Fri, 03 Sep 2021 12:59:35 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0OBwyYQAAAAC3UM6O+gVgRJMV97U81XhdRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: ff871a5e-9d98-4c9f-9d7f-1523be02b059
x-ms-service-request-id: c8638bac-b035-4737-b78a-885e076ff5e2
x-ms-static-content: al0000001

GET
H2 200 tileLibrary.min.ede32c97a00d345557d4.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 66 KB
12 KB 29ms
9ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/tileLibrary.min.ede32c97a00d345557d4.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a216fc67a538553083290aaa7d736cc2d8f7b1ef4ad5f6e26055d48852abbccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0nM0qYQAAAADhxzFNYSdcRa1AVZTbjzVnTE9OMjFFREdFMDIwNgAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=487.6,x-ms-igw-req-overhead;dur=0.2
vary: Accept-Encoding
content-length: 12034
timing-allow-origin: *
x-ms-islandgateway: al000000N
server: Kestrel
date: Fri, 03 Sep 2021 12:59:35 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0OBwyYQAAAAB138kF8SA/QJ5ZPx3NEUnGRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: da684ce8-7def-4628-90c9-0a2adc9ad162
x-ms-service-request-id: aecced83-d62a-425f-a453-2b763b74cd0c
x-ms-static-content: al0000007

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2CC7 28 B
197 B 30ms
29ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ns6mbaDakOI?start=1&enablejsapi=1&origin=https%3A%2F%2Fheadspring.com
X-YouTube-Client-Version: 1.20210831.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtIT3VQcmxrLVFJMCi0uMiJBg%3D%3D
X-YouTube-Ad-Signals: dt=1630673973122&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C740%2C416&vis=1&wgl=true&ca_type=image&bid=ANyPxKqBKGuGbfrl86uS-7Ub-eTjRlSB8JEGrklOC2PyU9klKHvJSB5lAWYTSck8fospGwW8rzJJ8rWEeHZ3G14QXph1HW9FFA

Response headers

date: Fri, 03 Sep 2021 12:59:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 03 Sep 2021 12:59:36 GMT

OPTIONS
H/1.1 200
OK querydata
wabi-west-us-api.analysis.windows.net/public/reports/ Frame 0
0 163ms
162ms Preflight 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wabi-west-us-api.analysis.windows.net/public/reports/querydata?synchronous=true
Protocol: HTTP/1.1
Server: 40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: activityid,content-type,requestid,x-powerbi-resourcekey
Origin: https://app.powerbi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Access-Control-Allow-Headers: activityid,content-type,requestid,x-powerbi-resourcekey
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Access-Control-Allow-Methods: POST
Date: Fri, 03 Sep 2021 12:59:35 GMT

OPTIONS
H/1.1 200
OK querydata
wabi-west-us-api.analysis.windows.net/public/reports/ Frame 0
0 286ms
167ms Preflight 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wabi-west-us-api.analysis.windows.net/public/reports/querydata?synchronous=true
Protocol: HTTP/1.1
Server: 40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: activityid,content-type,requestid,x-powerbi-resourcekey
Origin: https://app.powerbi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Access-Control-Allow-Headers: activityid,content-type,requestid,x-powerbi-resourcekey
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Access-Control-Allow-Methods: POST
Date: Fri, 03 Sep 2021 12:59:36 GMT

POST
H/1.1 200
OK querydata Show response
wabi-west-us-api.analysis.windows.net/public/reports/ Frame EAA3 6 KB
3 KB 178ms
178ms XHR
text/plain 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://wabi-west-us-api.analysis.windows.net/public/reports/querydata?synchronous=true

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9e8081d6d0822fa1926872fe823d0e4e81bc2de53a674b89c80f2494aac28a4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.powerbi.com/
X-PowerBI-ResourceKey: c74128e0-a47b-44c7-beda-0e31ec0f87cf
ActivityId: 579cdb2d-78a9-663e-35b0-c1bea92b02df
Content-Type: application/json;charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
RequestId: f4be12b9-c754-5e99-cd95-b3397182e31e

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 03 Sep 2021 12:59:35 GMT
X-PowerBI-Cache-Age: 3600
X-Frame-Options: deny
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
RequestId: 24f75a28-9d7d-f742-5a11-4287f9c973b4
Cache-Control: no-store, must-revalidate, no-cache
Content-Length: 2157
Access-Control-Expose-Headers: requestId,retry-after

POST
H/1.1 200
OK querydata Show response
wabi-west-us-api.analysis.windows.net/public/reports/ Frame EAA3 6 KB
2 KB 167ms
166ms XHR
text/plain 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://wabi-west-us-api.analysis.windows.net/public/reports/querydata?synchronous=true

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b2f556a76bee0c86b64de8da8c060476c32a18007df8315c1a0ab9aaad24e9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.powerbi.com/
X-PowerBI-ResourceKey: c74128e0-a47b-44c7-beda-0e31ec0f87cf
ActivityId: 579cdb2d-78a9-663e-35b0-c1bea92b02df
Content-Type: application/json;charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
RequestId: 156aa338-b6e1-8489-e727-4e54888721c3

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 03 Sep 2021 12:59:36 GMT
X-PowerBI-Cache-Age: 3600
X-Frame-Options: deny
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
RequestId: 9fe520ad-d91b-c300-09d6-0ef79355c87a
Cache-Control: no-store, must-revalidate, no-cache
Content-Length: 1954
Access-Control-Expose-Headers: requestId,retry-after

GET
BLOB 200
OK 7fbc1777-5ed9-434b-b87a-a2b5563d2551
https://app.powerbi.com/ Frame EAA3 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://app.powerbi.com/7fbc1777-5ed9-434b-b87a-a2b5563d2551
Requested by: Host: app.powerbi.com
URL: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01143553a9cd827ef0285bc7940624a98a437c130a76435ba150f8fda3cbb58a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 6078
Content-Type: image/png

GET
H2 200 d3-array.min.5609d9332c40784bb4a7.js Show response
content.powerapps.com/resource/powerbiwfe/externals/ Frame EAA3 6 KB
2 KB 7ms
7ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/externals/d3-array.min.5609d9332c40784bb4a7.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

36063320f45f2679bbb1cdd95d3f7e4ca40fdce71e52cc03f7f4618bf0ced47c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0zXwqYQAAAAA1FD/YnvIPSL/qH+q+LJuNTE9OMjFFREdFMDExMwAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=150.0,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 2151
timing-allow-origin: *
x-ms-islandgateway: ga0000002
server: Kestrel
date: Fri, 03 Sep 2021 12:59:35 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0OBwyYQAAAACIzko27yIeSadxULAUswGBRlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 4d606379-9bcb-451b-8e53-e6abe1a54976
x-ms-service-request-id: 951977dc-8638-42fb-9624-11b408acb1e1
x-ms-static-content: al0000008

GET
H2 200 reportEmbed.drill-through.min.b311c8a6e7d117d1e098.js Show response
content.powerapps.com/resource/powerbiwfe/scripts/ Frame EAA3 8 KB
3 KB 13ms
10ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.drill-through.min.b311c8a6e7d117d1e098.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.min.0590117a42331cfa8b77.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::63 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

7f1fcecb512f8eff45087f0c510545cc8297360cdd9bf67c7d065df90f853cc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 08dQxYQAAAAB4FpH8FPKMQadNDiJWZFPTTE9OMjFFREdFMDIxOAAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=107.8,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 2463
timing-allow-origin: *
x-ms-islandgateway: ga0000002
server: Kestrel
date: Fri, 03 Sep 2021 12:59:35 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0OBwyYQAAAAA7nVg3Kf2ITYgnF0ycEhQ5RlJBRURHRTEwMDgAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 7acd77a1-c92f-4acb-b6b6-20c172556c70
x-ms-service-request-id: 6804934f-fde6-43d7-9b8d-36e54778426c
x-ms-static-content: al000000E

GET
H2 200 usa.states.topo.json Show response
app.powerbi.com/13.0.16691.56/sharedresources/Shapemaps/ Frame EAA3 25 KB
9 KB 130ms
129ms XHR
application/json 20.74.143.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.powerbi.com/13.0.16691.56/sharedresources/Shapemaps/usa.states.topo.json

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.74.143.203 Dubai, United Arab Emirates, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2ecdc934cc5386adcf01b71ed2258312a791864265f43357e2cde98df1bb7a34

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://teams.powerbi.com https://teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.powerbi.com/view?r=eyJrIjoiYzc0MTI4ZTAtYTQ3Yi00NGM3LWJlZGEtMGUzMWVjMGY4N2NmIiwidCI6IjU3MjU2NThmLTU1ZWYtNDBjYy04MGE1LTgzYjA0MDdiNzJkOSIsImMiOjZ9
X-PowerBI-ResourceKey: c74128e0-a47b-44c7-beda-0e31ec0f87cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
RequestId: ae3be639-00bc-12a1-89e2-1578e19c01e4
ActivityId: 579cdb2d-78a9-663e-35b0-c1bea92b02df

