www.theshift.be Open in urlscan Pro
160.8.18.56 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://czqs-04.na1.hubspotlinks.com/Btc/T8+113/czQS-04/VW6N4341spbNW21-RXz5dwtmSW8XrjSc4FHCQRM1--kr3q90JV1-WJV7Cg-q5W2xmSJy8XMgXtW1R...
Effective URL:
https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm...
Submission: On February 18 via api (February 18th 2022, 12:30:06 pm UTC) from BE — Scanned from DE

Summary HTTP 46 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 46 HTTP transactions. The main IP is 160.8.18.56, located in London, United Kingdom and belongs to SALESFORCE, US. The main domain is www.theshift.be.
TLS certificate: Issued by Gandi Standard SSL CA 2 on August 23rd 2021. Valid for: a year.

This is the only time www.theshift.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6812:1e69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	160.8.18.56 160.8.18.56	14340 (SALESFORCE) (SALESFORCE)
4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
46	6

2 2606:4700::6812:1e69 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

czqs-04.na1.hubspotlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 160.8.18.56 (London, United Kingdom)

ASN14340 (SALESFORCE, US)

www.theshift.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	theshift.be www.theshift.be	3 MB
7	gstatic.com www.gstatic.com fonts.gstatic.com	489 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	25 KB
2	hubspotlinks.com 1 redirects czqs-04.na1.hubspotlinks.com	3 KB
46	4

	Domain	Requested by
34	www.theshift.be	czqs-04.na1.hubspotlinks.com www.theshift.be
6	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.theshift.be www.gstatic.com www.google.com
2	czqs-04.na1.hubspotlinks.com	1 redirects
1	fonts.gstatic.com	www.google.com
46	5

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
hubspotlinks.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
www.theshift.be Gandi Standard SSL CA 2	`2021-08-23` - `2022-08-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
Frame ID: 4CFFA29A1D668A38BFD0937957E41C56
Requests: 31 HTTP requests in this frame

Frame: https://www.theshift.be/apex/GoogleReCaptcha
Frame ID: A5E28210CEFD9A920C3F84CA5B93E71D
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcM4TgbAAAAAJUy13v2XGYK_wu6sCDzJgRzzqxV&co=aHR0cHM6Ly93d3cudGhlc2hpZnQuYmU6NDQz&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=normal&cb=g28mkpym3pe5
Frame ID: FFAE6B8791221AFF15868C43FEC4EE15
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6LcM4TgbAAAAAJUy13v2XGYK_wu6sCDzJgRzzqxV
Frame ID: 681B476C6F185C47E3AFE3A38935CF29
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shift Event: B Corp Info Session

Page URL History Show full URLs

https://czqs-04.na1.hubspotlinks.com/Btc/T8+113/czQS-04/VW6N4341spbNW21-RXz5dwtmSW8XrjSc4FHCQRM1--kr3q90JV1-WJV7C... Page URL
https://czqs-04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/T8+113/czQS-04/VW6N4341spbNW21-RXz5dwtmSW8... HTTP 307
https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_camp... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

46
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

3489 kB
Transfer

9237 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/TheShiftasblvzw/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/theshiftvzwasbl/

Search URL Search Domain Scan URL

URL: https://twitter.com/WeMakeTheShift/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCTPh_D7WeT4KpSKg4zNMKGg

