app.mural.co Open in urlscan Pro
20.42.34.181 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
Submission: On May 18 via manual (May 18th 2021, 7:22:39 pm UTC) from JP

Summary HTTP 54 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 54 HTTP transactions. The main IP is 20.42.34.181, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is app.mural.co.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 12th 2020. Valid for: 2 years.

This is the only time app.mural.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	20.42.34.181 20.42.34.181	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.112.176 151.101.112.176	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.244.81 99.86.244.81	16509 (AMAZON-02) (AMAZON-02)
2 2	13.32.14.75 13.32.14.75	16509 (AMAZON-02) (AMAZON-02)
4	99.84.219.80 99.84.219.80	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2199:ac00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.239.220.64 52.239.220.64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.155.95.221 35.155.95.221	16509 (AMAZON-02) (AMAZON-02)
2	99.83.219.81 99.83.219.81	16509 (AMAZON-02) (AMAZON-02)
54	12

31 20.42.34.181 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

app.mural.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.244.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-244-81.vie50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.14.75 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-14-75.vie50.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.219.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-219-80.iad79.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2199:ac00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.239.220.64 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

murally.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.155.95.221 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-95-221.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.219.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	mural.co app.mural.co	3 MB
7	cookielaw.org cdn.cookielaw.org	116 KB
4	intercomcdn.com js.intercomcdn.com	117 KB
4	intercom.io 2 redirects widget.intercom.io api-iam.intercom.io	12 KB
4	stripe.com js.stripe.com m.stripe.com	57 KB
2	windows.net murally.blob.core.windows.net	28 KB
1	stripe.network m.stripe.network	13 KB
1	googletagmanager.com www.googletagmanager.com	34 KB
1	segment.com cdn.segment.com	67 KB
1	cloudflare.com cdnjs.cloudflare.com	16 KB
54	10

	Domain	Requested by
31	app.mural.co	app.mural.co
7	cdn.cookielaw.org	app.mural.co cdn.cookielaw.org
4	js.intercomcdn.com	widget.intercom.io
3	js.stripe.com	app.mural.co js.stripe.com
2	api-iam.intercom.io	js.intercomcdn.com
2	murally.blob.core.windows.net
2	widget.intercom.io	2 redirects
1	m.stripe.com	m.stripe.network
1	m.stripe.network	js.stripe.com
1	www.googletagmanager.com	cdn.segment.com
1	cdn.segment.com	app.mural.co
1	cdnjs.cloudflare.com	app.mural.co
54	12

This site contains links to these domains. Also see Links.

Domain
www.mural.co
onetrust.com

Subject Issuer	Validity	Valid
*.mural.co Sectigo RSA Domain Validation Secure Server CA	`2020-06-12` - `2022-07-02`	2 years	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-04-14` - `2021-08-04`	4 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2020-06-12` - `2021-07-27`	a year	crt.sh
*.intercomcdn.com Amazon	`2021-03-01` - `2022-03-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2021-02-16` - `2022-02-16`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-16` - `2021-08-04`	4 months	crt.sh
*.intercom.com Amazon	`2021-04-15` - `2022-05-14`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
Frame ID: E6D716B3C51B1C0C101D32489671BDDF
Requests: 47 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
Frame ID: 004197386B555F221B2FDC3CBB4550AB
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: A74E6681F2A3756B26728A346C760F3D
Requests: 2 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.7c8e0f51.js
Frame ID: 6EE053C8F692619744F80CB54F02E0BB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /heap-\d+\.js/i

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.segment\.com\/analytics\.js/i

Page Statistics

54
Requests

100 %
HTTPS

33 %
IPv6

10
Domains

12
Subdomains

12
IPs

2
Countries

3740 kB
Transfer

10794 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mural.co/terms/cookie-policy
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://www.mural.co/?utm_source=&utm_medium=mural-embed

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://widget.intercom.io/widget/c6zqfm8h HTTP 302
https://js.intercomcdn.com/shim.latest.js

Request Chain 52

https://widget.intercom.io/widget/c6zqfm8h HTTP 302
https://js.intercomcdn.com/shim.latest.js

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request b45b8eb7-7b5e-45fc-b753-d85f625af318 Show response
app.mural.co/embed/ 2 KB
4 KB 428ms
150ms Document
text/html 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e612aa372f898fb817ae4dd237099eaa3c3269bbb31b6fd6a47ccebfac624d81

Security Headers

Name	Value
Content-Security-Policy	child-src 'self'; connect-src data: https: 'self' .embed.ly .satismeter.com .blob.core.windows.net https://.intercom.io wss://.intercom.io .google-analytics.com .segment.io .intercomcdn.com .g.doubleclick.net .rollbar.com .mural.co wss://.mural.co .cloudimg.io .fullstory.com .pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com .googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' .intercomcdn.com data: .mural.co .gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com .g.doubleclick.net .periscopedata.com .google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: .intercomcdn.com .mural.co .g.doubleclick.net .cloudimg.io https://.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' .intercomcdn.com .gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .google-analytics.com .intercom.io .intercomcdn.com https://js.stripe.com .g.doubleclick.net .cloudflare.com .segment.com .googletagmanager.com .hs-analytics.net .licdn.com .hs-scripts.com .googleadservices.com .gstatic.com .google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com .fullstory.com .mural.co .pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' .mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: app.mural.co
:scheme: https
:path: /embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:22:21 GMT
content-type: text/html
cache-control: no-cache
content-md5: 5+hLSjSoKdIjROIj97ozBw==
last-modified: Tue, 18 May 2021 14:49:09 GMT
accept-ranges: bytes
etag: W/"0x8D91A0C184B92F6"
x-ms-request-id: bbe1bfd4-e01e-00b9-2d1b-4c25c3000000
x-ms-version: 2013-08-15
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
access-control-allow-origin: *
content-security-policy: child-src 'self'; connect-src data: https: 'self' *.embed.ly *.satismeter.com *.blob.core.windows.net https://*.intercom.io wss://*.intercom.io *.google-analytics.com *.segment.io *.intercomcdn.com *.g.doubleclick.net *.rollbar.com *.mural.co wss://*.mural.co *.cloudimg.io *.fullstory.com *.pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com *.googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' *.intercomcdn.com data: *.mural.co *.gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com *.g.doubleclick.net *.periscopedata.com *.google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: *.intercomcdn.com *.mural.co *.g.doubleclick.net *.cloudimg.io https://*.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' *.intercomcdn.com *.gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.google-analytics.com *.intercom.io *.intercomcdn.com https://js.stripe.com *.g.doubleclick.net *.cloudflare.com *.segment.com *.googletagmanager.com *.hs-analytics.net *.licdn.com *.hs-scripts.com *.googleadservices.com *.gstatic.com *.google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com *.fullstory.com *.mural.co *.pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' *.mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
referrer-policy: strict-origin-when-cross-origin
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 vendor.3f27d0aa95a0b40ccf9c74b5b7d61a14.css
app.mural.co/static/dist/ 12 KB
6 KB 153ms
151ms Stylesheet
text/css 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/dist/vendor.3f27d0aa95a0b40ccf9c74b5b7d61a14.css

Requested by

Host: app.mural.co
URL: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c68badc8df774c15fcd4a725f8d991eb8647b0db82591cc1ccd3c674ee158873

Security Headers

Name	Value
Content-Security-Policy	child-src 'self'; connect-src data: https: 'self' .embed.ly .satismeter.com .blob.core.windows.net https://.intercom.io wss://.intercom.io .google-analytics.com .segment.io .intercomcdn.com .g.doubleclick.net .rollbar.com .mural.co wss://.mural.co .cloudimg.io .fullstory.com .pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com .googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' .intercomcdn.com data: .mural.co .gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com .g.doubleclick.net .periscopedata.com .google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: .intercomcdn.com .mural.co .g.doubleclick.net .cloudimg.io https://.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' .intercomcdn.com .gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .google-analytics.com .intercom.io .intercomcdn.com https://js.stripe.com .g.doubleclick.net .cloudflare.com .segment.com .googletagmanager.com .hs-analytics.net .licdn.com .hs-scripts.com .googleadservices.com .gstatic.com .google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com .fullstory.com .mural.co .pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' .mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/dist/vendor.3f27d0aa95a0b40ccf9c74b5b7d61a14.css
pragma: no-cache
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: app.mural.co
referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 5iPMZ6rOr1YSf8/2uLfpCg==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:09 GMT
x-frame-options: DENY
etag: W/"0x8D91A0C18509D3D"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 327d5a90-e01e-0013-431b-4cf32c000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000, immutable
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
content-security-policy: child-src 'self'; connect-src data: https: 'self' *.embed.ly *.satismeter.com *.blob.core.windows.net https://*.intercom.io wss://*.intercom.io *.google-analytics.com *.segment.io *.intercomcdn.com *.g.doubleclick.net *.rollbar.com *.mural.co wss://*.mural.co *.cloudimg.io *.fullstory.com *.pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com *.googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' *.intercomcdn.com data: *.mural.co *.gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com *.g.doubleclick.net *.periscopedata.com *.google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: *.intercomcdn.com *.mural.co *.g.doubleclick.net *.cloudimg.io https://*.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' *.intercomcdn.com *.gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.google-analytics.com *.intercom.io *.intercomcdn.com https://js.stripe.com *.g.doubleclick.net *.cloudflare.com *.segment.com *.googletagmanager.com *.hs-analytics.net *.licdn.com *.hs-scripts.com *.googleadservices.com *.gstatic.com *.google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com *.fullstory.com *.mural.co *.pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' *.mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 main.0e83667b5c7fed9a3d4972faa6a53149.css
app.mural.co/static/dist/ 1 MB
252 KB 157ms
155ms Stylesheet
text/css 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css

Requested by

Host: app.mural.co
URL: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ce20ff8753d70e54bcdf6bc62234342406e4749a51d09e716c55c181aaac9e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
pragma: no-cache
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: app.mural.co
referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: j4NHntGgl34l8ZZda27D3Q==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:09 GMT
x-frame-options: DENY
etag: W/"0x8D91A0C184B92F6"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 04ba3316-a01e-0050-321b-4cd9c5000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000, immutable
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/ddc25aae-c9b2-442e-8977-8f9a5aea7a59/ 5 KB
2 KB 35ms
19ms Script
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/ddc25aae-c9b2-442e-8977-8f9a5aea7a59/OtAutoBlock.js

Requested by

Host: app.mural.co
URL: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

449fef1e9d2dc4efc26fd1fb776355863217613681362ef42da8ea22dec23822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.mural.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7WR2IE2Z6ccIIrPXvrDLpA==
age: 188
vary: Accept-Encoding
content-length: 1780
cf-request-id: 0a2286ef7500004e746ba55000000001
x-ms-lease-status: unlocked
last-modified: Fri, 09 Apr 2021 19:55:34 GMT
server: cloudflare
etag: 0x8D8FB917050B59D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 02fd4445-701e-0070-47ed-2eab22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6517742bebcc4e74-FRA

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 17 KB
6 KB 32ms
16ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: app.mural.co
URL: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.mural.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pE7xqZRyx6XQkryUB7ni+A==
age: 230
vary: Accept-Encoding
content-length: 5801
cf-request-id: 0a2286ef7200004e74aab44000000001
x-ms-lease-status: unlocked
last-modified: Fri, 14 May 2021 01:47:06 GMT
server: cloudflare
etag: 0x8D9167A2E5FD52B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fa14a1d8-401e-0177-4670-481bf2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6517742bebcf4e74-FRA

GET
H2 200 runtime.ce8cb08729cec694517de0d12ecf1e8e.js Show response
app.mural.co/static/dist/ 2 KB
3 KB 155ms
154ms Script
application/javascript 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/dist/runtime.ce8cb08729cec694517de0d12ecf1e8e.js