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 18:55:14 GMT
etag: "055b2e5629fd71:0"
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://teams.powerbi.com
date: Fri, 03 Sep 2021 12:59:36 GMT
content-security-policy: frame-ancestors https://teams.powerbi.com https://teams.microsoft.com;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 8775
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK querydata Show response
wabi-west-us-api.analysis.windows.net/public/reports/ Frame EAA3 1 KB
1 KB 174ms
173ms XHR
text/plain 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://wabi-west-us-api.analysis.windows.net/public/reports/querydata?synchronous=true

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0e97a1fef946a89421207fb5ab9a16bf34da0047ae891667c3c719de80ba0542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.powerbi.com/
X-PowerBI-ResourceKey: c74128e0-a47b-44c7-beda-0e31ec0f87cf
ActivityId: 579cdb2d-78a9-663e-35b0-c1bea92b02df
Content-Type: application/json;charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
RequestId: 838058b0-5059-13f4-f257-452c39df34eb

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 03 Sep 2021 12:59:36 GMT
X-PowerBI-Cache-Age: 3600
X-Frame-Options: deny
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
RequestId: a1256eda-7374-1e3a-07a8-9e5b35190a62
Cache-Control: no-store, must-revalidate, no-cache
Content-Length: 589
Access-Control-Expose-Headers: requestId,retry-after

POST
H/1.1 200
OK querydata Show response
wabi-west-us-api.analysis.windows.net/public/reports/ Frame EAA3 7 KB
3 KB 182ms
182ms XHR
text/plain 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://wabi-west-us-api.analysis.windows.net/public/reports/querydata?synchronous=true

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d2b9b123f4a223439aa81446337809eee5648366627157eaa047da4cd977dc0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.powerbi.com/
X-PowerBI-ResourceKey: c74128e0-a47b-44c7-beda-0e31ec0f87cf
ActivityId: 579cdb2d-78a9-663e-35b0-c1bea92b02df
Content-Type: application/json;charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
RequestId: 984a525b-7414-ecd7-cd34-bd07f19bec7b

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 03 Sep 2021 12:59:36 GMT
X-PowerBI-Cache-Age: 3600
X-Frame-Options: deny
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
RequestId: a1b335b8-9a88-53ae-34a5-2bbbe4534eb4
Cache-Control: no-store, must-revalidate, no-cache
Content-Length: 2441
Access-Control-Expose-Headers: requestId,retry-after

OPTIONS
H/1.1 200
OK querydata
wabi-west-us-api.analysis.windows.net/public/reports/ Frame 0
0 163ms
162ms Preflight 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wabi-west-us-api.analysis.windows.net/public/reports/querydata?synchronous=true
Protocol: HTTP/1.1
Server: 40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: activityid,content-type,requestid,x-powerbi-resourcekey
Origin: https://app.powerbi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Access-Control-Allow-Headers: activityid,content-type,requestid,x-powerbi-resourcekey
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Access-Control-Allow-Methods: POST
Date: Fri, 03 Sep 2021 12:59:36 GMT

OPTIONS
H/1.1 200
OK querydata
wabi-west-us-api.analysis.windows.net/public/reports/ Frame 0
0 163ms
163ms Preflight 40.112.167.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wabi-west-us-api.analysis.windows.net/public/reports/querydata?synchronous=true
Protocol: HTTP/1.1
Server: 40.112.167.140 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: activityid,content-type,requestid,x-powerbi-resourcekey
Origin: https://app.powerbi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Access-Control-Allow-Headers: activityid,content-type,requestid,x-powerbi-resourcekey
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Access-Control-Allow-Methods: POST
Date: Fri, 03 Sep 2021 12:59:36 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 18ms
18ms Preflight 13.69.65.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

13.69.65.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://app.powerbi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 03 Sep 2021 12:59:37 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ Frame EAA3 51 B
118 B 669ms
649ms XHR
application/json 13.69.65.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.aebd1d63f01f83cd7b01.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.65.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d88e1d9883dc5c232bc4789f64f558f2985ee7af3f2d9a4593697d7ce69ab863

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.powerbi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 6620FFC7-BDEC-4435-B8DF-10B644F03B0E
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 03 Sep 2021 12:59:37 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 51

GET
H2 200 n4kb4hdf3riw.js Show response
js.driftt.com/include/1630674000000/ 214 KB
61 KB 3246ms
144ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1630674000000/n4kb4hdf3riw.js

Requested by

Host: headspring.com
URL: https://headspring.com/insights/covid19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7282ef908a7bdfce5e95b9c068363d6dd16f0403cf4f63a55de9ec0be4ed482b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: BFjHNZSdu0NvcgXucG8FDW4ddjOFNOhj
content-encoding: gzip
etag: W/"764514d72ad982098eb63415923b97ee"
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 01 Sep 2021 20:13:50 GMT
server: nginx
date: Fri, 03 Sep 2021 12:59:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: easjV6DWQ1IibfMOunvt8_6mxqMAqVKa5xTnWV8F3_fQM_QF_-aNdQ==

GET
H2 200 core Show response
js.driftt.com/ Frame A1AB 2 KB
1 KB 204ms
202ms Document
text/html 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1630674000000/n4kb4hdf3riw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

bbf1a3192711c5e9bfece1d2cd0554f0f31895b071f8f9b76abf8c681c18b30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://headspring.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://headspring.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Wed, 01 Sep 2021 20:13:41 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: FJufVEHdo6c2bt28TGKQ5cGlYj19z9zR
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Fri, 03 Sep 2021 12:59:43 GMT
cache-control: no-cache
etag: W/"68d879b64cd73ec896a378fa9fdf825f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: oeddZKpU1A0_6x0lF_lO4-pRzG-x1zUoK9LqojF7U2DTCtqf2heAoQ==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame A705 2 KB
1 KB 131ms
128ms Document
text/html 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1630674000000/n4kb4hdf3riw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

bbf1a3192711c5e9bfece1d2cd0554f0f31895b071f8f9b76abf8c681c18b30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://headspring.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://headspring.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Wed, 01 Sep 2021 20:13:41 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: FJufVEHdo6c2bt28TGKQ5cGlYj19z9zR
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Fri, 03 Sep 2021 12:59:43 GMT
cache-control: no-cache
etag: W/"68d879b64cd73ec896a378fa9fdf825f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ZKJ1jGbe8v8TWpyU09azWEEZlutm0Y1ZaQP4JduyYQtQkOBs3shM-w==

GET
H2 200 runtime~main.705c68a4.js Show response
js.driftt.com/core/assets/js/ Frame A705 6 KB
3 KB 15ms
14ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

305f730c8b295e48aca94264e8d53a6bec1ef1452d44b722fc7d11d4a26ffd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 20:13:40 GMT
content-encoding: gzip
age: 146763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 01 Sep 2021 19:38:37 GMT
server: nginx
etag: W/"e35ad17d985d2a26525895691529c296"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KLVxN7.Dc1uAxPMk8qU2RsqO4_Bk6rd4
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eDMjcUTUhevYwPLCjr357yNZtF_Lu13CZmyLBfwRBv1RsOJZT-QBnw==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 58 KB
20 KB 22ms
20ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2395646
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xqvJLlDbiRUuI8AZ3Py9GaFhtVtKEzO1sevZfxRXTTTbqn0GVwIoJQ==

GET
H2 200 main~493df0b3.1e5e8324.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 6 KB
3 KB 22ms
21ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.1e5e8324.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f4e9fc9cb715061a768c38a333706476e1ca9fceb27e01dfcfdf8b188f66c6b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:09 GMT
server: nginx
etag: W/"820cfe69f4aac5422f87e3cb224a2121"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3cwKs.ecumrplOWKAtclmrytpqY5MXQF
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 17yIR4z6bYF82yg53ubThbhVsHbqIWB4XG6m5NPQZcd-ossDIQzl4w==

GET
H2 200 42.84f5886d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 44 KB
13 KB 17ms
16ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

031b647213e760a66f8632e236f8e5449e4ffe32193461a3eeeb04a0ff83ceeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:41:58 GMT
content-encoding: gzip
age: 3021465
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Jul 2021 13:31:10 GMT
server: nginx
etag: W/"3dff2faf78d282147690e292eb6987fa"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1YCzDLaWz5s9VmMBrNnONETxLHvnH5Mc
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5osRoQfz_eK-GLh8WnsDmwBOfxd3h9aRI-fKX_9wVHPlfOIk2-LIaQ==

GET
H2 200 17.8ed91048.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 44 KB
13 KB 17ms
17ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.8ed91048.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

016a2616d4f26aac16ee9bf5429f4eb175d7c63a22a8f30973d5a13b1b964178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"41277b8635c4131e3274bdd89ab78687"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1ptguM3hmWHC1W5wedfPZ7zpkq1CTOcu
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LERvGpb2BvdwVJxSnSmQe72NrcW9fNQyEO4c_61uEcKoiFKsowfdkA==

GET
H2 200 35.3e4eba7e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 25 KB
8 KB 17ms
16ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b1a0f364c9ad5137b5ab8e5237a825b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1I09NUqlw54C3qTPS3eShOaQpBS5lcLu
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DoVxaEp_CIv1gM1hJp_FB9-3IrzOYLY3lSuFJe-ACx6BaRTxAzT6Bw==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 16 KB
5 KB 18ms
17ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2395645
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xlhPp0sX4xrhfw7KJOYsYVdMo48WfsRjXG0yNfsql1IU0d3PGEj4vw==