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://czqs-04.na1.hubspotlinks.com/Btc/T8+113/czQS-04/VW6N4341spbNW21-RXz5dwtmSW8XrjSc4FHCQRM1--kr3q90JV1-WJV7Cg-q5W2xmSJy8XMgXtW1RN01B7vBRqqW43hpm74H1xpLW50JBX51hkkP0W6Sn6BG7qf-SLN1rXhShy8RsfN7XT_j76LWjxW2mhfPy6kjT0LW8P8p2t3LTg6yVbxFls4wyQV9N1fzcHkW1YPrW78R1XS8Tp8NVW5K0vrX25__50N53Z8MNGnJ4KVttdhd2N70b_W6rdrNK6bC_WFW90_5D541r126W4XV8FZ5xgVnqVmjKrl5gh9_BW8KqVSq7ps59MN2NWjKKm83F5W8wpj8d7xjHTMMQnPsk3PJW0W3sXvNk7YbMvNW3Ds6DW44_WYmVWv87w7S24r1W7HHYf370TlwtVJmVNX87F4983mVp1 Page URL
https://czqs-04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/T8+113/czQS-04/VW6N4341spbNW21-RXz5dwtmSW8XrjSc4FHCQRM1--kr3q90JV1-WJV7Cg-q5W2xmSJy8XMgXtW1RN01B7vBRqqW43hpm74H1xpLW50JBX51hkkP0W6Sn6BG7qf-SLN1rXhShy8RsfN7XT_j76LWjxW2mhfPy6kjT0LW8P8p2t3LTg6yVbxFls4wyQV9N1fzcHkW1YPrW78R1XS8Tp8NVW5K0vrX25__50N53Z8MNGnJ4KVttdhd2N70b_W6rdrNK6bC_WFW90_5D541r126W4XV8FZ5xgVnqVmjKrl5gh9_BW8KqVSq7ps59MN2NWjKKm83F5W8wpj8d7xjHTMMQnPsk3PJW0W3sXvNk7YbMvNW3Ds6DW44_WYmVWv87w7S24r1W7HHYf370TlwtVJmVNX87F4983mVp1?_ud=dc10dd4c-833e-4a0a-8424-52ea6ab5ca66&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VW6N4341spbNW21-RXz5dwtmSW8XrjSc4FHCQRM1--kr3q90JV1-WJV7Cg-q5W2xmSJy8XMgXtW1RN01B7vBRqqW43hpm74H1xpLW50JBX51hkkP0W6Sn6BG7qf-SLN1rXhShy8RsfN7XT_j76LWjxW2mhfPy6kjT0LW8P8p2t3LTg6yVbxFls4wyQV9N1fzcHkW1... Show response
czqs-04.na1.hubspotlinks.com/Btc/T8+113/czQS-04/ 9 KB
3 KB 529ms
491ms Document
text/html 2606:4700::6812:1e69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://czqs-04.na1.hubspotlinks.com/Btc/T8+113/czQS-04/VW6N4341spbNW21-RXz5dwtmSW8XrjSc4FHCQRM1--kr3q90JV1-WJV7Cg-q5W2xmSJy8XMgXtW1RN01B7vBRqqW43hpm74H1xpLW50JBX51hkkP0W6Sn6BG7qf-SLN1rXhShy8RsfN7XT_j76LWjxW2mhfPy6kjT0LW8P8p2t3LTg6yVbxFls4wyQV9N1fzcHkW1YPrW78R1XS8Tp8NVW5K0vrX25__50N53Z8MNGnJ4KVttdhd2N70b_W6rdrNK6bC_WFW90_5D541r126W4XV8FZ5xgVnqVmjKrl5gh9_BW8KqVSq7ps59MN2NWjKKm83F5W8wpj8d7xjHTMMQnPsk3PJW0W3sXvNk7YbMvNW3Ds6DW44_WYmVWv87w7S24r1W7HHYf370TlwtVJmVNX87F4983mVp1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03ab79498b36ade876a328d618a5ab3b441216a35a419f6ac3538d7481dea57a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 18 Feb 2022 12:29:58 GMT
content-type: text/html;charset=utf-8
x-robots-tag: none
referrer-policy: no-referrer
vary: Accept-Encoding
x-hubspot-correlation-id: 8a134f5b-7eda-4a63-886b-ff553054965a
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6df743986ada3761-MXP
content-encoding: br

GET
H/1.1

200
OK

Primary Request b-corp-info-session Show response
www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/
Redirect Chain

https://czqs-04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/T8+113/czQS-04/VW6N4341spbNW21-RXz5dwtmSW8XrjSc4FHCQRM1--kr3q90JV1-WJV7Cg-q5W2xmSJy8XMgXtW1RN01B7vBRqqW43hpm74H1xpLW50JBX51hkk...
https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2EN...

51 KB
20 KB

964ms
634ms

Document
text/html

160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email

Requested by

Host: czqs-04.na1.hubspotlinks.com
URL: https://czqs-04.na1.hubspotlinks.com/Btc/T8+113/czQS-04/VW6N4341spbNW21-RXz5dwtmSW8XrjSc4FHCQRM1--kr3q90JV1-WJV7Cg-q5W2xmSJy8XMgXtW1RN01B7vBRqqW43hpm74H1xpLW50JBX51hkkP0W6Sn6BG7qf-SLN1rXhShy8RsfN7XT_j76LWjxW2mhfPy6kjT0LW8P8p2t3LTg6yVbxFls4wyQV9N1fzcHkW1YPrW78R1XS8Tp8NVW5K0vrX25__50N53Z8MNGnJ4KVttdhd2N70b_W6rdrNK6bC_WFW90_5D541r126W4XV8FZ5xgVnqVmjKrl5gh9_BW8KqVSq7ps59MN2NWjKKm83F5W8wpj8d7xjHTMMQnPsk3PJW0W3sXvNk7YbMvNW3Ds6DW44_WYmVWv87w7S24r1W7HHYf370TlwtVJmVNX87F4983mVp1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