Requested by

Host: app.mural.co
URL: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

84996c2ef3a6820e1c7826db0ab58d7df5469e625a9b91eda5f324969906c532

Security Headers

Name	Value
Content-Security-Policy	child-src 'self'; connect-src data: https: 'self' .embed.ly .satismeter.com .blob.core.windows.net https://.intercom.io wss://.intercom.io .google-analytics.com .segment.io .intercomcdn.com .g.doubleclick.net .rollbar.com .mural.co wss://.mural.co .cloudimg.io .fullstory.com .pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com .googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' .intercomcdn.com data: .mural.co .gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com .g.doubleclick.net .periscopedata.com .google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: .intercomcdn.com .mural.co .g.doubleclick.net .cloudimg.io https://.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' .intercomcdn.com .gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .google-analytics.com .intercom.io .intercomcdn.com https://js.stripe.com .g.doubleclick.net .cloudflare.com .segment.com .googletagmanager.com .hs-analytics.net .licdn.com .hs-scripts.com .googleadservices.com .gstatic.com .google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com .fullstory.com .mural.co .pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' .mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/dist/runtime.ce8cb08729cec694517de0d12ecf1e8e.js
pragma: no-cache
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app.mural.co
referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lvB6wq18kxojPOFjnJRcsA==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:09 GMT
x-frame-options: DENY
etag: W/"0x8D91A0C184F646E"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 516d66e8-f01e-0108-431b-4c9beb000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000, immutable
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
content-security-policy: child-src 'self'; connect-src data: https: 'self' *.embed.ly *.satismeter.com *.blob.core.windows.net https://*.intercom.io wss://*.intercom.io *.google-analytics.com *.segment.io *.intercomcdn.com *.g.doubleclick.net *.rollbar.com *.mural.co wss://*.mural.co *.cloudimg.io *.fullstory.com *.pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com *.googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' *.intercomcdn.com data: *.mural.co *.gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com *.g.doubleclick.net *.periscopedata.com *.google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: *.intercomcdn.com *.mural.co *.g.doubleclick.net *.cloudimg.io https://*.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' *.intercomcdn.com *.gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.google-analytics.com *.intercom.io *.intercomcdn.com https://js.stripe.com *.g.doubleclick.net *.cloudflare.com *.segment.com *.googletagmanager.com *.hs-analytics.net *.licdn.com *.hs-scripts.com *.googleadservices.com *.gstatic.com *.google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com *.fullstory.com *.mural.co *.pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' *.mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 vendor.f4f2b82490d40c3bc24d11b36c60b39e.js Show response
app.mural.co/static/dist/ 2 MB
822 KB 383ms
382ms Script
application/javascript 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/dist/vendor.f4f2b82490d40c3bc24d11b36c60b39e.js

Requested by

Host: app.mural.co
URL: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

20f82fc110425129c4e34a161de8e57c10f2e6f1da149123fa08173a41f3ebcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/dist/vendor.f4f2b82490d40c3bc24d11b36c60b39e.js
pragma: no-cache
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app.mural.co
referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IYS458JLnRaeTonl4WS1Ig==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:10 GMT
x-frame-options: DENY
etag: W/"0x8D91A0C185A1553"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d69be7bd-901e-0113-1b1b-4cb579000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000, immutable
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 main.e05f27a70b4896b25aa6dcf6ae552f56.js Show response
app.mural.co/static/dist/ 4 MB
1 MB 383ms
382ms Script
application/javascript 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/dist/main.e05f27a70b4896b25aa6dcf6ae552f56.js

Requested by

Host: app.mural.co
URL: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cbf7c4ac261a905338971475dd7269b016254209290b17bbd1a7f32b9d92baca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/dist/main.e05f27a70b4896b25aa6dcf6ae552f56.js
pragma: no-cache
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app.mural.co
referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tBxR0vZ8V12QWnwdPUcf4A==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:09 GMT
x-frame-options: DENY
etag: W/"0x8D91A0C184EA0F3"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a193e704-101e-008e-6e1b-4c896c000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000, immutable
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 ddc25aae-c9b2-442e-8977-8f9a5aea7a59.json Show response
cdn.cookielaw.org/consent/ddc25aae-c9b2-442e-8977-8f9a5aea7a59/ 3 KB
2 KB 31ms
17ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/ddc25aae-c9b2-442e-8977-8f9a5aea7a59/ddc25aae-c9b2-442e-8977-8f9a5aea7a59.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fba894067c7440b0fb0fe447b3a6e7ef62476606de776ba0461b6acaea78fbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.mural.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: vpyG77WsrdWk1X6A8zCPNg==
age: 183
vary: Accept-Encoding
content-length: 1144
cf-request-id: 0a2286f20600004d896b094000000001
x-ms-lease-status: unlocked
last-modified: Fri, 09 Apr 2021 19:55:34 GMT
server: cloudflare
etag: 0x8D8FB91705E2595
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0e6794ff-c01e-0069-74b9-34874a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 651774300aca4d89-FRA

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.13.0/ 366 KB
81 KB 15ms
15ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.mural.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pY8Rr438h7Vb2adEFDW1VA==
age: 4919176
vary: Accept-Encoding
content-length: 82575
cf-request-id: 0a2286f21c00004e74998de000000001
x-ms-lease-status: unlocked
last-modified: Thu, 28 Jan 2021 07:38:02 GMT
server: cloudflare
etag: 0x8D8C35FA49267C6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: feb15b14-801e-0161-7e5d-1fda6c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 651774302ebc4e74-FRA
expires: Wed, 26 May 2021 19:22:22 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/ddc25aae-c9b2-442e-8977-8f9a5aea7a59/b9399825-f4c6-412f-9981-e8a83f3c6e0b/ 34 KB
10 KB 22ms
22ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/ddc25aae-c9b2-442e-8977-8f9a5aea7a59/b9399825-f4c6-412f-9981-e8a83f3c6e0b/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71f24391b017d4c1615ddce457aa03d34f6592d01a4dbd56affe300be5291be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.mural.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: lK0OkrVBKFHA76Aj/Zz71g==
age: 183
vary: Accept-Encoding
content-length: 9966
cf-request-id: 0a2286f24200004d8977023000000001
x-ms-lease-status: unlocked
last-modified: Fri, 09 Apr 2021 19:55:38 GMT
server: cloudflare
etag: 0x8D8FB917256A881
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d286c6d2-701e-0034-37e6-34774e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 651774306bbc4d89-FRA

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.13.0/assets/ 12 KB
3 KB 15ms
14ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.13.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.mural.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /ODZFpGAnQ0xgLGN+/xOCg==
age: 2551477
vary: Accept-Encoding
content-length: 2822
cf-request-id: 0a2286f26400004d899bb20000000001
x-ms-lease-status: unlocked
last-modified: Thu, 28 Jan 2021 07:37:52 GMT
server: cloudflare
etag: 0x8D8C35F9EDD933A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2ba9bfda-001e-0012-14e6-34ecfa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 65177430ac2b4d89-FRA
expires: Wed, 26 May 2021 19:22:22 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.13.0/assets/v2/ 45 KB
12 KB 14ms
13ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.13.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

480889002777fd46e82ea77533779500bc7f363e9a30abcf282392ecf58780e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.mural.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: tOIVP7aQMx8KuQM3FUQnFw==
age: 2551477
vary: Accept-Encoding
content-length: 11792
cf-request-id: 0a2286f26500004d898587f000000001
x-ms-lease-status: unlocked
last-modified: Thu, 28 Jan 2021 07:37:55 GMT
server: cloudflare
etag: 0x8D8C35FA0B62A52
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d059746b-701e-0059-49e6-34dd60000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 65177430ac304d89-FRA
expires: Wed, 26 May 2021 19:22:22 GMT

GET
H2 200 endpoints.json Show response
app.mural.co/ 250 B
2 KB 149ms
148ms Fetch
application/json 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/endpoints.json

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.e05f27a70b4896b25aa6dcf6ae552f56.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

47ddfcf6b4880ba69772793d7a910557d35fe0170be143f6783789990084d961

Security Headers

Name	Value
Content-Security-Policy	child-src 'self'; connect-src data: https: 'self' .embed.ly .satismeter.com .blob.core.windows.net https://.intercom.io wss://.intercom.io .google-analytics.com .segment.io .intercomcdn.com .g.doubleclick.net .rollbar.com .mural.co wss://.mural.co .cloudimg.io .fullstory.com .pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com .googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' .intercomcdn.com data: .mural.co .gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com .g.doubleclick.net .periscopedata.com .google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: .intercomcdn.com .mural.co .g.doubleclick.net .cloudimg.io https://.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' .intercomcdn.com .gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .google-analytics.com .intercom.io .intercomcdn.com https://js.stripe.com .g.doubleclick.net .cloudflare.com .segment.com .googletagmanager.com .hs-analytics.net .licdn.com .hs-scripts.com .googleadservices.com .gstatic.com .google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com .fullstory.com .mural.co .pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' .mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /endpoints.json
pragma: no-cache
cookie: OptanonConsent=isIABGlobal=false&datestamp=Tue+May+18+2021+21%3A22%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=6.13.0&consentId=09773609-b7c5-48c7-b04e-d60077723570&interactionCount=0&landingPath=https%3A%2F%2Fapp.mural.co%2Fembed%2Fb45b8eb7-7b5e-45fc-b753-d85f625af318
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: app.mural.co
referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: CtGqWcgGUg8qLzHKUD3zIA==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 02 Oct 2020 21:41:18 GMT
x-frame-options: DENY
etag: W/"0x8D8671BE5A3E340"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9898db56-501e-0045-501b-4c1b5c000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
content-security-policy: child-src 'self'; connect-src data: https: 'self' *.embed.ly *.satismeter.com *.blob.core.windows.net https://*.intercom.io wss://*.intercom.io *.google-analytics.com *.segment.io *.intercomcdn.com *.g.doubleclick.net *.rollbar.com *.mural.co wss://*.mural.co *.cloudimg.io *.fullstory.com *.pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com *.googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' *.intercomcdn.com data: *.mural.co *.gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com *.g.doubleclick.net *.periscopedata.com *.google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: *.intercomcdn.com *.mural.co *.g.doubleclick.net *.cloudimg.io https://*.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' *.intercomcdn.com *.gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.google-analytics.com *.intercom.io *.intercomcdn.com https://js.stripe.com *.g.doubleclick.net *.cloudflare.com *.segment.com *.googletagmanager.com *.hs-analytics.net *.licdn.com *.hs-scripts.com *.googleadservices.com *.gstatic.com *.google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com *.fullstory.com *.mural.co *.pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' *.mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 proximanova-regular-webfont.woff
app.mural.co/static/fonts/ 62 KB
63 KB 144ms
144ms Font
application/x-font-woff 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/fonts/proximanova-regular-webfont.woff

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

70165753a5181b671f9e9e205883af095621ec10fa445326287a0bfc557c9e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: OptanonConsent=isIABGlobal=false&datestamp=Tue+May+18+2021+21%3A22%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=6.13.0&consentId=09773609-b7c5-48c7-b04e-d60077723570&interactionCount=0&landingPath=https%3A%2F%2Fapp.mural.co%2Fembed%2Fb45b8eb7-7b5e-45fc-b753-d85f625af318
:path: /static/fonts/proximanova-regular-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:22 GMT
x-content-type-options: nosniff
content-md5: fRl1GMkJJmpjz3ObArYaLw==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
content-length: 63368
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:10 GMT
x-frame-options: DENY
etag: "0x8D91A0C188CCA08"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-font-woff
access-control-allow-origin: *
x-ms-request-id: f130ddfb-e01e-003a-111b-4c856e000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 proximanova-bold-webfont.woff
app.mural.co/static/fonts/ 62 KB
63 KB 144ms
144ms Font
application/x-font-woff 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/fonts/proximanova-bold-webfont.woff