GET
H2 200 18.a763e229.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 68 KB
21 KB 27ms
27ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.a763e229.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ba8269d9a47f982451ae9904fa15d92b98be5afa2a1dcc138534cbcc4178fb4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"afa0a2316bb36ab3f1d512fbcf4230a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cUJ338yvQkNktcoy7FlfmNTzqhitVL04
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dKndGncBR9qL1aQu_bEJ9klmmDSRo-3mYxMueqzCamGu7QTVRM1EZg==

GET
H2 200 32.04864e7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 16 KB
6 KB 27ms
26ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"3b6707d602c1f7d03c4c8b0bdecb8e4e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SPqSo.47y7907Wglh2zWsWSyACYHB_Zc
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NrTOCiXXsBmp9i-ixDBbDHuPG0nW817wqjQ5OgF-ngBBYMnw9T9LDA==

GET
H2 200 22.3cdbe392.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 59 KB
19 KB 36ms
36ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.3cdbe392.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2395645
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"7f2ec762df0bb02422b2b6a96490de86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y2Fsxlxg91.mo6q6kJR67dQNB9q9Qh.8
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SGC_7qbQDI16y2AqGbXLQBrbaJtSqwQANKtphSYxg482eGk0gm0GVQ==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 91 KB
28 KB 61ms
15ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2395645
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UOl6S4j5SMc3.AEsWYEwY54XYaImySKe
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3I-WjwiuGFv-i9ISFDSIIovrp7tLRmKPOkd3RtxDZC8DlKI5MHRgxw==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 23 KB
7 KB 101ms
48ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2395645
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sl4k_I1sYTNPb4HWKJr00yFPINy-NkLuJlRrKBRN5swYMOmXX7iC-w==

GET
H2 200 12.d1052a14.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 62 KB
19 KB 89ms
48ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d1052a14.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2395645
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"6f74e88fed60d2dd5a602a0de2bd8452"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _b0FYDX.3mAxA0VaBf8nhWaHS5Vbtsw1
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UoZBfo-DiugpF7aAk7q3fxYQ2RcJAVdF7pDaxLAN-CAlGvb_IUI_pw==

GET
H2 200 40.01f4f7b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 105 KB
34 KB 91ms
51ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:08 GMT
server: nginx
etag: W/"7dd9b27f83583b6d43567ed4b21eff8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9jXV8w0bWzHPQtgsCAjrFrN9PLNAN.Ap
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZD8EGNPjTERxYML8brlDXOjCPPZ99A7_vb4u4ohSNgFyRCK-gr4mrw==

GET
H2 200 33.c1910d43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 12 KB
4 KB 87ms
59ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"0e451f1cf9656229ccd33dfa3ad0638d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ocjv..MVaCaOGNo5kiC5l3ewWVKjMwbS
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0-oCEIjDiKSWF_H5eMxGLLrjsrp5tmAOfhiTuqhYNAWLbo8GwCeIag==

GET
H2 200 24.1ac10846.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 12 KB
5 KB 88ms
59ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1ac10846.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2395645
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"ed02b913ca7386c5bb0fab4ab1a2f1d9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ECrPa9YL6VZ.qrMe7G2XlZ51U2QcbWo3
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zdNE1LEL8SmFE45fyf9DioWUaSM47kauh_r_MGNoz7BhW-7fb9kzdA==

GET
H2 200 16.fab21cf4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 17 KB
7 KB 91ms
62ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b451093ecfaa012f364641010ed13346"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mlbxReFt8YmdLvOZ4ChXgFfj8NP88809
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CYDBkeaNV4koyFolky2uw0IccXc-IRAZKHYwwggrn9vdHDBozVpnCw==

GET
H2 200 7.e7855ffa.chunk.css
js.driftt.com/core/assets/css/ Frame A705 12 KB
3 KB 70ms
43ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.e7855ffa.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ddbff1fdf55f5fcc80d6eca42f3a2efb36b38f4ddd1eea47ce8a0ba437ac8247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 587018
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:20:59 GMT
server: nginx
etag: W/"7d15d8ca77c5224990008b95f855f068"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _KkaYuOVnNJgDqYnVHO6FMmLzVtkgHHQ
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FjuDTbSR5Ipme1CzksWOf_bd0MaLa5wyF97_7DNvtljDiWUA0snGMg==

GET
H2 200 7.5f15c86b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 70 KB
21 KB 95ms
60ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.5f15c86b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

3882de692094cbe01949b2074932fc8140bdedc0463ccaba28ac716dc879a2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 587018
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:21:03 GMT
server: nginx
etag: W/"5abc47dd682454e7eaa8a9697861ba70"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sRtow.05xocY2vUhSt2D1jM26g4zZODt
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2ri89RmFZ2Pxoh3od6Q7jQfNgLRjLVvFg13tkCgX2vvnIvubm-ZlBw==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame A705 24 B
666 B 72ms
45ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
age: 2395645
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EWbe5ir4XUiG8o72Z7WW3g0WZayeT7aaJdjgj8dOxylBubMKbC2x-w==

GET
H2 200 14.b4ccdf18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 71 KB
18 KB 96ms
61ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.b4ccdf18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1023d4044fb43e5eca4b3f7276d300b31b09ffd2d106fd96e78534ab3c6f886e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"424156efc8454352aa8b7daf6bc6ca05"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sGHlTmngusT7LOeN3EpKReX1CqmbKC3O
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Pprc0LjEueaF8UtwC3WodryOc2smUM-AEfRckVLnUrVpK-pt8SFDqQ==

GET
H2 200 21.5f138501.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 44 KB
12 KB 97ms
62ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.5f138501.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

79f0578ae714ea9184cbdddaeb391f7e52929f98c8c2d6bc86607e2449851de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"58960a5a7cc2dd275821cbade59c2642"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mHy4AJ1q2Jt6ogEPCK7CSfxlNrjqSNCn
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iTESoCRLSt0fKvvXCPKw5XPoPkwu9CqI3qJf4VsVkzCpFgom7mYYJg==

GET
H2 200 13.b505ad67.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 37 KB
12 KB 106ms
70ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.b505ad67.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

cc5422156c4d944bebbf811a42bba1df6b4564a4bf4273c3ab4f81432bc7a9db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 20:13:40 GMT
content-encoding: gzip
age: 146763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 01 Sep 2021 19:38:34 GMT
server: nginx
etag: W/"58eb2e21d2a7fac9e2f5785bc7d32828"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .bhsPgE048q_akWBCYwaZitc_LXhpvjW
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4E__H0V-5IcRto4um0GIEgUoinR_0ct83RBWMuLDVkVP0IqfDsw3kA==

GET
H2 200 runtime~main.705c68a4.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 6 KB
3 KB 100ms
2ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

305f730c8b295e48aca94264e8d53a6bec1ef1452d44b722fc7d11d4a26ffd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 20:13:40 GMT
content-encoding: gzip
age: 146763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 01 Sep 2021 19:38:37 GMT
server: nginx
etag: W/"e35ad17d985d2a26525895691529c296"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KLVxN7.Dc1uAxPMk8qU2RsqO4_Bk6rd4
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fA8VFQwOl-2Up8sjfLT-Zwxs7ZpjG-4fNof2Dde3K7ty4dyU-6V_Gw==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 58 KB
20 KB 68ms
18ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2395646
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: F3LFemYBgZy4Z46LJBRmFB3ecOIRNeZHoHnqAr2ejkxIok7AOehFHg==

GET
H2 200 main~493df0b3.1e5e8324.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 6 KB
3 KB 69ms
19ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.1e5e8324.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f4e9fc9cb715061a768c38a333706476e1ca9fceb27e01dfcfdf8b188f66c6b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:09 GMT
server: nginx
etag: W/"820cfe69f4aac5422f87e3cb224a2121"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3cwKs.ecumrplOWKAtclmrytpqY5MXQF
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: g0dCAk4WpjOgQLO3BXHT8a2oGxBfuKeSHZk5FhqWJtUpph4AXWwDGg==

POST
H/1.1 200
OK / Show response
sentry.io/api/1485028/envelope/ Frame A705 2 B
403 B 482ms
114ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1485028/envelope/?sentry_key=6a7024aa4c6a4c4d9a797440877237b2&sentry_version=7

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 03 Sep 2021 12:59:43 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://js.driftt.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 30.e776e5b0.chunk.css
js.driftt.com/core/assets/css/ Frame A705 6 KB
1 KB 20ms
17ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.e776e5b0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:29:47 GMT
content-encoding: gzip
age: 5693396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 29 Jun 2021 15:10:44 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fetckuyHy7tVJ3YvictsA_agqEVkirdd
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uHHb3_e-VYcwDBFlZwOYpwXPTbSOK9qfePqsSk2iXn6XkF62sRrtiA==

GET
H2 200 30.894b0c48.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 2 KB
2 KB 20ms
13ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.894b0c48.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a231b7235698f95d9b3e38e7daf30c555e81423432a2b2b867a2cf844a5c8517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"a4c169519747a3283936a635381e7676"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oTk.1igsNjrA3psg1hKGFNuJF2l7cLg8
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6qYtlLMk0YcFzEUdlMPWrMMFnXVib2jkou7psrEhIYHRNPVZvPydTQ==