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a30f50be3aeb5eed565024f83b457aab4915bf067e1392c247b962fe30d028fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: OptanonConsent=isIABGlobal=false&datestamp=Tue+May+18+2021+21%3A22%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=6.13.0&consentId=09773609-b7c5-48c7-b04e-d60077723570&interactionCount=0&landingPath=https%3A%2F%2Fapp.mural.co%2Fembed%2Fb45b8eb7-7b5e-45fc-b753-d85f625af318
:path: /static/fonts/proximanova-bold-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:22 GMT
x-content-type-options: nosniff
content-md5: 7BwHvW+AwHo/B46MegqZgA==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
content-length: 63324
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:10 GMT
x-frame-options: DENY
etag: "0x8D91A0C18843C80"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-font-woff
access-control-allow-origin: *
x-ms-request-id: 3a3b2e38-301e-0033-771b-4c9fe0000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 proximanova-semibold-webfont.woff
app.mural.co/static/fonts/ 61 KB
62 KB 151ms
149ms Font
application/x-font-woff 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/fonts/proximanova-semibold-webfont.woff

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9e89917a0ff8421d7afc5a5fdb52511b910a21e9da8eebd5bffeb04e8053f607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: OptanonConsent=isIABGlobal=false&datestamp=Tue+May+18+2021+21%3A22%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=6.13.0&consentId=09773609-b7c5-48c7-b04e-d60077723570&interactionCount=0&landingPath=https%3A%2F%2Fapp.mural.co%2Fembed%2Fb45b8eb7-7b5e-45fc-b753-d85f625af318&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0%2CC0003%3A0&hosts=H10%3A1%2CH40%3A1%2CH4%3A1%2CH12%3A1%2CH22%3A1%2CH15%3A1%2CH1%3A0%2CH3%3A0%2CH6%3A0%2CH8%3A0%2CH9%3A0%2CH19%3A0%2CH39%3A0
:path: /static/fonts/proximanova-semibold-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:23 GMT
x-content-type-options: nosniff
content-md5: zpA7xvGdvQsgfHmmwu1u7w==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
content-length: 62948
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:10 GMT
x-frame-options: DENY
etag: "0x8D91A0C18902629"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-font-woff
access-control-allow-origin: *
x-ms-request-id: ca0cb8e4-a01e-00be-601b-4cd346000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 proximanova-black-webfont.woff
app.mural.co/static/fonts/ 60 KB
61 KB 145ms
145ms Font
application/x-font-woff 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/fonts/proximanova-black-webfont.woff

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3a5eb151b45d285901dbe624d3c5334f1786abad8055d9fd65414951134bfcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: OptanonConsent=isIABGlobal=false&datestamp=Tue+May+18+2021+21%3A22%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=6.13.0&consentId=09773609-b7c5-48c7-b04e-d60077723570&interactionCount=0&landingPath=https%3A%2F%2Fapp.mural.co%2Fembed%2Fb45b8eb7-7b5e-45fc-b753-d85f625af318&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0%2CC0003%3A0&hosts=H10%3A1%2CH40%3A1%2CH4%3A1%2CH12%3A1%2CH22%3A1%2CH15%3A1%2CH1%3A0%2CH3%3A0%2CH6%3A0%2CH8%3A0%2CH9%3A0%2CH19%3A0%2CH39%3A0
:path: /static/fonts/proximanova-black-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:23 GMT
x-content-type-options: nosniff
content-md5: My97Ds/S2HgIwk5CLKVPgA==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
content-length: 61896
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:10 GMT
x-frame-options: DENY
etag: "0x8D91A0C1883EE49"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-font-woff
access-control-allow-origin: *
x-ms-request-id: 872b99d9-301e-0137-791b-4c2c37000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 blambotcasual-webfont.woff
app.mural.co/static/fonts/ 30 KB
31 KB 145ms
145ms Font
application/x-font-woff 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/fonts/blambotcasual-webfont.woff

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

02d99e868342861c05e2fb39feab7a0b1589967b9359f175250c9a0b36a8abd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: OptanonConsent=isIABGlobal=false&datestamp=Tue+May+18+2021+21%3A22%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=6.13.0&consentId=09773609-b7c5-48c7-b04e-d60077723570&interactionCount=0&landingPath=https%3A%2F%2Fapp.mural.co%2Fembed%2Fb45b8eb7-7b5e-45fc-b753-d85f625af318&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0%2CC0003%3A0&hosts=H10%3A1%2CH40%3A1%2CH4%3A1%2CH12%3A1%2CH22%3A1%2CH15%3A1%2CH1%3A0%2CH3%3A0%2CH6%3A0%2CH8%3A0%2CH9%3A0%2CH19%3A0%2CH39%3A0
:path: /static/fonts/blambotcasual-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:23 GMT
x-content-type-options: nosniff
content-md5: jAhSC5Z2LXmrSHH/CgL8Ug==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
content-length: 30412
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:10 GMT
x-frame-options: DENY
etag: "0x8D91A0C18743322"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-font-woff
access-control-allow-origin: *
x-ms-request-id: 313a260a-e01e-007e-751b-4c5902000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 blambotprolite-webfont.woff
app.mural.co/static/fonts/ 20 KB
21 KB 150ms
149ms Font
application/x-font-woff 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/fonts/blambotprolite-webfont.woff

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8577bfd1a11d1d7c543f73e870e07ccbb636099b253ef62fbcf522329f5befcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: OptanonConsent=isIABGlobal=false&datestamp=Tue+May+18+2021+21%3A22%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=6.13.0&consentId=09773609-b7c5-48c7-b04e-d60077723570&interactionCount=0&landingPath=https%3A%2F%2Fapp.mural.co%2Fembed%2Fb45b8eb7-7b5e-45fc-b753-d85f625af318&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0%2CC0003%3A0&hosts=H10%3A1%2CH40%3A1%2CH4%3A1%2CH12%3A1%2CH22%3A1%2CH15%3A1%2CH1%3A0%2CH3%3A0%2CH6%3A0%2CH8%3A0%2CH9%3A0%2CH19%3A0%2CH39%3A0
:path: /static/fonts/blambotprolite-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:23 GMT
x-content-type-options: nosniff
content-md5: VAmgSBnO0NbdM2++9/PLyA==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
content-length: 20648
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:10 GMT
x-frame-options: DENY
etag: "0x8D91A0C1878049F"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-font-woff
access-control-allow-origin: *
x-ms-request-id: 1ff43e2e-301e-00b0-771b-4c3f4d000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 adelle_reg-webfont.woff
app.mural.co/static/fonts/ 33 KB
33 KB 144ms
144ms Font
application/x-font-woff 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/fonts/adelle_reg-webfont.woff

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8a835f82ea32330685662b25913377e5a3aef865eef24b012d63c37b27737646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: OptanonConsent=isIABGlobal=false&datestamp=Tue+May+18+2021+21%3A22%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=6.13.0&consentId=09773609-b7c5-48c7-b04e-d60077723570&interactionCount=0&landingPath=https%3A%2F%2Fapp.mural.co%2Fembed%2Fb45b8eb7-7b5e-45fc-b753-d85f625af318&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0%2CC0003%3A0&hosts=H10%3A1%2CH40%3A1%2CH4%3A1%2CH12%3A1%2CH22%3A1%2CH15%3A1%2CH1%3A0%2CH3%3A0%2CH6%3A0%2CH8%3A0%2CH9%3A0%2CH19%3A0%2CH39%3A0
:path: /static/fonts/adelle_reg-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:23 GMT
x-content-type-options: nosniff
content-md5: PybVTOQgSxhaN5dvSF7WLA==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
content-length: 33344
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:10 GMT
x-frame-options: DENY
etag: "0x8D91A0C18743322"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-font-woff
access-control-allow-origin: *
x-ms-request-id: 4c1ce520-201e-00e0-031b-4c2045000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 adelle_extrabold-webfont.woff
app.mural.co/static/fonts/ 31 KB
32 KB 144ms
144ms Font
application/x-font-woff 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/fonts/adelle_extrabold-webfont.woff

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eae85f305e996aba07104300d1e5b94e663dbba6542dc238bc96760b7a533a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: OptanonConsent=isIABGlobal=false&datestamp=Tue+May+18+2021+21%3A22%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=6.13.0&consentId=09773609-b7c5-48c7-b04e-d60077723570&interactionCount=0&landingPath=https%3A%2F%2Fapp.mural.co%2Fembed%2Fb45b8eb7-7b5e-45fc-b753-d85f625af318&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0%2CC0003%3A0&hosts=H10%3A1%2CH40%3A1%2CH4%3A1%2CH12%3A1%2CH22%3A1%2CH15%3A1%2CH1%3A0%2CH3%3A0%2CH6%3A0%2CH8%3A0%2CH9%3A0%2CH19%3A0%2CH39%3A0
:path: /static/fonts/adelle_extrabold-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:23 GMT
x-content-type-options: nosniff
content-md5: pvZYCm2WtpqBnLza6UX9jQ==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
content-length: 31864
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:10 GMT
x-frame-options: DENY
etag: "0x8D91A0C1870138A"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-font-woff
access-control-allow-origin: *
x-ms-request-id: 9006b5c9-501e-0067-541b-4c756a000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 lint-mccree2-webfont.woff
app.mural.co/static/fonts/ 33 KB
34 KB 154ms
154ms Font
application/x-font-woff 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/fonts/lint-mccree2-webfont.woff

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

995d0e99046c45cfbb1b3008507e0b1165269d54f83ae249f23dd105f028e7d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: OptanonConsent=isIABGlobal=false&datestamp=Tue+May+18+2021+21%3A22%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=6.13.0&consentId=09773609-b7c5-48c7-b04e-d60077723570&interactionCount=0&landingPath=https%3A%2F%2Fapp.mural.co%2Fembed%2Fb45b8eb7-7b5e-45fc-b753-d85f625af318&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0%2CC0003%3A0&hosts=H10%3A1%2CH40%3A1%2CH4%3A1%2CH12%3A1%2CH22%3A1%2CH15%3A1%2CH1%3A0%2CH3%3A0%2CH6%3A0%2CH8%3A0%2CH9%3A0%2CH19%3A0%2CH39%3A0
:path: /static/fonts/lint-mccree2-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:23 GMT
x-content-type-options: nosniff
content-md5: no4QMmCfbsheOIaKy5f9tA==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
content-length: 34300
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:10 GMT
x-frame-options: DENY
etag: "0x8D91A0C187BD618"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-font-woff
access-control-allow-origin: *
x-ms-request-id: a193e81a-101e-008e-621b-4c896c000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 museo_slab_300-webfont.woff
app.mural.co/static/fonts/ 26 KB
27 KB 153ms
153ms Font
application/x-font-woff 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/fonts/museo_slab_300-webfont.woff

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3267e894d2a28ea3db9af95134346fb65cd5503f2030c4487a7df8852c7c722e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: OptanonConsent=isIABGlobal=false&datestamp=Tue+May+18+2021+21%3A22%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=6.13.0&consentId=09773609-b7c5-48c7-b04e-d60077723570&interactionCount=0&landingPath=https%3A%2F%2Fapp.mural.co%2Fembed%2Fb45b8eb7-7b5e-45fc-b753-d85f625af318&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0%2CC0003%3A0&hosts=H10%3A1%2CH40%3A1%2CH4%3A1%2CH12%3A1%2CH22%3A1%2CH15%3A1%2CH1%3A0%2CH3%3A0%2CH6%3A0%2CH8%3A0%2CH9%3A0%2CH19%3A0%2CH39%3A0
:path: /static/fonts/museo_slab_300-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:23 GMT
x-content-type-options: nosniff
content-md5: 4DyWF4dtzbK2tDclzw9BBw==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
content-length: 26344
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:10 GMT
x-frame-options: DENY
etag: "0x8D91A0C187FCEA7"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-font-woff
access-control-allow-origin: *
x-ms-request-id: 897c16f5-901e-0131-4d1b-4cdb4f000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 museo_slab_700-webfont.woff
app.mural.co/static/fonts/ 26 KB
27 KB 149ms
149ms Font
application/x-font-woff 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/fonts/museo_slab_700-webfont.woff

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

436030565cbfb61c5dffe462dec817707ba5034821bfa35176d13ac6aebc0959

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: OptanonConsent=isIABGlobal=false&datestamp=Tue+May+18+2021+21%3A22%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=6.13.0&consentId=09773609-b7c5-48c7-b04e-d60077723570&interactionCount=0&landingPath=https%3A%2F%2Fapp.mural.co%2Fembed%2Fb45b8eb7-7b5e-45fc-b753-d85f625af318&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0%2CC0003%3A0&hosts=H10%3A1%2CH40%3A1%2CH4%3A1%2CH12%3A1%2CH22%3A1%2CH15%3A1%2CH1%3A0%2CH3%3A0%2CH6%3A0%2CH8%3A0%2CH9%3A0%2CH19%3A0%2CH39%3A0
:path: /static/fonts/museo_slab_700-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:23 GMT
x-content-type-options: nosniff
content-md5: 2k0AuqWZhgyLsynKZ5jLvA==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
content-length: 26832
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:10 GMT
x-frame-options: DENY
etag: "0x8D91A0C1884156E"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-font-woff
access-control-allow-origin: *
x-ms-request-id: 4cfb9b7b-001e-003b-091b-4c8493000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 marker_felt-webfont.woff
app.mural.co/static/fonts/ 38 KB
39 KB 149ms
148ms Font
application/x-font-woff 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/fonts/marker_felt-webfont.woff

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fbca6584c5557cc44fec2343b2ba82f581ce1d236512e2e5545f9cd0d2447f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: OptanonConsent=isIABGlobal=false&datestamp=Tue+May+18+2021+21%3A22%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=6.13.0&consentId=09773609-b7c5-48c7-b04e-d60077723570&interactionCount=0&landingPath=https%3A%2F%2Fapp.mural.co%2Fembed%2Fb45b8eb7-7b5e-45fc-b753-d85f625af318&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0%2CC0003%3A0&hosts=H10%3A1%2CH40%3A1%2CH4%3A1%2CH12%3A1%2CH22%3A1%2CH15%3A1%2CH1%3A0%2CH3%3A0%2CH6%3A0%2CH8%3A0%2CH9%3A0%2CH19%3A0%2CH39%3A0
:path: /static/fonts/marker_felt-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:23 GMT
x-content-type-options: nosniff
content-md5: YPOSO+49TsP/Xwi1D5Rcuw==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
content-length: 39112
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:10 GMT
x-frame-options: DENY
etag: "0x8D91A0C187C244A"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-font-woff
access-control-allow-origin: *
x-ms-request-id: e231ac8b-401e-0073-101b-4cb60e000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 shark_in_the_water__bold-webfont.woff
app.mural.co/static/fonts/ 51 KB
52 KB 155ms
154ms Font
application/x-font-woff 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/fonts/shark_in_the_water__bold-webfont.woff

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f19db5d986ffe5202b806e2eb9bad7bd1ce61ea9cc5c43cb2ad7278fcea6ff32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: OptanonConsent=isIABGlobal=false&datestamp=Tue+May+18+2021+21%3A22%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=6.13.0&consentId=09773609-b7c5-48c7-b04e-d60077723570&interactionCount=0&landingPath=https%3A%2F%2Fapp.mural.co%2Fembed%2Fb45b8eb7-7b5e-45fc-b753-d85f625af318&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0%2CC0003%3A0&hosts=H10%3A1%2CH40%3A1%2CH4%3A1%2CH12%3A1%2CH22%3A1%2CH15%3A1%2CH1%3A0%2CH3%3A0%2CH6%3A0%2CH8%3A0%2CH9%3A0%2CH19%3A0%2CH39%3A0
:path: /static/fonts/shark_in_the_water__bold-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:23 GMT
x-content-type-options: nosniff
content-md5: YHw1F6FXZXkoqV0SPYBx0g==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
content-length: 52084
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:10 GMT
x-frame-options: DENY
etag: "0x8D91A0C18A9596B"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-font-woff
access-control-allow-origin: *
x-ms-request-id: 1da2c684-c01e-0004-451b-4c334f000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 murally-webfont.woff
app.mural.co/static/fonts/ 15 KB
15 KB 154ms
153ms Font
application/x-font-woff 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/fonts/murally-webfont.woff?v=1553526157

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3f3eb2c973905ae5cbc1bf666030320022c308ee19c22b3df6c6ca33239a08eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: OptanonConsent=isIABGlobal=false&datestamp=Tue+May+18+2021+21%3A22%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=6.13.0&consentId=09773609-b7c5-48c7-b04e-d60077723570&interactionCount=0&landingPath=https%3A%2F%2Fapp.mural.co%2Fembed%2Fb45b8eb7-7b5e-45fc-b753-d85f625af318&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0%2CC0003%3A0&hosts=H10%3A1%2CH40%3A1%2CH4%3A1%2CH12%3A1%2CH22%3A1%2CH15%3A1%2CH1%3A0%2CH3%3A0%2CH6%3A0%2CH8%3A0%2CH9%3A0%2CH19%3A0%2CH39%3A0
:path: /static/fonts/murally-webfont.woff?v=1553526157
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.mural.co
Referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:23 GMT
x-content-type-options: nosniff
content-md5: PI2Oc+l62EWFwIBvXXJmxg==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
content-length: 15028
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:10 GMT
x-frame-options: DENY
etag: "0x8D91A0C187FCEA7"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-font-woff
access-control-allow-origin: *
x-ms-request-id: 2bbe4a53-701e-0052-5f1b-4cdb3f000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 client-config Show response
app.mural.co/api/v4/ 2 KB
3 KB 145ms
141ms Fetch
application/json 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/api/v4/client-config?returnUrl=%2Fdashboard

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.e05f27a70b4896b25aa6dcf6ae552f56.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9a24d90bb239d577478eb6b03fe2b4fc944c973c460f4eb519cf225f3f047ecc

Security Headers

Name	Value
Content-Security-Policy	child-src 'self'; connect-src data: https: 'self' .embed.ly .satismeter.com .blob.core.windows.net https://.intercom.io wss://.intercom.io .google-analytics.com .segment.io .intercomcdn.com .g.doubleclick.net .rollbar.com .mural.co wss://.mural.co .cloudimg.io .fullstory.com .pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com .googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' .intercomcdn.com data: .mural.co .gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com .g.doubleclick.net .periscopedata.com .google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: .intercomcdn.com .mural.co .g.doubleclick.net .cloudimg.io https://.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' .intercomcdn.com .gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .google-analytics.com .intercom.io .intercomcdn.com https://js.stripe.com .g.doubleclick.net .cloudflare.com .segment.com .googletagmanager.com .hs-analytics.net .licdn.com .hs-scripts.com .googleadservices.com .gstatic.com .google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com .fullstory.com .mural.co .pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' .mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /api/v4/client-config?returnUrl=%2Fdashboard
pragma: no-cache
cookie: OptanonConsent=isIABGlobal=false&datestamp=Tue+May+18+2021+21%3A22%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=6.13.0&consentId=09773609-b7c5-48c7-b04e-d60077723570&interactionCount=0&landingPath=https%3A%2F%2Fapp.mural.co%2Fembed%2Fb45b8eb7-7b5e-45fc-b753-d85f625af318&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0%2CC0003%3A0&hosts=H10%3A1%2CH40%3A1%2CH4%3A1%2CH12%3A1%2CH22%3A1%2CH15%3A1%2CH1%3A0%2CH3%3A0%2CH6%3A0%2CH8%3A0%2CH9%3A0%2CH19%3A0%2CH39%3A0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json
cache-control: no-cache
sec-fetch-dest: empty
:authority: app.mural.co
referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json
Referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:22:23 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
deprecated-for: GET /api/v0/config
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-protected-by: Sqreen
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
etag: W/"659-tpWY3aFvX0m+iz5pC6rvfHNHEZY"
content-security-policy: child-src 'self'; connect-src data: https: 'self' *.embed.ly *.satismeter.com *.blob.core.windows.net https://*.intercom.io wss://*.intercom.io *.google-analytics.com *.segment.io *.intercomcdn.com *.g.doubleclick.net *.rollbar.com *.mural.co wss://*.mural.co *.cloudimg.io *.fullstory.com *.pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com *.googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' *.intercomcdn.com data: *.mural.co *.gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com *.g.doubleclick.net *.periscopedata.com *.google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: *.intercomcdn.com *.mural.co *.g.doubleclick.net *.cloudimg.io https://*.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' *.intercomcdn.com *.gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.google-analytics.com *.intercom.io *.intercomcdn.com https://js.stripe.com *.g.doubleclick.net *.cloudflare.com *.segment.com *.googletagmanager.com *.hs-analytics.net *.licdn.com *.hs-scripts.com *.googleadservices.com *.gstatic.com *.google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com *.fullstory.com *.mural.co *.pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' *.mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
x-ratelimit-remaining: 29
content-type: application/json; charset=utf-8
x-mural-ly-version: 1.0.0
cache-control: private, no-cache, no-store, must-revalidate
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ratelimit-reset: 1621365744
x-ratelimit-limit: 30
set-cookie: uuid=s%3A10e51f51-a7c9-4161-a049-89f3a11d0ec3.EbPf2Tl2DRiG19CbYdNp9MB2n%2FHFGhHjLdlq4a1nPMg; Path=/; HttpOnly; Secure; SameSite=Lax
x-robots-tag: none
x-content-type-options: nosniff

POST
H2 200 token Show response
app.mural.co/api/v0/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318/ 436 B
3 KB 151ms
151ms Fetch
application/json 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/api/v0/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318/token

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/vendor.f4f2b82490d40c3bc24d11b36c60b39e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5cf0f871e24b711f2628ca045be9fb3a78148088c8c6f53ba6d266471994feae

Security Headers

Name	Value
Content-Security-Policy	child-src 'self'; connect-src data: https: 'self' .embed.ly .satismeter.com .blob.core.windows.net https://.intercom.io wss://.intercom.io .google-analytics.com .segment.io .intercomcdn.com .g.doubleclick.net .rollbar.com .mural.co wss://.mural.co .cloudimg.io .fullstory.com .pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com .googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' .intercomcdn.com data: .mural.co .gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com .g.doubleclick.net .periscopedata.com .google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: .intercomcdn.com .mural.co .g.doubleclick.net .cloudimg.io https://.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' .intercomcdn.com .gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .google-analytics.com .intercom.io .intercomcdn.com https://js.stripe.com .g.doubleclick.net .cloudflare.com .segment.com .googletagmanager.com .hs-analytics.net .licdn.com .hs-scripts.com .googleadservices.com .gstatic.com .google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com .fullstory.com .mural.co .pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' .mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://app.mural.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: uuid=s%3A10e51f51-a7c9-4161-a049-89f3a11d0ec3.EbPf2Tl2DRiG19CbYdNp9MB2n%2FHFGhHjLdlq4a1nPMg; dd_cookie_test_a50b0e58-533c-42c7-a91c-61ce428f7fd3=test; _dd_s=rum=0&expire=1621366643287
content-length: 2
:path: /api/v0/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318/token
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json; charset=utf-8
accept: application/json
x-mural-ly-version: 1.0.0
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json
X-Mural-Ly-Version: 1.0.0
Referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Tue, 18 May 2021 19:22:23 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding Accept-Encoding
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-protected-by: Sqreen
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
etag: W/"1b4-0bfycFDYvf5oMiFwnBzRWIcERlQ"
content-security-policy: child-src 'self'; connect-src data: https: 'self' *.embed.ly *.satismeter.com *.blob.core.windows.net https://*.intercom.io wss://*.intercom.io *.google-analytics.com *.segment.io *.intercomcdn.com *.g.doubleclick.net *.rollbar.com *.mural.co wss://*.mural.co *.cloudimg.io *.fullstory.com *.pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com *.googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' *.intercomcdn.com data: *.mural.co *.gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com *.g.doubleclick.net *.periscopedata.com *.google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: *.intercomcdn.com *.mural.co *.g.doubleclick.net *.cloudimg.io https://*.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' *.intercomcdn.com *.gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.google-analytics.com *.intercom.io *.intercomcdn.com https://js.stripe.com *.g.doubleclick.net *.cloudflare.com *.segment.com *.googletagmanager.com *.hs-analytics.net *.licdn.com *.hs-scripts.com *.googleadservices.com *.gstatic.com *.google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com *.fullstory.com *.mural.co *.pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' *.mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
x-ratelimit-remaining: 28
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.mural.co
x-mural-ly-version: 1.0.0
cache-control: private, no-cache, no-store, must-revalidate
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ratelimit-reset: 1621365744
x-ratelimit-limit: 30
set-cookie: uuid=s%3A10e51f51-a7c9-4161-a049-89f3a11d0ec3.EbPf2Tl2DRiG19CbYdNp9MB2n%2FHFGhHjLdlq4a1nPMg; Path=/; HttpOnly; Secure; SameSite=Lax
x-robots-tag: none
x-content-type-options: nosniff