GET
H2 200 42.84f5886d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 44 KB
13 KB 14ms
14ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

031b647213e760a66f8632e236f8e5449e4ffe32193461a3eeeb04a0ff83ceeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:41:58 GMT
content-encoding: gzip
age: 3021465
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Jul 2021 13:31:10 GMT
server: nginx
etag: W/"3dff2faf78d282147690e292eb6987fa"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1YCzDLaWz5s9VmMBrNnONETxLHvnH5Mc
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dsWo-2rEEl8CBO5B3qB5Yd00siEyZTcQeazvSibNenc2ru3FfwiwKA==

GET
H2 200 17.8ed91048.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 44 KB
13 KB 15ms
14ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.8ed91048.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

016a2616d4f26aac16ee9bf5429f4eb175d7c63a22a8f30973d5a13b1b964178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"41277b8635c4131e3274bdd89ab78687"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1ptguM3hmWHC1W5wedfPZ7zpkq1CTOcu
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CU5b9fWnGRGUvbP3FMzDMOmFLzZVusdLXmo2gNDvwaxe5G6f2bKBuA==

GET
H2 200 35.3e4eba7e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 25 KB
8 KB 14ms
13ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b1a0f364c9ad5137b5ab8e5237a825b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1I09NUqlw54C3qTPS3eShOaQpBS5lcLu
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OAPCNmfI4HcvsRf0DK2UWnbJjUE0Af2IlXj3lIDY_KgTVe3W-U7o-w==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 16 KB
5 KB 14ms
14ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2395645
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: w8R6TK7t3wc9pRWvd0VT667T82uNlm8DQrENUXT8yXnrRm2SImonYw==

GET
H2 200 18.a763e229.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 68 KB
21 KB 15ms
15ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.a763e229.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ba8269d9a47f982451ae9904fa15d92b98be5afa2a1dcc138534cbcc4178fb4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"afa0a2316bb36ab3f1d512fbcf4230a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cUJ338yvQkNktcoy7FlfmNTzqhitVL04
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9wX4MvlV_kgE9UC-Ji21mVdoCdYsXkXGVlpKf_FLN-AiQBK73g2C2g==

GET
H2 200 32.04864e7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 16 KB
6 KB 16ms
14ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"3b6707d602c1f7d03c4c8b0bdecb8e4e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SPqSo.47y7907Wglh2zWsWSyACYHB_Zc
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kMx-YEonzi7i1z2Xt7nxZI1Usi1eHAwlkJ8VBrtRveg8D4wSpbfwvw==

GET
H2 200 22.3cdbe392.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 59 KB
19 KB 15ms
14ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.3cdbe392.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2395645
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"7f2ec762df0bb02422b2b6a96490de86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y2Fsxlxg91.mo6q6kJR67dQNB9q9Qh.8
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ARwoPkeeXE9e6T8ImCZIghZLo_nTVfnxpPtRY4eXJLpk3nyCVxWNzA==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 91 KB
28 KB 16ms
15ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2395645
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UOl6S4j5SMc3.AEsWYEwY54XYaImySKe
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Bg9y6VhzQE_6X-ObMCyuN8_kA_vcwYZLN4Gj0sMW_Eon_yZhMmqGyw==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 23 KB
7 KB 17ms
15ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2395645
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: utyIS_e96AkcGx772yWmxgUGTVu2uiA6swh83s_quSZfD3frHJiyIw==

GET
H2 200 12.d1052a14.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 62 KB
19 KB 17ms
15ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d1052a14.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2395645
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"6f74e88fed60d2dd5a602a0de2bd8452"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _b0FYDX.3mAxA0VaBf8nhWaHS5Vbtsw1
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N9Hn5BAUOEohvg05HaP33FHYanZadnXZoIOT0OIM054QGmFm6grAFw==

GET
H2 200 40.01f4f7b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 105 KB
34 KB 17ms
16ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:08 GMT
server: nginx
etag: W/"7dd9b27f83583b6d43567ed4b21eff8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9jXV8w0bWzHPQtgsCAjrFrN9PLNAN.Ap
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EvVaZwEI2bjD5mEOSWaKincfTs7C7yrp6TJwSYygpuH4goarndWZNw==

GET
H2 200 33.c1910d43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 12 KB
4 KB 38ms
13ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"0e451f1cf9656229ccd33dfa3ad0638d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ocjv..MVaCaOGNo5kiC5l3ewWVKjMwbS
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eE_TkvmtuDjY2qX309YgqaQnC7CWlRacox0R0TPr3LeIaBc1nC1STw==

GET
H2 200 24.1ac10846.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 12 KB
5 KB 37ms
28ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1ac10846.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2395645
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"ed02b913ca7386c5bb0fab4ab1a2f1d9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ECrPa9YL6VZ.qrMe7G2XlZ51U2QcbWo3
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MwUiOeGk4y4hfMl40Ba9dnmCfx9o3BeAgkt23uIIMyEKnFow1zx2dA==

GET
H2 200 16.fab21cf4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 17 KB
7 KB 33ms
28ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b451093ecfaa012f364641010ed13346"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mlbxReFt8YmdLvOZ4ChXgFfj8NP88809
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o0-p9RUdVQwmzVEs4MMYyrtiUDOdsVNFGBBTRCf0wo3vFm3pjkNAfw==

GET
H2 200 7.e7855ffa.chunk.css
js.driftt.com/core/assets/css/ Frame A1AB 12 KB
3 KB 33ms
29ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.e7855ffa.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ddbff1fdf55f5fcc80d6eca42f3a2efb36b38f4ddd1eea47ce8a0ba437ac8247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 587018
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:20:59 GMT
server: nginx
etag: W/"7d15d8ca77c5224990008b95f855f068"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _KkaYuOVnNJgDqYnVHO6FMmLzVtkgHHQ
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q8zcHwRlK125cuaq8zCe7HhL6QNHRUbuAlFEuNu9p0GQ1VBhBz2mVQ==

GET
H2 200 7.5f15c86b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 70 KB
21 KB 40ms
37ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.5f15c86b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

3882de692094cbe01949b2074932fc8140bdedc0463ccaba28ac716dc879a2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 587018
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:21:03 GMT
server: nginx
etag: W/"5abc47dd682454e7eaa8a9697861ba70"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sRtow.05xocY2vUhSt2D1jM26g4zZODt
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BVftPnMHTcCZJRiq74uzB0noFIUikRnYMU_0UJdKoDn-Ymlrsm0hug==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame A1AB 24 B
667 B 41ms
37ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
age: 2395645
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: g91AS1erxcxPkwbS-TqZ2edZXb_bkuGhZCId6g8wRrDy7aXk4BYnbQ==

GET
H2 200 14.b4ccdf18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 71 KB
18 KB 68ms
27ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.b4ccdf18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1023d4044fb43e5eca4b3f7276d300b31b09ffd2d106fd96e78534ab3c6f886e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"424156efc8454352aa8b7daf6bc6ca05"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sGHlTmngusT7LOeN3EpKReX1CqmbKC3O
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JrGcbGAKobb6klIV2PRJd5gMwq28n2ip37FF4MOm939dZ3knwQ4Smw==

GET
H2 200 21.5f138501.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 44 KB
12 KB 66ms
28ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.5f138501.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

79f0578ae714ea9184cbdddaeb391f7e52929f98c8c2d6bc86607e2449851de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 931886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"58960a5a7cc2dd275821cbade59c2642"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mHy4AJ1q2Jt6ogEPCK7CSfxlNrjqSNCn
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iX8CNrj72hwOC_69yVGcQLsgMRCSmyM3-aqhDnb0V4sGJjuweYQb1w==

GET
H2 200 13.b505ad67.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 37 KB
12 KB 66ms
28ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.b505ad67.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

cc5422156c4d944bebbf811a42bba1df6b4564a4bf4273c3ab4f81432bc7a9db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 20:13:40 GMT
content-encoding: gzip
age: 146763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 01 Sep 2021 19:38:34 GMT
server: nginx
etag: W/"58eb2e21d2a7fac9e2f5785bc7d32828"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .bhsPgE048q_akWBCYwaZitc_LXhpvjW
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: w1GhaRLhDIY4jKo_yh5nwWJlxC3sf-_whBr8uY3-RNuTJrKfTZviBw==

GET
H2 200 1.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame A705 7 KB
2 KB 36ms
36ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 4986902
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hdWMgNKvLwZcep5QH7m9bqoRE1.SuP2b
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qAwQ4JthAsyCaaPnc7VziNDhf-44LbIEBm6rGa94rZB2nFNS7HXccg==

GET
H2 200 1.187c50a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 54 KB
16 KB 36ms
36ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.187c50a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 2581362
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:23:59 GMT
server: nginx
etag: W/"eeccccb655ee3b6bcb8b1a9b1da4fd30"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .bVTg0MSlE6rXjintZc.g75plFKA2.sd
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Rk0_cpGsirwfcro5iDRyWLCbvhd6aR2iJdC2OSdXMCl9hUnrti9mtA==

GET
H2 200 0.74cb0a00.chunk.css
js.driftt.com/core/assets/css/ Frame A705 40 KB
7 KB 36ms
31ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/0.74cb0a00.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c71b0d1355ffa5efb6aff3b44f79210e14a04129b946efa39c9f1e3cd546325c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:36:35 GMT
content-encoding: gzip
age: 1275788
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 19 Aug 2021 17:56:35 GMT
server: nginx
etag: W/"1f6bbf72b2bba8102c81383a03c695a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Lf8x9tVb3mMVaREwOaIaliehk9zjSTkv
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nfziQplJfO-FJw5QjqnKOn99BekIc6DRgUF4CdBo8xiYUw1HhfV1uQ==

GET
H2 200 0.30fd7e2d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 64 KB
21 KB 27ms
26ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.30fd7e2d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d7bf7be35bcff4114c5a7a58bdecd2f4d1ce132078400f2ca432c8aa25dd752f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 14:02:38 GMT
content-encoding: gzip
age: 169025
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 01 Sep 2021 13:29:46 GMT
server: nginx
etag: W/"a3f96ac596787009daffbd47078877d9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: WGDMIAk98VhIskHqLxXeVtapzr_MzNcY
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: U5QnP2F2ZPIK9xgqD7UVdIHPWG8hpiqncjDypvFoWIgctU9k7HcipQ==

GET
H2 200 28.a35d8593.chunk.css
js.driftt.com/core/assets/css/ Frame A705 11 KB
3 KB 53ms
15ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.a35d8593.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

561b202ea8a3cd9cf4878e88b0607b78016f428087923cc32472d578218d5e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 587018
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:20:59 GMT
server: nginx
etag: W/"4e87789253b9d2feb20461043b23122f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: J1sEuldtMhnAnjgvjFcK0h4LMaWYJ2d9
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -oGX6u6F087B6w2MwwSPCG0UnFzFW6wpetQYVPQqOuwYilNVsFwOXQ==

GET
H2 200 28.d0089933.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 11 KB
5 KB 40ms
16ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.d0089933.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ac1c8225921a5d51ebf3d57cdf0449ab5b1f71039a37f7ecdad91468898cf3f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 587018
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:21:01 GMT
server: nginx
etag: W/"d9e851b50127b10b204b0f79d15533f2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XjjgSKGQEYhM5JqvRcX5_IaTyN3lOYKH
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jY2u1YyFueng9edERsp9tqavrbb4iimmdHzXdvhJUkj8qiUi_1UdHw==

POST
H/1.1 429
Too Many Requests / Show response
sentry.io/api/1485028/envelope/ Frame A1AB 3 B
210 B 210ms
111ms Fetch
text/plain 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.io/api/1485028/envelope/?sentry_key=6a7024aa4c6a4c4d9a797440877237b2&sentry_version=7
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 15.42.188.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 03 Sep 2021 12:59:44 GMT
Server: nginx
Connection: keep-alive
ETag: "60e36fbf-3"
Content-Length: 3
Content-Type: text/plain

GET
H2 200 20.2c0861e6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 44 KB
13 KB 18ms
17ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2c0861e6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

333ecde0d151fc74b510fff0433a0b40dbef50234eb79451830501869dd7233c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 2581362
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"c767d19b675d51ecfc93c77b8fa0f24d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: U7TgEocsNTUyqtvAMfmAhBAaJWnrpVQx
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jPGA1Fqagp1qBTnwDZtSjSci6wgIucUDk6Q8bAy041uZOXlQB0qhxA==

GET
H2 200 19.4751f621.chunk.css
js.driftt.com/core/assets/css/ Frame A1AB 8 KB
2 KB 16ms
15ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.4751f621.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f57c4be503d6f4ba9a0ca03dfcfc87094c35c51887a25669d84fbc5e5e701fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 2581362
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:23:58 GMT
server: nginx
etag: W/"029a883905ad20930f71f89ac0560a17"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: N8v6pXkvkC2.KU.VFYkzepuu6NKNvxQ0
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0E5IwS62hIjW9KQmTyLGTCOQL1Wvpz6UUxIRTRdaipiQkKyozEGQhA==

GET
H2 200 19.bf02f73a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 15 KB
6 KB 18ms
17ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.bf02f73a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5a66097ab1b0a08627fb4c25b39785a44a7622539a4932e59c2b6dd4863c4195

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 587018
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:21:01 GMT
server: nginx
etag: W/"16130d365bf1313e1b55e8c473320c2a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kxd.bV6p5iQ2.ElwcZTXLyqiyDk8nGqJ
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YGob6HBlEmjlNM5KUh5MVMsIsbrF0K37pMBQ5DCxuxzGE51VtThOxw==

GET
H2 200 26.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame A1AB 365 B
1008 B 17ms
16ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/26.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:18 GMT
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
age: 2395645
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _znxfoUn6UUBgSii2qRzwRRP.d4zXKBH
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l9aq_YN1WhpceWtLDtKyKoR56aLtTjXX1CCsn1vcaJn8AX9sz5dOYA==

GET
H2 200 26.ec719ba7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 77 KB
21 KB 20ms
19ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.ec719ba7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b0085f0451431dc24f53f1b6d318c8130ca17b39879631afedd0fcf7e10a142f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 17:38:26 GMT
content-encoding: gzip
age: 328877
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:07:36 GMT
server: nginx
etag: W/"9dea6480edb52074c2869822a4d8284f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SWOJ9QCOqp4ZNB3qsU73ps1G94BQ2F9e
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N1Zlg8oSaSzlUrpXPUPAwyxZ4IAmXg9HBopH6B1bEBa3jxN2zAbvgQ==

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 325ms
105ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 03 Sep 2021 12:59:44 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift021e96c49fd8b2a215ba5544639
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame A1AB 25 B
123 B 117ms
116ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Sep 2021 12:59:44 GMT
server: istio-envoy
requestid: 342da14ee81b3c93
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 css
fonts.googleapis.com/ Frame A1AB 4 KB
729 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/13.b505ad67.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Sep 2021 11:32:13 GMT
server: ESF
date: Fri, 03 Sep 2021 12:59:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Sep 2021 12:59:44 GMT

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame A1AB 103 B
199 B 109ms
108ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

34ca656b68868b2f22dc99b824404e697d112ee6e44a5d047666e88f02ce9bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Sep 2021 12:59:44 GMT
server: istio-envoy
requestid: 29fd73e1c64ce007
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 103
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 327ms
102ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 03 Sep 2021 12:59:44 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftdec7f584b1591acf1bed110ec84
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 n4kb4hdf3riw.json Show response
embeds.driftcdn.com/embeds/ Frame A1AB 30 KB
7 KB 515ms
449ms XHR
application/json 18.66.97.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/n4kb4hdf3riw.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 600b9f08dccb128bd501fb3d9331f20a898860be424d11978b2a093d28029f49

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:45 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 26 Aug 2021 18:13:03 GMT
server: AmazonS3
etag: W/"7dff1c3f915ae4fb92ffc2b761e89571"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 0baa339c02d06988c65d8623d1b3c6ed.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: -ZIeI4C5CY5makdl0UfNJw5xxoCuKTHXCm5c4EG2_EuMUjG6yMvXfQ==

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame A1AB 3 KB
2 KB 726ms
725ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

3573ab01d7d389e4ffac0475f5844615f8af685567239b953d651e0bc41b342e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Sep 2021 12:59:45 GMT
content-encoding: gzip
server: istio-envoy
requestid: aaac5cb7ceaad11f
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 626
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1694
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 n4kb4hdf3riw Show response
targeting.api.drift.com/hours/availability/combined/ Frame A1AB 41 B
104 B 129ms
129ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/n4kb4hdf3riw

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

a9885038c50d2ae4af29f5089c02051b3c87caccc4d8e42b4fe56208c16478ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTIwMDU1MDIwMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzOTc3NDMiLCJleHAiOjE2NjIyMDk5ODUsImlhdCI6MTYzMDY3Mzk4NX0.ROuXpLgU8eB8jlL8F9RETYF98Qkq0Xp66IFeDzv6ktfVJ8d3Xmb-iTPTHBHjTHnwN3X424qg8w6Fc6KDohrxgA

Response headers

date: Fri, 03 Sep 2021 12:59:45 GMT
server: istio-envoy
requestid: 65a1d786ce9db4d3
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 29
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 41
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 track Show response
event.api.drift.com/ Frame A1AB 562 B
989 B 100ms
99ms XHR
application/json 54.172.114.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.114.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-114-57.compute-1.amazonaws.com

Software

Resource Hash

1b800f8f2d338e87c19b8cf6e06d803a8b18ac59197e5e0a9bbf65cb47b048c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTIwMDU1MDIwMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzOTc3NDMiLCJleHAiOjE2NjIyMDk5ODUsImlhdCI6MTYzMDY3Mzk4NX0.ROuXpLgU8eB8jlL8F9RETYF98Qkq0Xp66IFeDzv6ktfVJ8d3Xmb-iTPTHBHjTHnwN3X424qg8w6Fc6KDohrxgA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Sep 2021 12:59:46 GMT
requestid: 757c25f04666073f
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 562