GET
H2 200 / Show response
js.stripe.com/v3/ 231 KB
55 KB 195ms
46ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/vendor.f4f2b82490d40c3bc24d11b36c60b39e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5563a03e9eb99b59731601c29040ed0caa534d2c44321cf539a568ba1d455752

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://app.mural.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:22:23 GMT
content-encoding: br
vary: Accept-Encoding
age: 290
via: 1.1 varnish
x-cache: HIT
content-length: 55833
x-amz-id-2: 0nV4fIKe1pmRgGTZnumXaXmSo3gi9HFy8rA1KeqfW51ZBYqf6lFrgTQQx6SjaMty4XaJtQJ4JGI=
x-served-by: cache-hhn4073-HHN
timing-allow-origin: *
last-modified: Mon, 17 May 2021 21:29:38 GMT
server: AmazonS3
etag: "180b5ff2ef70f29954d70488a327ebbc"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: C0Z0X9CTWRV3NF4Q
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 489

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.2.10/ 56 KB
16 KB 39ms
18ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.2.10/rollbar.min.js

Requested by

Host: app.mural.co
URL: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

326700d44b2d31b3e1b732dd459e165ff75ca59cd252ec4d3d7aa78843d5925c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://app.mural.co
Referer: https://app.mural.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1718056
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15578
cf-request-id: 0a2286f72900002c19cbad2000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-de2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c%2FOCan60gz8k1Sv3PMtOlIb8nQrxzvTM41x747U4Xga25TT9F1mSF8OHXK01CLs3sHtOj5UpZetc8l%2FTpa%2BXUQoI5f2ExTDKtUBxKai3Sg%2F1cdKPY5E%2BZpKrUp2FwDyb1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 651774384ab92c19-FRA
expires: Sun, 08 May 2022 19:22:23 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/lb2dSUL9nO02qyEYB3HTZGCQTmGHmZSO/ 442 KB
67 KB 208ms
88ms Script
text/javascript 99.86.244.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/lb2dSUL9nO02qyEYB3HTZGCQTmGHmZSO/analytics.min.js
Requested by: Host: app.mural.co
URL: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.244.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-244-81.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dca85cc563d6d2406693abb4961d8396fb84f42050de7cc62712f29af94aa1cc

Request headers

Referer: https://app.mural.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1.MHZresu95m8pqmvpUKuLQfNZV7QsPT
content-encoding: br
etag: W/"be6bbc6f52ceac03a9f6ef0ba159d9c9"
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 18 May 2021 03:54:57 GMT
server: AmazonS3
date: Tue, 18 May 2021 19:22:23 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 6c9f184c491eed5c51abd110e89bd97b.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: GHrqb2e3KUnsQHhpOw2a1xUaNMibIOa61oNPdKGOUmXmnETa4qzfNQ==

GET
H2 200 embed Show response
app.mural.co/api/v0/templates/02d71208-37da-482c-afe6-3b54dc929b5b/ 4 KB
4 KB 154ms
154ms Fetch
application/json 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/api/v0/templates/02d71208-37da-482c-afe6-3b54dc929b5b/embed

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/vendor.f4f2b82490d40c3bc24d11b36c60b39e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d880b407d47bd05c0abce3ee66033fb6008df993cda6cdf37eaa8ad0b416a47b

Security Headers

Name	Value
Content-Security-Policy	child-src 'self'; connect-src data: https: 'self' .embed.ly .satismeter.com .blob.core.windows.net https://.intercom.io wss://.intercom.io .google-analytics.com .segment.io .intercomcdn.com .g.doubleclick.net .rollbar.com .mural.co wss://.mural.co .cloudimg.io .fullstory.com .pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com .googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' .intercomcdn.com data: .mural.co .gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com .g.doubleclick.net .periscopedata.com .google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: .intercomcdn.com .mural.co .g.doubleclick.net .cloudimg.io https://.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' .intercomcdn.com .gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .google-analytics.com .intercom.io .intercomcdn.com https://js.stripe.com .g.doubleclick.net .cloudflare.com .segment.com .googletagmanager.com .hs-analytics.net .licdn.com .hs-scripts.com .googleadservices.com .gstatic.com .google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com .fullstory.com .mural.co .pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' .mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
x-pusher-token: undefined
accept-encoding: gzip, deflate, br
accept-language: en-US
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWJlZEtleSI6ImI0NWI4ZWI3LTdiNWUtNDVmYy1iNzUzLWQ4NWY2MjVhZjMxOCIsImlzRW1iZWQiOnRydWUsInRlbXBsYXRlSWQiOiIwMmQ3MTIwOC0zN2RhLTQ4MmMtYWZlNi0zYjU0ZGM5MjliNWIiLCJ1c2VybmFtZSI6IjdiNDgwNTZmLThlYmItNGRlNS05ZGFjLWQ0YzA5YWIzYjEyNiIsImlhdCI6MTYyMTM2NTc0MywiZXhwIjoxNjIxMzY2MDQzfQ.TnDSDPUQBqzNhsgUrXPj8DGNUJTKGFReHmXV_fSLztY
sec-fetch-dest: empty
cookie: uuid=s%3A10e51f51-a7c9-4161-a049-89f3a11d0ec3.EbPf2Tl2DRiG19CbYdNp9MB2n%2FHFGhHjLdlq4a1nPMg; dd_cookie_test_a50b0e58-533c-42c7-a91c-61ce428f7fd3=test; _dd_s=rum=0&expire=1621366643287
:path: /api/v0/templates/02d71208-37da-482c-afe6-3b54dc929b5b/embed
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json
x-mural-ly-version: 1.0.0
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json
X-Mural-Ly-Version: 1.0.0
Referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWJlZEtleSI6ImI0NWI4ZWI3LTdiNWUtNDVmYy1iNzUzLWQ4NWY2MjVhZjMxOCIsImlzRW1iZWQiOnRydWUsInRlbXBsYXRlSWQiOiIwMmQ3MTIwOC0zN2RhLTQ4MmMtYWZlNi0zYjU0ZGM5MjliNWIiLCJ1c2VybmFtZSI6IjdiNDgwNTZmLThlYmItNGRlNS05ZGFjLWQ0YzA5YWIzYjEyNiIsImlhdCI6MTYyMTM2NTc0MywiZXhwIjoxNjIxMzY2MDQzfQ.TnDSDPUQBqzNhsgUrXPj8DGNUJTKGFReHmXV_fSLztY
X-Pusher-Token: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:22:23 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-protected-by: Sqreen
x-jwt-expires-in: 299
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
etag: W/"1047-jppJujtwr7gWTkE9mfk3EWbKiWk"
content-security-policy: child-src 'self'; connect-src data: https: 'self' *.embed.ly *.satismeter.com *.blob.core.windows.net https://*.intercom.io wss://*.intercom.io *.google-analytics.com *.segment.io *.intercomcdn.com *.g.doubleclick.net *.rollbar.com *.mural.co wss://*.mural.co *.cloudimg.io *.fullstory.com *.pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com *.googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' *.intercomcdn.com data: *.mural.co *.gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com *.g.doubleclick.net *.periscopedata.com *.google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: *.intercomcdn.com *.mural.co *.g.doubleclick.net *.cloudimg.io https://*.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' *.intercomcdn.com *.gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.google-analytics.com *.intercom.io *.intercomcdn.com https://js.stripe.com *.g.doubleclick.net *.cloudflare.com *.segment.com *.googletagmanager.com *.hs-analytics.net *.licdn.com *.hs-scripts.com *.googleadservices.com *.gstatic.com *.google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com *.fullstory.com *.mural.co *.pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' *.mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
x-ratelimit-remaining: 29
content-type: application/json; charset=utf-8
x-mural-ly-version: 1.0.0
cache-control: private, no-cache, no-store, must-revalidate
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ratelimit-reset: 1621365744
x-ratelimit-limit: 30
set-cookie: uuid=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
x-robots-tag: none
x-content-type-options: nosniff

GET
H2 200 m-outer-0369f5784d64b5d8df5e262d4b12f588.html Show response
js.stripe.com/v3/ Frame 0041 215 B
513 B 47ms
47ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cc59d406a4a87dc2cae39fbb74414e4694b7720ee57f4d1b8710e515e65a83e7

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://app.mural.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://app.mural.co/

Response headers

x-amz-id-2: 2z+GVpcKRY92Gq3jeMqLO1I8JdeGujSnxBwbO+h+44RBBxGDeHmQsjtHs7IkP4ZxD/QBMZkj6as=
x-amz-request-id: P5EJ4EHXKX5NZ1VY
last-modified: Mon, 03 May 2021 20:41:45 GMT
etag: "0369f5784d64b5d8df5e262d4b12f588"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Tue, 18 May 2021 19:22:23 GMT
via: 1.1 varnish
age: 111
x-served-by: cache-hhn4073-HHN
x-cache: HIT
x-cache-hits: 425
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 129

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/c6zqfm8h
https://js.intercomcdn.com/shim.latest.js

17 KB
6 KB

414ms
139ms

Script
application/javascript

99.84.219.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.219.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-219-80.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f351be18158bfe59887945debc00cf5824f6e21195f9e755f15d511e8f88edf2

Request headers

Referer: https://app.mural.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 18 May 2021 19:22:22 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 14:47:13 GMT
server: AmazonS3
age: 3
etag: "218c8a38d5bddf1db006985519ee999d"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a929b4bfaa0111e3feb7c4dbffdbd8d8.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: IAD79-C1
accept-ranges: bytes
content-length: 5690
x-amz-cf-id: pZtVuwYDxAODMDOshnpxum-f55sPOD9maZhSpR_TFUJCKH8T6yHOzQ==

Redirect headers

date: Tue, 18 May 2021 19:13:05 GMT
via: 1.1 9a66d849010281b3877fd5f66dbb4720.cloudfront.net (CloudFront)
server: AmazonS3
age: 559
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: VIE50-C2
content-length: 0
x-amz-cf-id: gUbxw006LODzriY6np4KWdM7OfwHQmgV0IpoDkEKZvTj4F3DY41rOw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 85 KB
34 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-656167021

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/lb2dSUL9nO02qyEYB3HTZGCQTmGHmZSO/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

553ecfc610f226ad91fad3e9bd835fb72e3bdea08863a0e7c370c8780bf9c405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://app.mural.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:22:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34208
x-xss-protection: 0
last-modified: Tue, 18 May 2021 18:54:36 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 May 2021 19:22:23 GMT

GET
H2 200 bundle-hash.txt Show response
app.mural.co/static/ 8 B
2 KB 143ms
142ms Fetch
text/plain 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/bundle-hash.txt

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/vendor.f4f2b82490d40c3bc24d11b36c60b39e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fcbe724a400622aa2f01ae69a3a5741890fcb357b1a02c4694d2a8121778b19a

Security Headers

Name	Value
Content-Security-Policy	child-src 'self'; connect-src data: https: 'self' .embed.ly .satismeter.com .blob.core.windows.net https://.intercom.io wss://.intercom.io .google-analytics.com .segment.io .intercomcdn.com .g.doubleclick.net .rollbar.com .mural.co wss://.mural.co .cloudimg.io .fullstory.com .pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com .googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' .intercomcdn.com data: .mural.co .gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com .g.doubleclick.net .periscopedata.com .google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: .intercomcdn.com .mural.co .g.doubleclick.net .cloudimg.io https://.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' .intercomcdn.com .gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .google-analytics.com .intercom.io .intercomcdn.com https://js.stripe.com .g.doubleclick.net .cloudflare.com .segment.com .googletagmanager.com .hs-analytics.net .licdn.com .hs-scripts.com .googleadservices.com .gstatic.com .google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com .fullstory.com .mural.co .pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' .mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/bundle-hash.txt
pragma: no-cache
cookie: dd_cookie_test_a50b0e58-533c-42c7-a91c-61ce428f7fd3=test; _dd_s=rum=0&expire=1621366643287
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: app.mural.co
referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: AJvuNnU2fxLlqgJM1AtIXQ==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:09 GMT
x-frame-options: DENY
etag: W/"0x8D91A0C182452A6"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain
access-control-allow-origin: *
x-ms-request-id: 46a7e8be-701e-0016-7f1b-4c0753000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: no-cache
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
content-security-policy: child-src 'self'; connect-src data: https: 'self' *.embed.ly *.satismeter.com *.blob.core.windows.net https://*.intercom.io wss://*.intercom.io *.google-analytics.com *.segment.io *.intercomcdn.com *.g.doubleclick.net *.rollbar.com *.mural.co wss://*.mural.co *.cloudimg.io *.fullstory.com *.pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com *.googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' *.intercomcdn.com data: *.mural.co *.gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com *.g.doubleclick.net *.periscopedata.com *.google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: *.intercomcdn.com *.mural.co *.g.doubleclick.net *.cloudimg.io https://*.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' *.intercomcdn.com *.gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.google-analytics.com *.intercom.io *.intercomcdn.com https://js.stripe.com *.g.doubleclick.net *.cloudflare.com *.segment.com *.googletagmanager.com *.hs-analytics.net *.licdn.com *.hs-scripts.com *.googleadservices.com *.gstatic.com *.google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com *.fullstory.com *.mural.co *.pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' *.mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 m-outer-b43290c4d50222c50d9f53f06af22482.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0041 1 KB
812 B 50ms
50ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-b43290c4d50222c50d9f53f06af22482.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:22:23 GMT
content-encoding: br
vary: Accept-Encoding
age: 264
via: 1.1 varnish
x-cache: HIT
content-length: 628
x-amz-id-2: m5jOKtdudEchpNXBrLpK2AfGcCyQEiuobX/XM96ZND72GLwqOOSWGwR3bqzUhsXXqa6JIo0eZ5k=
x-served-by: cache-hhn4073-HHN
timing-allow-origin: *
last-modified: Mon, 03 May 2021 20:41:41 GMT
server: AmazonS3
etag: "356a16407e7a019ffdf35f454b7438a9"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: H5T52QBGZYA3EJXT
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 845

GET
H2 200 inner.html Show response
m.stripe.network/ Frame A74E 33 KB
13 KB 297ms
102ms Document
text/html 2600:9000:2199:ac00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-b43290c4d50222c50d9f53f06af22482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2199:ac00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 04 Dec 2020 19:17:49 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Tue, 18 May 2021 19:22:14 GMT
cache-control: public, max-age=300
etag: W/"5fca8b5d-84a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1
x-amz-cf-id: g0YIEBfs7g3eV9ilCS7nFRMNPIuz4kntr9llrONDfweLQ1Pr1gmx7w==
age: 10

GET
H2 200 bundle.0215e95.js Show response
app.mural.co/static/ 452 KB
165 KB 147ms
147ms Script
application/javascript 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/bundle.0215e95.js

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.e05f27a70b4896b25aa6dcf6ae552f56.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

82757ed6046c569310c938a2ef080e9de8cb9f08411a4ce84deb72ca2944df05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/bundle.0215e95.js
pragma: no-cache
cookie: dd_cookie_test_a50b0e58-533c-42c7-a91c-61ce428f7fd3=test; _dd_s=rum=0&expire=1621366643287
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app.mural.co
referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 1FLYKvADL/GyRYBf+lhpQw==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:09 GMT
x-frame-options: DENY
etag: W/"0x8D91A0C18200BE4"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f7c745b2-601e-00a3-111b-4c0aac000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000, immutable
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 assets Show response
app.mural.co/api/v0/templates/02d71208-37da-482c-afe6-3b54dc929b5b/ 815 B
3 KB 156ms
154ms Fetch
application/json 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/api/v0/templates/02d71208-37da-482c-afe6-3b54dc929b5b/assets?acceptCacheable=true

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/vendor.f4f2b82490d40c3bc24d11b36c60b39e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7e2c20a8370b6bf26a51844b529c42eed8864beb173f4110318075d9c54b11da

Security Headers

Name	Value
Content-Security-Policy	child-src 'self'; connect-src data: https: 'self' .embed.ly .satismeter.com .blob.core.windows.net https://.intercom.io wss://.intercom.io .google-analytics.com .segment.io .intercomcdn.com .g.doubleclick.net .rollbar.com .mural.co wss://.mural.co .cloudimg.io .fullstory.com .pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com .googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' .intercomcdn.com data: .mural.co .gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com .g.doubleclick.net .periscopedata.com .google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: .intercomcdn.com .mural.co .g.doubleclick.net .cloudimg.io https://.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' .intercomcdn.com .gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .google-analytics.com .intercom.io .intercomcdn.com https://js.stripe.com .g.doubleclick.net .cloudflare.com .segment.com .googletagmanager.com .hs-analytics.net .licdn.com .hs-scripts.com .googleadservices.com .gstatic.com .google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com .fullstory.com .mural.co .pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' .mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
x-pusher-token: undefined
accept-encoding: gzip, deflate, br
accept-language: en-US
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWJlZEtleSI6ImI0NWI4ZWI3LTdiNWUtNDVmYy1iNzUzLWQ4NWY2MjVhZjMxOCIsImlzRW1iZWQiOnRydWUsInRlbXBsYXRlSWQiOiIwMmQ3MTIwOC0zN2RhLTQ4MmMtYWZlNi0zYjU0ZGM5MjliNWIiLCJ1c2VybmFtZSI6IjdiNDgwNTZmLThlYmItNGRlNS05ZGFjLWQ0YzA5YWIzYjEyNiIsImlhdCI6MTYyMTM2NTc0MywiZXhwIjoxNjIxMzY2MDQzfQ.TnDSDPUQBqzNhsgUrXPj8DGNUJTKGFReHmXV_fSLztY
sec-fetch-dest: empty
cookie: _dd_s=rum=0&expire=1621366643287
:path: /api/v0/templates/02d71208-37da-482c-afe6-3b54dc929b5b/assets?acceptCacheable=true
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json
x-mural-ly-version: 1.0.0
cache-control: no-cache
:authority: app.mural.co
referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json
X-Mural-Ly-Version: 1.0.0
Referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWJlZEtleSI6ImI0NWI4ZWI3LTdiNWUtNDVmYy1iNzUzLWQ4NWY2MjVhZjMxOCIsImlzRW1iZWQiOnRydWUsInRlbXBsYXRlSWQiOiIwMmQ3MTIwOC0zN2RhLTQ4MmMtYWZlNi0zYjU0ZGM5MjliNWIiLCJ1c2VybmFtZSI6IjdiNDgwNTZmLThlYmItNGRlNS05ZGFjLWQ0YzA5YWIzYjEyNiIsImlhdCI6MTYyMTM2NTc0MywiZXhwIjoxNjIxMzY2MDQzfQ.TnDSDPUQBqzNhsgUrXPj8DGNUJTKGFReHmXV_fSLztY
X-Pusher-Token: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:22:24 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding Accept-Encoding
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-protected-by: Sqreen
x-jwt-expires-in: 299
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
etag: W/"32f-aZOuTOWuYPQKkl9Oe4XWsi2P8po"
content-security-policy: child-src 'self'; connect-src data: https: 'self' *.embed.ly *.satismeter.com *.blob.core.windows.net https://*.intercom.io wss://*.intercom.io *.google-analytics.com *.segment.io *.intercomcdn.com *.g.doubleclick.net *.rollbar.com *.mural.co wss://*.mural.co *.cloudimg.io *.fullstory.com *.pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com *.googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' *.intercomcdn.com data: *.mural.co *.gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com *.g.doubleclick.net *.periscopedata.com *.google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: *.intercomcdn.com *.mural.co *.g.doubleclick.net *.cloudimg.io https://*.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' *.intercomcdn.com *.gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.google-analytics.com *.intercom.io *.intercomcdn.com https://js.stripe.com *.g.doubleclick.net *.cloudflare.com *.segment.com *.googletagmanager.com *.hs-analytics.net *.licdn.com *.hs-scripts.com *.googleadservices.com *.gstatic.com *.google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com *.fullstory.com *.mural.co *.pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' *.mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
x-ratelimit-remaining: 28
content-type: application/json; charset=utf-8
x-mural-ly-version: 1.0.0
cache-control: private, no-cache, no-store, must-revalidate
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ratelimit-reset: 1621365744
x-ratelimit-limit: 30
set-cookie: uuid=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
x-robots-tag: none
x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 672303ea8fd7d261512fef31e559fee1752571313dcf62b6f9d9f3bbe8b189e8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 samples-avatar.png
app.mural.co/static/images/ 1 KB
4 KB 145ms
145ms Image
image/png 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.mural.co/static/images/samples-avatar.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7a7ed828780f425ddc0ab9cf9da62995830c02e149d13d2d27a24af2ce2733a5

Security Headers

Name	Value
Content-Security-Policy	child-src 'self'; connect-src data: https: 'self' .embed.ly .satismeter.com .blob.core.windows.net https://.intercom.io wss://.intercom.io .google-analytics.com .segment.io .intercomcdn.com .g.doubleclick.net .rollbar.com .mural.co wss://.mural.co .cloudimg.io .fullstory.com .pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com .googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' .intercomcdn.com data: .mural.co .gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com .g.doubleclick.net .periscopedata.com .google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: .intercomcdn.com .mural.co .g.doubleclick.net .cloudimg.io https://.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' .intercomcdn.com .gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .google-analytics.com .intercom.io .intercomcdn.com https://js.stripe.com .g.doubleclick.net .cloudflare.com .segment.com .googletagmanager.com .hs-analytics.net .licdn.com .hs-scripts.com .googleadservices.com .gstatic.com .google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com .fullstory.com .mural.co .pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' .mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/images/samples-avatar.png
pragma: no-cache
cookie: _dd_s=rum=0&expire=1621366643287
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.mural.co
referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:24 GMT
x-content-type-options: nosniff
content-md5: QGHUkgWaA6agxBm9TfqgjQ==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
content-length: 1313
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:12 GMT
x-frame-options: DENY
etag: "0x8D91A0C198DADFD"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 86b40aad-701e-0034-381b-4c6965000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31556926
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
content-security-policy: child-src 'self'; connect-src data: https: 'self' *.embed.ly *.satismeter.com *.blob.core.windows.net https://*.intercom.io wss://*.intercom.io *.google-analytics.com *.segment.io *.intercomcdn.com *.g.doubleclick.net *.rollbar.com *.mural.co wss://*.mural.co *.cloudimg.io *.fullstory.com *.pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com *.googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' *.intercomcdn.com data: *.mural.co *.gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com *.g.doubleclick.net *.periscopedata.com *.google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: *.intercomcdn.com *.mural.co *.g.doubleclick.net *.cloudimg.io https://*.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' *.intercomcdn.com *.gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.google-analytics.com *.intercom.io *.intercomcdn.com https://js.stripe.com *.g.doubleclick.net *.cloudflare.com *.segment.com *.googletagmanager.com *.hs-analytics.net *.licdn.com *.hs-scripts.com *.googleadservices.com *.gstatic.com *.google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com *.fullstory.com *.mural.co *.pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' *.mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 safari-bg-texture.png
app.mural.co/static/images/ 35 KB
36 KB 153ms
153ms Image
image/png 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.mural.co/static/images/safari-bg-texture.png