GET
H2 200 47.493f75a6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1AB 17 KB
6 KB 15ms
15ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.493f75a6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e3c897c83c8dbcb7bfccabf79d0e1e8a6ce04b45d06a39b0357cc0de55402b6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n4kb4hdf3riw&region=US&forceShow=false&skipCampaigns=false&sessionId=200a89f4-580c-4676-bc18-8219514a48ad&sessionStarted=1630673983.052&campaignRefreshToken=2b0d0993-cb5c-4a9a-842c-60777acb1247&hideController=false&pageLoadStartTime=1630673971848&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:18 GMT
content-encoding: gzip
age: 931887
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:08 GMT
server: nginx
etag: W/"a5cb3268e41c0f3a5553cd123f8e0254"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ae2nFEWqvwri2dPh_vbT.sH73JIri897
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: a8di89ipWou8kUepVZmTRdFJIgY3a-vpsHsXr89tmgnFqMN1OjhP5w==

GET
H2 200 47.493f75a6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A705 17 KB
6 KB 15ms
14ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.493f75a6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.705c68a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e3c897c83c8dbcb7bfccabf79d0e1e8a6ce04b45d06a39b0357cc0de55402b6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630673971848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:18 GMT
content-encoding: gzip
age: 931887
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:08 GMT
server: nginx
etag: W/"a5cb3268e41c0f3a5553cd123f8e0254"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ae2nFEWqvwri2dPh_vbT.sH73JIri897
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kH-WwZkUeFo-i1ygBN_v6KwkwRUXpBYa0ehhVmff4oah3903MIdFCw==

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame A1AB 25 B
88 B 112ms
112ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTIwMDU1MDIwMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzOTc3NDMiLCJleHAiOjE2NjIyMDk5ODUsImlhdCI6MTYzMDY3Mzk4NX0.ROuXpLgU8eB8jlL8F9RETYF98Qkq0Xp66IFeDzv6ktfVJ8d3Xmb-iTPTHBHjTHnwN3X424qg8w6Fc6KDohrxgA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Sep 2021 12:59:46 GMT
server: istio-envoy
requestid: 453473f93f16d03f
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 n4kb4hdf3riw
targeting.api.drift.com/hours/availability/combined/ Frame 0
0 102ms
100ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/n4kb4hdf3riw

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 03 Sep 2021 12:59:45 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: HEAD,GET,OPTIONS
requestid: drift198ebf140fc8afad91c29cd5b2b
content-length: 18
x-envoy-upstream-service-time: 1
server: istio-envoy

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 313ms
100ms Preflight
text/plain 54.172.114.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Server

54.172.114.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-114-57.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 03 Sep 2021 12:59:46 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: driftbffd2314dae883d7549b0323883

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 102ms
101ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 03 Sep 2021 12:59:46 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift0a4574e4f108cb56fec1e1672ff
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 css
fonts.googleapis.com/ Frame A705 4 KB
752 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/13.b505ad67.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Sep 2021 11:41:17 GMT
server: ESF
date: Fri, 03 Sep 2021 12:59:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Sep 2021 12:59:46 GMT

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame A1AB 764 B
399 B 103ms
103ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

3a956acbf0f2f0bed50670a61a3a5cdef2c1e5de7c313da6391156111555fca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTIwMDU1MDIwMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzOTc3NDMiLCJleHAiOjE2NjIyMDk5ODUsImlhdCI6MTYzMDY3Mzk4NX0.ROuXpLgU8eB8jlL8F9RETYF98Qkq0Xp66IFeDzv6ktfVJ8d3Xmb-iTPTHBHjTHnwN3X424qg8w6Fc6KDohrxgA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Sep 2021 12:59:46 GMT
content-encoding: gzip
server: istio-envoy
requestid: a9951334d37fbfe3
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 338
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 101ms
101ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 03 Sep 2021 12:59:46 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift28699e743d38ae85a27dbcdd7c9
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ Frame A705 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 08:52:43 GMT
x-content-type-options: nosniff
age: 533223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 08:52:43 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ Frame A705 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 08:00:30 GMT
x-content-type-options: nosniff
age: 17956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 08:00:30 GMT

POST
H2 200 render_initial_v3 Show response
flow.api.drift.com/flows/ Frame A1AB 3 KB
2 KB 131ms
131ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial_v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

b13535f58c2231201ae8bcc94b792358bd5e5d55b19498f31798ffbf7b30d9bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTIwMDU1MDIwMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzOTc3NDMiLCJleHAiOjE2NjIyMDk5ODUsImlhdCI6MTYzMDY3Mzk4NX0.ROuXpLgU8eB8jlL8F9RETYF98Qkq0Xp66IFeDzv6ktfVJ8d3Xmb-iTPTHBHjTHnwN3X424qg8w6Fc6KDohrxgA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Sep 2021 12:59:46 GMT
content-encoding: gzip
server: istio-envoy
requestid: fa6ff3cae786aee
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 30
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1937
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 render_initial_v3
flow.api.drift.com/flows/ Frame 0
0 120ms
102ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial_v3

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 03 Sep 2021 12:59:46 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift67063d34cdca0eed1707981a420
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame A1AB 0
37 B 109ms
108ms XHR
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTIwMDU1MDIwMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzOTc3NDMiLCJleHAiOjE2NjIyMDk5ODUsImlhdCI6MTYzMDY3Mzk4NX0.ROuXpLgU8eB8jlL8F9RETYF98Qkq0Xp66IFeDzv6ktfVJ8d3Xmb-iTPTHBHjTHnwN3X424qg8w6Fc6KDohrxgA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Sep 2021 12:59:46 GMT
server: istio-envoy
requestid: 8ea0113ee2153de7
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 8
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 100ms
100ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 03 Sep 2021 12:59:46 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift3ee293940bea6d3fafe95a8ed10
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F1986765%252F43d58f63061c5cc9ed5e500e5d7c87fbix9zcbr5tmk4%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w...
driftt.imgix.net/ Frame A1AB 4 KB
1 KB 29ms
7ms Image
image/svg+xml 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F1986765%252F43d58f63061c5cc9ed5e500e5d7c87fbix9zcbr5tmk4%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D5652e98fb0b695970340569cf6ca62b5?fit=max&fm=png&h=200&w=200&s=d5c402d28e62cdb368b63cae74fdb650

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

4f0cc9cb5ab4c1a72c14dbd50f525391966943c5ea84c55ebf55bc90fd4bbc11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
age: 1055991
x-cache: MISS, HIT, HIT
x-imgix-id: 120c9f2258c494ee8dfae5a41d5041f85964d266
content-length: 1176
x-served-by: cache-sjc10039-SJC, cache-sjc10048-SJC, cache-fra19125-FRA
last-modified: Fri, 12 Jun 2020 15:32:18 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ Frame A1AB 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 08:52:43 GMT
x-content-type-options: nosniff
age: 533223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 08:52:43 GMT

GET
H2 200 4.7e67eece.chunk.js Show response
js.driftt.com/conductor/assets/ 158 B
823 B 15ms
15ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/conductor/assets/4.7e67eece.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1630674000000/n4kb4hdf3riw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7060ccc4a800448d37027d5c6beb0084ad19061feb48a523e29ea1b7dbc1ae3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://headspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 19:13:12 GMT
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
age: 4038394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 158
last-modified: Fri, 16 Jul 2021 14:40:35 GMT
server: nginx
etag: "807a90e9d6c19e174f5905b1d130989a"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ZvBIZeyXAm1q_4HZ9TAEOIAqb.wEU0hE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Pbt_lGaU64fsJUwCMM8MDhblbzjQpfmn0rRurdZZmLqB48LAn1gjuw==

GET
H2 206 notification.d46d7db1.mp3
js.driftt.com/conductor/assets/media/ 20 KB
21 KB 20ms
15ms Media
audio/mpeg 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/conductor/assets/media/notification.d46d7db1.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ad80ac33ed04b4e6d78167b4162ecd3d2e8c29d17b43eb3df1f35b216b2ac5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://headspring.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 06 Jun 2021 14:32:50 GMT
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
age: 7684016
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-20896/20897
Content-Length: 20897
last-modified: Fri, 04 Jun 2021 17:53:43 GMT
server: nginx
etag: "d46d7db110874da77e094dcbc4bec8e6"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: U7flhdfKr0QXHG9OA6yGb8wuwdVVzMpn
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: audio/mpeg
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XO6BQYU_OZM2MnkmwH-5TB5gVVTSeDAkizU6Nqc3LU_R7091-OfWOQ==

POST bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame A1AB 0
0

OPTIONS bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=T1wCb9qe8BkOsY4v&docid=ns6mbaDakOI&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fheadspring.com%2F&lact=315&cl=394097881&mos=0&volume=100&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210831.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&hl=en_US&cr=DE&len=1504&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24058363%2C24080738%2C24082662%2C24095952&muted=0&vis=3

Domain: metrics.api.drift.com
URL: https://metrics.api.drift.com/monitoring/metrics/add/bulk

Domain: metrics.api.drift.com
URL: https://metrics.api.drift.com/monitoring/metrics/add/bulk