Requested by

Host: app.mural.co
URL: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b1d14691b07c3366dde6ac3c50d8709935d860a5af71f99b9a6de7d535b00284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/images/safari-bg-texture.png
pragma: no-cache
cookie: _dd_s=rum=0&expire=1621366643287
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.mural.co
referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.mural.co/static/dist/main.0e83667b5c7fed9a3d4972faa6a53149.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:24 GMT
x-content-type-options: nosniff
content-md5: ZpeKrYthDcCFoWndO0Z0gg==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
content-length: 36290
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:12 GMT
x-frame-options: DENY
etag: "0x8D91A0C198DADFD"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: e8d0c3f0-a01e-0139-5a1b-4cc03c000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31556926
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 gif.worker.0215e95.js
app.mural.co/static/ 12 KB
7 KB 145ms
145ms Other
application/javascript 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/gif.worker.0215e95.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c91c945e21572099eb03ca762c4a34bcb97c27f8a5e601d9edab37b916725686

Security Headers

Name	Value
Content-Security-Policy	child-src 'self'; connect-src data: https: 'self' .embed.ly .satismeter.com .blob.core.windows.net https://.intercom.io wss://.intercom.io .google-analytics.com .segment.io .intercomcdn.com .g.doubleclick.net .rollbar.com .mural.co wss://.mural.co .cloudimg.io .fullstory.com .pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com .googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' .intercomcdn.com data: .mural.co .gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com .g.doubleclick.net .periscopedata.com .google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: .intercomcdn.com .mural.co .g.doubleclick.net .cloudimg.io https://.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' .intercomcdn.com .gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .google-analytics.com .intercom.io .intercomcdn.com https://js.stripe.com .g.doubleclick.net .cloudflare.com .segment.com .googletagmanager.com .hs-analytics.net .licdn.com .hs-scripts.com .googleadservices.com .gstatic.com .google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com .fullstory.com .mural.co .pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' .mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/gif.worker.0215e95.js
pragma: no-cache
cookie: _dd_s=rum=0&expire=1621366643287
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: same-origin
accept: */*
cache-control: no-cache
sec-fetch-dest: worker
:authority: app.mural.co
referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: a4HaOMeFg6P9Nk0DG1lDZw==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:09 GMT
x-frame-options: DENY
etag: W/"0x8D91A0C181CAFB9"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 376b67fe-201e-00a4-3c1b-4cfc29000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000, immutable
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
content-security-policy: child-src 'self'; connect-src data: https: 'self' *.embed.ly *.satismeter.com *.blob.core.windows.net https://*.intercom.io wss://*.intercom.io *.google-analytics.com *.segment.io *.intercomcdn.com *.g.doubleclick.net *.rollbar.com *.mural.co wss://*.mural.co *.cloudimg.io *.fullstory.com *.pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com *.googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' *.intercomcdn.com data: *.mural.co *.gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com *.g.doubleclick.net *.periscopedata.com *.google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: *.intercomcdn.com *.mural.co *.g.doubleclick.net *.cloudimg.io https://*.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' *.intercomcdn.com *.gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.google-analytics.com *.intercom.io *.intercomcdn.com https://js.stripe.com *.g.doubleclick.net *.cloudflare.com *.segment.com *.googletagmanager.com *.hs-analytics.net *.licdn.com *.hs-scripts.com *.googleadservices.com *.gstatic.com *.google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com *.fullstory.com *.mural.co *.pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' *.mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 gif.worker.0215e95.js
app.mural.co/static/ 12 KB
7 KB 148ms
147ms Other
application/javascript 20.42.34.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.mural.co/static/gif.worker.0215e95.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.42.34.181 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c91c945e21572099eb03ca762c4a34bcb97c27f8a5e601d9edab37b916725686

Security Headers

Name	Value
Content-Security-Policy	child-src 'self'; connect-src data: https: 'self' .embed.ly .satismeter.com .blob.core.windows.net https://.intercom.io wss://.intercom.io .google-analytics.com .segment.io .intercomcdn.com .g.doubleclick.net .rollbar.com .mural.co wss://.mural.co .cloudimg.io .fullstory.com .pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com .googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' .intercomcdn.com data: .mural.co .gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com .g.doubleclick.net .periscopedata.com .google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: .intercomcdn.com .mural.co .g.doubleclick.net .cloudimg.io https://.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' .intercomcdn.com .gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .google-analytics.com .intercom.io .intercomcdn.com https://js.stripe.com .g.doubleclick.net .cloudflare.com .segment.com .googletagmanager.com .hs-analytics.net .licdn.com .hs-scripts.com .googleadservices.com .gstatic.com .google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com .fullstory.com .mural.co .pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' .mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/gif.worker.0215e95.js
pragma: no-cache
cookie: _dd_s=rum=0&expire=1621366643287
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: same-origin
accept: */*
cache-control: no-cache
sec-fetch-dest: worker
:authority: app.mural.co
referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.mural.co/embed/b45b8eb7-7b5e-45fc-b753-d85f625af318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 May 2021 19:22:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: a4HaOMeFg6P9Nk0DG1lDZw==
x-recruiting: If you are reading this, you should probably stop what you are doing and head to mural.co/careers
x-ms-meta-buildtime: 2021-05-18T14:49:05.231Z
x-xss-protection: 1; mode=block
x-ms-lease-state: available
x-ms-lease-status: unlocked
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 14:49:09 GMT
x-frame-options: DENY
etag: W/"0x8D91A0C181CAFB9"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a0684387-a01e-003d-2b1b-4c73eb000000
access-control-expose-headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
cache-control: public, max-age=31536000, immutable
feature-policy: camera 'none'; microphone 'self'; geolocation 'none';
x-ms-version: 2013-08-15
content-security-policy: child-src 'self'; connect-src data: https: 'self' *.embed.ly *.satismeter.com *.blob.core.windows.net https://*.intercom.io wss://*.intercom.io *.google-analytics.com *.segment.io *.intercomcdn.com *.g.doubleclick.net *.rollbar.com *.mural.co wss://*.mural.co *.cloudimg.io *.fullstory.com *.pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com *.googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' *.intercomcdn.com data: *.mural.co *.gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com *.g.doubleclick.net *.periscopedata.com *.google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: *.intercomcdn.com *.mural.co *.g.doubleclick.net *.cloudimg.io https://*.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' *.intercomcdn.com *.gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.google-analytics.com *.intercom.io *.intercomcdn.com https://js.stripe.com *.g.doubleclick.net *.cloudflare.com *.segment.com *.googletagmanager.com *.hs-analytics.net *.licdn.com *.hs-scripts.com *.googleadservices.com *.gstatic.com *.google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com *.fullstory.com *.mural.co *.pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' *.mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 frame-modern.7c8e0f51.js Show response
js.intercomcdn.com/ Frame 6EE0 248 KB
67 KB 151ms
150ms Script
application/javascript 99.84.219.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.7c8e0f51.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/c6zqfm8h
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.219.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-219-80.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b948f123f29ff56651a680dcf344d2dc8ee7c68053bc514372ade334b9374e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 18 May 2021 18:47:21 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 14:40:06 GMT
server: AmazonS3
age: 2104
etag: "e32118c513939a53b4de33b688d47829"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a929b4bfaa0111e3feb7c4dbffdbd8d8.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: IAD79-C1
accept-ranges: bytes
content-length: 68066
x-amz-cf-id: 6emtOL_xrfF2aeAxPSaIeULs87gKTObUNzxdW2Z144bEcQ6VRjo1pQ==

GET
H2 200 vendor-modern.e2013c7e.js Show response
js.intercomcdn.com/ Frame 6EE0 124 KB
38 KB 151ms
150ms Script
application/javascript 99.84.219.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.e2013c7e.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/c6zqfm8h
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.219.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-219-80.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0be010567f3e29340348657834743efb5ef0d2a6467b8eadecdbd55a6c8e479c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 18 May 2021 18:20:51 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 14:40:06 GMT
server: AmazonS3
age: 3694
etag: "1ef6c442c2b1371cba83d3191f36dcb9"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a929b4bfaa0111e3feb7c4dbffdbd8d8.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: IAD79-C1
accept-ranges: bytes
content-length: 38340
x-amz-cf-id: mSVJyElBrTBcbk3lj8E1EpaRQ6p-NH4DyaUsLJ836hlX6Tv7ELXH1Q==

GET
H/1.1 200
OK 1621336079211-93.jpeg
murally.blob.core.windows.net/uploads/fmc8602/ 8 KB
9 KB 566ms
156ms Image
image/jpeg 52.239.220.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://murally.blob.core.windows.net/uploads/fmc8602/1621336079211-93.jpeg?se=2021-05-18T19%3A45%3A00Z&sp=r&sv=2018-03-28&sr=b&rscc=public%2C%20max-age%3D600&sig=HNH8Fvt%2BnnwlUffY0JECoOcKcfBWwTXNVDlkxwNgaNY%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.220.64 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7830d666346b077f40bc16d09a26006805c0f403639be8c7d85fd3b2c6a64e43

Request headers

Referer: https://app.mural.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 18 May 2021 19:22:24 GMT
Content-MD5: 3bATvmokYWkzGkOiFtsOFw==
x-ms-server-encrypted: true
Content-Length: 8558
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Tue, 18 May 2021 11:10:17 GMT
Last-Modified: Tue, 18 May 2021 11:10:17 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D919ED84ADBDD0"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: 12dd29b2-101e-0060-7e1b-4c83ef000000
Access-Control-Expose-Headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
Cache-Control: public, max-age=600
x-ms-version: 2018-03-28
Accept-Ranges: bytes

POST
H2 200 6 Show response
m.stripe.com/ Frame A74E 156 B
519 B 629ms
210ms XHR
text/plain 35.155.95.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.155.95.221 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-95-221.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4128ceb3afc0d2b342f1d1fc0ac2c83cc8b194ed2ff1ee4cd5f779e34a97ce48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 18 May 2021 19:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 6EE0 40 KB
6 KB 1549ms
1279ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7c8e0f51.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

d71d022bfda80f15b5685232485c3ef66b315c9314e6ce49464a655a0ced0ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 18 May 2021 19:22:26 GMT
content-encoding: gzip
x-ami-version: ami-037a642543f5d38a5
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 00072jtdph698klgshkg
x-runtime: 1.130709
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"d71d022bfda80f15b5685232485c3ef6"
x-ratelimit-remaining: 13085
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.mural.co
x-intercom-version: 3bee8001781495eda8e3dc3d20b3d923dc125b8c
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1621365750
x-ratelimit-limit: 13333
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