Verdicts & Comments Add Verdict or Comment

280 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.app.powerbi.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 8709cede3dff6cc96c3687614f6f6d07d26f1b7354152bf58fb5a84fbfd96a8a

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://headspring.com/insights/covid19/(Line 905) Message: NOT home
console-api	log	URL: https://headspring.com/insights/covid19/(Line 923) Message: initMunchkin() : 452-XUA-690
console-api	log	URL: https://headspring.com/insights/covid19/(Line 859) Message: initMarketo()
console-api	log	URL: https://headspring.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	info	URL: https://js.driftt.com/core/assets/js/17.8ed91048.chunk.js(Line 1) Message: DRIFT_WIDGET:: widget_core:bootstrap_api finished in 729.4000015258789 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abrtp2-cdn.marketo.com
abrtp2.marketo.com
app-ab23.marketo.com
app.powerbi.com
app.salesloft.com
bat.bing.com
bootstrap.api.drift.com
click.api.drift.com
content.powerapps.com
dc.services.visualstudio.com
driftt.imgix.net
embeds.driftcdn.com
event.api.drift.com
flow.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
headspring.com
i.ytimg.com
js.driftt.com
metrics.api.drift.com
munchkin.marketo.net
pbivisuals.powerbi.com
rtp-static.marketo.com
salesloft.headspring.com
sentry.io
static.doubleclick.net
stats.g.doubleclick.net
targeting.api.drift.com
unpkg.com
wabi-west-us-api.analysis.windows.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
metrics.api.drift.com
www.youtube.com
104.111.216.226
104.111.234.67
104.154.24.231
104.16.95.80
13.69.65.22
142.250.186.98
143.204.98.111
18.66.97.66
192.28.155.3
20.74.143.203
2606:4700::6810:7eaf
2620:1ec:bdf::63
2620:1ec:c11::200
2a00:1450:4001:802::2004
2a00:1450:4001:802::2016
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2016
2a00:1450:4001:810::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2006
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c06::9c
2a04:4e42:3::720
35.188.42.15
40.112.167.140
50.16.7.188
54.147.21.139
54.172.114.57
54.205.236.172
54.235.103.212
54.81.246.26
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
01143553a9cd827ef0285bc7940624a98a437c130a76435ba150f8fda3cbb58a
016a2616d4f26aac16ee9bf5429f4eb175d7c63a22a8f30973d5a13b1b964178
026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
031b647213e760a66f8632e236f8e5449e4ffe32193461a3eeeb04a0ff83ceeb
0404017b5189af6fc7ff18b50e7716bcf70d043cb64592e6fac30635cb0a9438
04f30b537f572f1f6b0e88a9f9da536cd477690469fb287f1296a3d7d2066ca4
056bda7125c8c4f48e75479498b37cdf78e30f925a728799115d6f3b8ca65d56
06249a1253df8a3bd62df6e67412661ea847bdc9442aca696df7686f41b56b03
07764dc942095349472878a43e7c67438536144dd3fe3897bd8431fa9e32721b
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0e97a1fef946a89421207fb5ab9a16bf34da0047ae891667c3c719de80ba0542
1023d4044fb43e5eca4b3f7276d300b31b09ffd2d106fd96e78534ab3c6f886e
1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2
17b93391b9920aedeb261aa868e08f105fb76c5e1949c37f997f5f9b71fd16f4
1aca309a89d8b5fc970133e55d883d9ec34e503730bfb8dd0d87493351a7784e
1b7ad7df60b63c377ed1f2f3fd7ee767ff2cbb9f2c0d0a8f9246a3bb0e3f3880
1b800f8f2d338e87c19b8cf6e06d803a8b18ac59197e5e0a9bbf65cb47b048c9
205988b80eeedc442aa4ba78fd4bda5b1b139415f3dc88043fc73adcd71cbae2
2299c6d7700abf43e5774fb4656903739712476c68d816ae589584425919b4a8
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43
278cd45917f5fee0e5710b34f2c03a3652544fe5a6ccea56cbbd0bd7324bf5e7
292c45f06be415aea369a7167a85f462a26547f1e6020a3610f91685a844daa2
29a94eec1df373317c85dfd9a77bd86e3ed4f464e6f2afb6e09d33fa22d75e84
2dc22e35257d6b454f77ac9aab2601e5f6f093f11a3887b46439f002a970475e
2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58
2ecdc934cc5386adcf01b71ed2258312a791864265f43357e2cde98df1bb7a34
305f730c8b295e48aca94264e8d53a6bec1ef1452d44b722fc7d11d4a26ffd7f
309c0b5d3b1a01345df29ea274e975ae077b5f175ea3919439fa8c82310205de
330c91bbaecf032057c69625eb1af60c0cf4b5544d01ee07119c256f7cec358a
333ecde0d151fc74b510fff0433a0b40dbef50234eb79451830501869dd7233c
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a
34ca656b68868b2f22dc99b824404e697d112ee6e44a5d047666e88f02ce9bb7
3573ab01d7d389e4ffac0475f5844615f8af685567239b953d651e0bc41b342e
35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31
36063320f45f2679bbb1cdd95d3f7e4ca40fdce71e52cc03f7f4618bf0ced47c
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
3859434608f281a7cac3bad36f788a8d900c26491d1e10b68210188336da9b5e
3882de692094cbe01949b2074932fc8140bdedc0463ccaba28ac716dc879a2db
38fb0fd19ebd10fd16c84eb0cdbeb64f94c561ae31d94b768400954b2edcc2ba
3a956acbf0f2f0bed50670a61a3a5cdef2c1e5de7c313da6391156111555fca6
3aa106c2d778779877819e263ece7c70f572711e980f23d10c3c6487cb88f96d
3b271325e90ddb188a858500b4939d6d4bbc0e28720da2c486266704c715a8db
3b87a00a3e5e259e48c3c73e45c02ce241a9ec58e727f2e3adcd858f899b177b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3febd731867ee3bf9bd30b0b6ecca16e30179de101329318385cd7dd9a692ad9
41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6
4271407807f1e49734ce4895663f3496efc37e546f30a960bffc5a23462b2139
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b86777b9cc7cffa99555b9dbd47db31a619ee5d9187553ae1353d8e2872ad3
454552f06934bf318852c700126d15d50cac7e9db95a1f585bdbbbc1d7922122
459f3786cd68cd5d072e7249ba5f8305d8a11e820096dcee12fb58335df6cd68
4626c0fc01a26a8061936336c4a9f252b78c0272ce6bd1d4ee849985807355ce
4c8c31fb67fb7fd5bc69d480ee0622f19a50a9f8f96b582421d1e475e373cdcd
4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531
4df1680766bbc95546136b461b0e752cc113d9b7d54602443df92181e63f42fe
4f0cc9cb5ab4c1a72c14dbd50f525391966943c5ea84c55ebf55bc90fd4bbc11
5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55775285279b2a6a9d4322db3a8a65e7e372e166d6c0a5f3a1b8bb277dcaad76
561b202ea8a3cd9cf4878e88b0607b78016f428087923cc32472d578218d5e3a
57d0a0866681113ad01e5870d69ced67f4454ed4ca50ac666745e4acc315c294
58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056
58ad42af0c1190e34f414f071dfd4e4efd2f03a0bc12e8ec555688e5d7c750d5
58ba95ff001c45ace69724e41a0507a6e5e8ce0729ea6bafb81ce1eaf01e4e13
5a66097ab1b0a08627fb4c25b39785a44a7622539a4932e59c2b6dd4863c4195
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5bfd94b6a0ceb768e022d925a466c6c2634b939faa5bb5028f9fc62218ec84cb
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5e88603573d65fad3831a47762432af0f1a51e3a4ebbab0149393817b5b2f0b0
5f15dceda85b5fd9bf53d82ed6abb2125fca7fab27da99b0df2cd0b6de6f2c15
600b9f08dccb128bd501fb3d9331f20a898860be424d11978b2a093d28029f49
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6263595b77c5f48b99023951baeb30362db3fc076d29aed2b801ec2d994fefb7
62b935b6636ec4db95ce6adc07dc8da028fa6c75364127aa48254f25e968ff8b
676f7597b3f624216f081671eb05fa087fe24dc327882f64990e70c6031a36e0
678b330b9d28a53f93783dc1640432231b0630399fc8448de7f6b10683f42208
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
684b02d463084a166adaa9e41c08289e378dedc8f6c26faefe312bf68719ab1b
690562ddcad306101c5822632b388eb6fcef858c782ee91f4d91a88266837fcd
69b2f433b5095129fe585d56ec765653202ed6953db2e9d0fdc4263e1ae5dba4
6be5af2aa62a139d6a7e44161baae12e776cdf423be54b5bac03815ee6f95a47
6d2be2469496afa04152da3ec154dcd5947ec57eba121e2d65aaa330405232c1
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
7060ccc4a800448d37027d5c6beb0084ad19061feb48a523e29ea1b7dbc1ae3b
71330046d1c5e59dfebcf926f3a577fc498d1bcf2ba2576e1c55d72a26d4dbf8
718b457aa6b1cba64226c8256429dc3ef2c2097d7e2af0fe7a3cbbf8e4c01043
71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7
7282ef908a7bdfce5e95b9c068363d6dd16f0403cf4f63a55de9ec0be4ed482b
73881513a7e7f8944a311bea8e80e9fad946e256ae74d62b5c8d469dc6df0186
742e3956adcdec2c0e47aa76ff0a4e8411a5fb41a5c0ceb99c8d6a83e35ebc9e
75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b
76dc829025cdfa2c12dfaf8863662fc69c15a5a16535f2835bc9c5e0d14942b6
7739eefcdee8afcb00fbe9a35cc795fff0cff7092b10d56c4190484d42892433
79f0578ae714ea9184cbdddaeb391f7e52929f98c8c2d6bc86607e2449851de8
7a3dc3bcde4684bcd852e9f50536e0c46ca317c86398ce74e7d96b5d26836106
7f1fcecb512f8eff45087f0c510545cc8297360cdd9bf67c7d065df90f853cc4
7fb957af9ffa197a3e767584409b95e9a01e5b222f6be077afa257f9f8ec15b2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8658dcad983dacbb3bca7bc8217fd0b75f28df85bf9259bd0dccf69e58cb0ecd
8a9eaafed5b5886a549417d36b0a3274350ee902caf21dc5a64adbb06cc74bf0
8ec6b991cb1b2573beb8b63846dad6ad125755c7ffbc38aa093db28c1343912a
9018c9cde969f67f3ef9aeebb0462386ec0835eccd6f90ac59fb2634c2ddabc9
94d4e74be3a91e58ae87d295004f05d54570427d592bce826399ba363a69c013
955f2585fc5dbd9b075871f64327aa830ec156a715772b7a6d84af87c202b2df
98fc2ceae9de1cdee24f6767e689bcaff32d71fe3c71764c0801efc989e14a10
99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1
9a655698d35a22ebc29b642f346c310199eee0c32a46db981c0dadc54a615604
9e8081d6d0822fa1926872fe823d0e4e81bc2de53a674b89c80f2494aac28a4e
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c
a03a75968d36425cd52d0643ebfa9af7808bf651f88c2c36f66cf88caeb268d2
a113656d0147f720a39d1167d70660f14fce21a241ec6f86ce55880cfaf7da44
a216fc67a538553083290aaa7d736cc2d8f7b1ef4ad5f6e26055d48852abbccb
a231b7235698f95d9b3e38e7daf30c555e81423432a2b2b867a2cf844a5c8517
a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4
a352d16f4ccc8147826a4ad37a6f2d2cbdbb51e4e6475f4e671505cce32e2b13
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a53b289843b15d58a9574645ea05db23c5dd6663fc5e39f5c61528ae13de22f5
a5f5aa67c5247bf353a5668ec0671fb272ddc3b344112b07a63df196e1425db7
a8070ef9daef25ec3260e1935207dca82b584a9dc527f82469849f1637702b5d
a9885038c50d2ae4af29f5089c02051b3c87caccc4d8e42b4fe56208c16478ce
a9897379efd4d492f9d36b50c61f628e4c764b1b4d5e6ce82f4e2ba5c84dda79
ac1c8225921a5d51ebf3d57cdf0449ab5b1f71039a37f7ecdad91468898cf3f1
acccc5a3d88639d20c7f8ec2b7e9eef80917f4c7c283197a85b8239cc66df346
ad80ac33ed04b4e6d78167b4162ecd3d2e8c29d17b43eb3df1f35b216b2ac5c5
af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754
b0085f0451431dc24f53f1b6d318c8130ca17b39879631afedd0fcf7e10a142f
b13535f58c2231201ae8bcc94b792358bd5e5d55b19498f31798ffbf7b30d9bb
b267f36c60cf1a612ba21cba4f81983b01389bfd7de413ef17cd00f3d5f6de3e
b2f556a76bee0c86b64de8da8c060476c32a18007df8315c1a0ab9aaad24e9e1
b5da6e176a66dbd7f777108ab55e4b26cfab2da22f673e5e2d44aef57d2b644d
b89c773c0d35e1714f0e9b395f9bea5797b25b516fb6828c8ef1f5ac351319ab
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
ba3ec400208755d8e7e8f07af131bab27cc2ef5c2c4ce808feb095686b256461
ba8269d9a47f982451ae9904fa15d92b98be5afa2a1dcc138534cbcc4178fb4a
bbf1a3192711c5e9bfece1d2cd0554f0f31895b071f8f9b76abf8c681c18b30f
bd38b5fc88e88bfda855b553aa66a0c4971adf7b35b5bcf1c8d022a461ed0039
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2c4ff7326de5ab555422dc1326bcd78cecd24b577e64e1f969fc0704564f17b
c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47
c517e512930785249e9f6602d648b75a367a7628a47986d299b0e442f37e702e
c71b0d1355ffa5efb6aff3b44f79210e14a04129b946efa39c9f1e3cd546325c
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c7bf220d3895d4f8b174a1136dbc832ed092bfd0846903d5436cb6a25257f7bf
c7d3dec6d28f0f63a370a2d63562b6cdc44e88fe2a89d7f0e9b6dfd86d5e7486
c8467b98f112bb1b06a33cde66a70de85c05d22a455f91f592554c804a50a729
c8ae1941c0005e49dc92e79ce05b8f7daa36c6960bc94fa80e15a83cd524ea63
ca2cffd8ac4ece93787940f26b202209899b61ea111b7c46fe4324f32cfba26e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc5422156c4d944bebbf811a42bba1df6b4564a4bf4273c3ab4f81432bc7a9db
cc6d17a5907b78d23c3e0d4f4a4ed77269176c99f4748da1345f84de1961f01f
cd6f4900abc2da200ad96c75852facfd8872610ce9dd259acf3cc82507490dd3
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d2b9b123f4a223439aa81446337809eee5648366627157eaa047da4cd977dc0d
d32beaf81a015569aca21c8aba15195dee3b629349a9c7b87d7be08d682682de
d7bf7be35bcff4114c5a7a58bdecd2f4d1ce132078400f2ca432c8aa25dd752f
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d88e1d9883dc5c232bc4789f64f558f2985ee7af3f2d9a4593697d7ce69ab863
d8a377663b9becff08b69e74dd934402b5ed561e8aa3ce154ae615d132d89233
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0
ddbff1fdf55f5fcc80d6eca42f3a2efb36b38f4ddd1eea47ce8a0ba437ac8247
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36bf3179ce4698f14284cb51f78f12734dec47c538a9ac1ac2d78c8caa63fa
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c897c83c8dbcb7bfccabf79d0e1e8a6ce04b45d06a39b0357cc0de55402b6a
e6ed5ad99facbe81ae92038663e4931f0000f73847fc60e64a46517f912aae8b
e7fe6cddb7354738ba40784bab66dc4b6cce364ad55d117f08aaf19eb6ba88ef
e9a15694af1f4a4ed7278204bedaae9d3d27805516a2ac2763e5cb78d185af27
e9fbb3259383f2388c95bb3256cecd0c1c00b7c0dfe1c67f7779dbe9f06a0065
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
edbb7d6bc8a209db04b11d97fa5c5860ec96acedc1615cf793ab387d13c45678
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee42c26311be9a1faab43d45b234cbbc1b40299c6740e689b9fdf276640127e8
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef950306b7ceefdce709cf8a3330b8e3586fd325744c88d3050334cd433dfe01
f129c316238688d2ecf3eae90f8bbb1b18f5e57405367641038b68100cc50f62
f329ad1d40ab6e7853714833ca98e760b3ff93588a75fae5852a14fdbc103bb4
f4e9fc9cb715061a768c38a333706476e1ca9fceb27e01dfcfdf8b188f66c6b5
f57c4be503d6f4ba9a0ca03dfcfc87094c35c51887a25669d84fbc5e5e701fbd
f73a2f6c23ea2071cef1cc58b1f96f6491955ed0860f2c57392209f1b7f772ce
f8174db70e4192157b33359b98bb6b1c393c4b731b6d8d5f5ae6cd5877bc4106
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d
f9f1174fbb07d73b44d0a3bccfb9c1bb24106e4e6d58a89234f654f95906fe24
fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95
fb392049cf4eba9337b0a21a40a10c03e62fc4e5a066478c2caefcd8496b10b8
fb39c1aa5c4a5318ff253d89786d6bc38f45c860f6128ecbd8b3806e506d2753
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf
fe2ac5219992a3608a5c9e2bc4759fac8fb2189b88d7a674d395ff6c435da536
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

headspring.com Open in urlscan Pro 104.154.24.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

278 Requests

99 %HTTPS

57 %IPv6

26 Domains

39 Subdomains

40 IPs

6 Countries

7201 kBTransfer

29052 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

278 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

headspring.com Open in urlscan Pro
104.154.24.231 Public Scan

Screenshot
Live screenshot

Full Image

278
Requests

99 %
HTTPS

57 %
IPv6

26
Domains

39
Subdomains

40
IPs

6
Countries

7201 kB
Transfer

29052 kB
Size

1
Cookies

278 HTTP transactions
2 data transactions