GET
H/1.1 200
OK 1621336079211.jpeg
murally.blob.core.windows.net/uploads/fmc8602/ 18 KB
19 KB 160ms
160ms Image
image/jpeg 52.239.220.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://murally.blob.core.windows.net/uploads/fmc8602/1621336079211.jpeg?se=2021-05-18T19%3A45%3A00Z&sp=r&sv=2018-03-28&sr=b&rscc=public%2C%20max-age%3D600&sig=YhPTfWL8faIZt6AKJxaNDfsj6K8MlW2%2FC5iAZ4bRizM%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.220.64 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7f65a68410be771342d86ecaed086b670cedc2c04e88c0df2ad6e28d463f90f0

Request headers

Referer: https://app.mural.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 18 May 2021 19:22:25 GMT
Content-MD5: 2T9P7bXkbSYoXCdgjXqv3w==
x-ms-server-encrypted: true
Content-Length: 18501
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Tue, 18 May 2021 11:10:13 GMT
Last-Modified: Tue, 18 May 2021 11:10:13 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D919ED82A6E722"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: 12dd29e7-101e-0060-2e1b-4c83ef000000
Access-Control-Expose-Headers: Content-Type,x-ms-blob-type,Access-Control-Allow-Origin,content-disposition,origin,X-Frame-Options,x-requested-with
Cache-Control: public, max-age=600
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/c6zqfm8h
https://js.intercomcdn.com/shim.latest.js

17 KB
6 KB

143ms
142ms

Script
application/javascript

99.84.219.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.219.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-219-80.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f351be18158bfe59887945debc00cf5824f6e21195f9e755f15d511e8f88edf2

Request headers

Referer: https://app.mural.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 18 May 2021 19:22:22 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 14:47:13 GMT
server: AmazonS3
age: 4
etag: "218c8a38d5bddf1db006985519ee999d"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a929b4bfaa0111e3feb7c4dbffdbd8d8.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: IAD79-C1
accept-ranges: bytes
content-length: 5690
x-amz-cf-id: XOSx7aNljbAZby69im4C0rDWhKPGuxlOTm2weTRkhvytqT1NpSb-1w==

Redirect headers

date: Thu, 13 May 2021 12:40:22 GMT
via: 1.1 9a66d849010281b3877fd5f66dbb4720.cloudfront.net (CloudFront)
server: AmazonS3
age: 456124
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: VIE50-C2
content-length: 0
x-amz-cf-id: yXYUng6BdDJcOjlk5aF-1ARgrmXCszvqKYyreKTjGOvDKYquR3FLrQ==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 6EE0 40 KB
6 KB 1114ms
1114ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7c8e0f51.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

190ad4ad5f960e00631af3dc2a26aef8adea1509fea61756b375233b5a307416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 18 May 2021 19:22:27 GMT
content-encoding: gzip
x-ami-version: ami-037a642543f5d38a5
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0009mprdoo8b3298ala0
x-runtime: 0.971907
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"190ad4ad5f960e00631af3dc2a26aef8"
x-ratelimit-remaining: 13042
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.mural.co
x-intercom-version: 3bee8001781495eda8e3dc3d20b3d923dc125b8c
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1621365750
x-ratelimit-limit: 13333
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.mural.co/	1970-01-19 18:22:46	Name: _dd_s Value: rum=0&expire=1621366643287
app.mural.co/	1970-01-19 18:22:45	Name: dd_cookie_test_a50b0e58-533c-42c7-a91c-61ce428f7fd3 Value: test
app.mural.co/	1969-12-31 23:59:59	Name: uuid Value: s%3A10e51f51-a7c9-4161-a049-89f3a11d0ec3.EbPf2Tl2DRiG19CbYdNp9MB2n%2FHFGhHjLdlq4a1nPMg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	child-src 'self'; connect-src data: https: 'self' .embed.ly .satismeter.com .blob.core.windows.net https://.intercom.io wss://.intercom.io .google-analytics.com .segment.io .intercomcdn.com .g.doubleclick.net .rollbar.com .mural.co wss://.mural.co .cloudimg.io .fullstory.com .pingdom.net https://api.stripe.com https://checkout.stripe.com https://itmural-my.sharepoint.com .googleapis.com https://static.thenounproject.com https://heapanalytics.com https://api.onedrive.com https://session.voxeet.com wss://session.voxeet.com https://telemetry.voxeet.com https://dna8twue3dlxq.cloudfront.net https://media.giphy.com https://thumbs.gfycat.com; default-src 'self'; font-src 'self' .intercomcdn.com data: .mural.co .gstatic.com https://heapanalytics.com; frame-src 'self' https://webflow-ondash.mural.co https://js.stripe.com https://hooks.stripe.com .g.doubleclick.net .periscopedata.com .google.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://recaptcha.net https://www.recaptcha.net https://integrations.mural.co https://intercom-sheets.com https://intercom.help; img-src https: data: blob: .intercomcdn.com .mural.co .g.doubleclick.net .cloudimg.io https://.stripe.com https://media.giphy.com; manifest-src 'self'; media-src 'self' .intercomcdn.com .gstatic.com; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .google-analytics.com .intercom.io .intercomcdn.com https://js.stripe.com .g.doubleclick.net .cloudflare.com .segment.com .googletagmanager.com .hs-analytics.net .licdn.com .hs-scripts.com .googleadservices.com .gstatic.com .google.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.hs-banner.com .fullstory.com .mural.co .pingdom.net https://checkout.stripe.com https://dna8twue3dlxq.cloudfront.net https://www.youtube.com https://recaptcha.net https://www.recaptcha.net https://cdn.cookielaw.org https://s.ytimg.com https://static.intercomassets.com https://app.satismeter.com; style-src 'self' 'unsafe-inline' .mural.co https://heapanalytics.com https://static.intercomassets.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_28e0ce00aca544d08d4c53f1235e2517;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
app.mural.co
cdn.cookielaw.org
cdn.segment.com
cdnjs.cloudflare.com
js.intercomcdn.com
js.stripe.com
m.stripe.com
m.stripe.network
murally.blob.core.windows.net
widget.intercom.io
www.googletagmanager.com
13.32.14.75
151.101.112.176
20.42.34.181
2600:9000:2199:ac00:19:7d10:bd80:93a1
2606:4700::6810:125e
2606:4700::6810:9540
2a00:1450:4001:811::2008
35.155.95.221
52.239.220.64
99.83.219.81
99.84.219.80
99.86.244.81
02d99e868342861c05e2fb39feab7a0b1589967b9359f175250c9a0b36a8abd1
078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c
0be010567f3e29340348657834743efb5ef0d2a6467b8eadecdbd55a6c8e479c
0fbca6584c5557cc44fec2343b2ba82f581ce1d236512e2e5545f9cd0d2447f5
190ad4ad5f960e00631af3dc2a26aef8adea1509fea61756b375233b5a307416
1b948f123f29ff56651a680dcf344d2dc8ee7c68053bc514372ade334b9374e0
20f82fc110425129c4e34a161de8e57c10f2e6f1da149123fa08173a41f3ebcd
326700d44b2d31b3e1b732dd459e165ff75ca59cd252ec4d3d7aa78843d5925c
3267e894d2a28ea3db9af95134346fb65cd5503f2030c4487a7df8852c7c722e
3f3eb2c973905ae5cbc1bf666030320022c308ee19c22b3df6c6ca33239a08eb
40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49
4128ceb3afc0d2b342f1d1fc0ac2c83cc8b194ed2ff1ee4cd5f779e34a97ce48
436030565cbfb61c5dffe462dec817707ba5034821bfa35176d13ac6aebc0959
449fef1e9d2dc4efc26fd1fb776355863217613681362ef42da8ea22dec23822
47ddfcf6b4880ba69772793d7a910557d35fe0170be143f6783789990084d961
480889002777fd46e82ea77533779500bc7f363e9a30abcf282392ecf58780e5
553ecfc610f226ad91fad3e9bd835fb72e3bdea08863a0e7c370c8780bf9c405
5563a03e9eb99b59731601c29040ed0caa534d2c44321cf539a568ba1d455752
5cf0f871e24b711f2628ca045be9fb3a78148088c8c6f53ba6d266471994feae
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
672303ea8fd7d261512fef31e559fee1752571313dcf62b6f9d9f3bbe8b189e8
70165753a5181b671f9e9e205883af095621ec10fa445326287a0bfc557c9e01
71f24391b017d4c1615ddce457aa03d34f6592d01a4dbd56affe300be5291be7
7830d666346b077f40bc16d09a26006805c0f403639be8c7d85fd3b2c6a64e43
7a7ed828780f425ddc0ab9cf9da62995830c02e149d13d2d27a24af2ce2733a5
7e2c20a8370b6bf26a51844b529c42eed8864beb173f4110318075d9c54b11da
7f65a68410be771342d86ecaed086b670cedc2c04e88c0df2ad6e28d463f90f0
82757ed6046c569310c938a2ef080e9de8cb9f08411a4ce84deb72ca2944df05
84996c2ef3a6820e1c7826db0ab58d7df5469e625a9b91eda5f324969906c532
8577bfd1a11d1d7c543f73e870e07ccbb636099b253ef62fbcf522329f5befcd
8a835f82ea32330685662b25913377e5a3aef865eef24b012d63c37b27737646
995d0e99046c45cfbb1b3008507e0b1165269d54f83ae249f23dd105f028e7d8
9a24d90bb239d577478eb6b03fe2b4fc944c973c460f4eb519cf225f3f047ecc
9e89917a0ff8421d7afc5a5fdb52511b910a21e9da8eebd5bffeb04e8053f607
a30f50be3aeb5eed565024f83b457aab4915bf067e1392c247b962fe30d028fc
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
b1d14691b07c3366dde6ac3c50d8709935d860a5af71f99b9a6de7d535b00284
b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74
c68badc8df774c15fcd4a725f8d991eb8647b0db82591cc1ccd3c674ee158873
c91c945e21572099eb03ca762c4a34bcb97c27f8a5e601d9edab37b916725686
cbf7c4ac261a905338971475dd7269b016254209290b17bbd1a7f32b9d92baca
cc59d406a4a87dc2cae39fbb74414e4694b7720ee57f4d1b8710e515e65a83e7
ce20ff8753d70e54bcdf6bc62234342406e4749a51d09e716c55c181aaac9e37
d71d022bfda80f15b5685232485c3ef66b315c9314e6ce49464a655a0ced0ff3
d880b407d47bd05c0abce3ee66033fb6008df993cda6cdf37eaa8ad0b416a47b
dca85cc563d6d2406693abb4961d8396fb84f42050de7cc62712f29af94aa1cc
e3a5eb151b45d285901dbe624d3c5334f1786abad8055d9fd65414951134bfcb
e612aa372f898fb817ae4dd237099eaa3c3269bbb31b6fd6a47ccebfac624d81
eae85f305e996aba07104300d1e5b94e663dbba6542dc238bc96760b7a533a3d
f19db5d986ffe5202b806e2eb9bad7bd1ce61ea9cc5c43cb2ad7278fcea6ff32
f351be18158bfe59887945debc00cf5824f6e21195f9e755f15d511e8f88edf2
fba894067c7440b0fb0fe447b3a6e7ef62476606de776ba0461b6acaea78fbd6
fcbe724a400622aa2f01ae69a3a5741890fcb357b1a02c4694d2a8121778b19a

app.mural.co Open in urlscan Pro 20.42.34.181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

33 %IPv6

10 Domains

12 Subdomains

12 IPs

2 Countries

3740 kBTransfer

10794 kBSize

3 Cookies

3 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.mural.co Open in urlscan Pro
20.42.34.181 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

33 %
IPv6

10
Domains

12
Subdomains

12
IPs

2
Countries

3740 kB
Transfer

10794 kB
Size

3
Cookies

54 HTTP transactions
1 data transactions