094b77147d547901ea36e2e2bcac2af670710653a778f204f9f2f9d78168a328

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ import: blob: https://uat-theshiftuat.cs107.force.com/ https://www.linkedin.com/ https://twitter.com https://facebook.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com/gtag/js; object-src 'self' www.google.com; style-src 'self' 'unsafe-inline' https://service.force.com/embeddedservice/ https://fonts.googleapis.com/css2 https://fonts.googleapis.com/css blob: https://theshiftuat.force.com https://testaevent-theshitacevent.cs109.force.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; img-src 'self' data: blob: https://theshift.my.salesforce.com https://theshift--c.documentforce.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://eu45.salesforce.com/icons/ https://www.theshift.be https://theshiftuat.force.com https://testaevent-theshitacevent.cs109.force.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; media-src 'self' blob: https://theshiftuat.force.com https://testaevent-theshitacevent.cs109.force.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; frame-ancestors 'self'; frame-src 'self' https://service.force.com/embeddedservice/ https://eu45.salesforce.com https://sfdc-link-preview-staging.sfdc.sh https://sfdc-link-preview.hk.salesforce.com https://cdn.embedly.com https://www.youtube.com https://player.vimeo.com https://play.vidyard.com https://player.cloudinary.com https://fast.wistia.net https://players.brightcove.net https://s1.adis.ws https://scormanywhere.secure.force.com https://appiniummastertrial.secure.force.com https://*.a.forceusercontent.com/lightningmaps/ https://location.force.com https://theshiftuat.force.com https://testaevent-theshitacevent.cs109.force.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com/ https://theshiftuat.force.com https://testaevent-theshitacevent.cs109.force.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; connect-src 'self' https://theshiftuat.force.com https://testaevent-theshitacevent.cs109.force.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://czqs-04.na1.hubspotlinks.com/Btc/T8+113/czQS-04/VW6N4341spbNW21-RXz5dwtmSW8XrjSc4FHCQRM1--kr3q90JV1-WJV7Cg-q5W2xmSJy8XMgXtW1RN01B7vBRqqW43hpm74H1xpLW50JBX51hkkP0W6Sn6BG7qf-SLN1rXhShy8RsfN7XT_j76LWjxW2mhfPy6kjT0LW8P8p2t3LTg6yVbxFls4wyQV9N1fzcHkW1YPrW78R1XS8Tp8NVW5K0vrX25__50N53Z8MNGnJ4KVttdhd2N70b_W6rdrNK6bC_WFW90_5D541r126W4XV8FZ5xgVnqVmjKrl5gh9_BW8KqVSq7ps59MN2NWjKKm83F5W8wpj8d7xjHTMMQnPsk3PJW0W3sXvNk7YbMvNW3Ds6DW44_WYmVWv87w7S24r1W7HHYf370TlwtVJmVNX87F4983mVp1

Response headers

Date: Fri, 18 Feb 2022 12:29:59 GMT
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Strict-Transport-Security: max-age=63072004; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ import: blob: https://uat-theshiftuat.cs107.force.com/ https://www.linkedin.com/ https://twitter.com https://facebook.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com/gtag/js; object-src 'self' www.google.com; style-src 'self' 'unsafe-inline' https://service.force.com/embeddedservice/ https://fonts.googleapis.com/css2 https://fonts.googleapis.com/css blob: https://theshiftuat.force.com https://testaevent-theshitacevent.cs109.force.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; img-src 'self' data: blob: https://theshift.my.salesforce.com https://theshift--c.documentforce.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://eu45.salesforce.com/icons/ https://www.theshift.be https://theshiftuat.force.com https://testaevent-theshitacevent.cs109.force.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; media-src 'self' blob: https://theshiftuat.force.com https://testaevent-theshitacevent.cs109.force.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; frame-ancestors 'self'; frame-src 'self' https://service.force.com/embeddedservice/ https://eu45.salesforce.com https://sfdc-link-preview-staging.sfdc.sh https://sfdc-link-preview.hk.salesforce.com https://cdn.embedly.com https://www.youtube.com https://player.vimeo.com https://play.vidyard.com https://player.cloudinary.com https://fast.wistia.net https://players.brightcove.net https://s1.adis.ws https://scormanywhere.secure.force.com https://appiniummastertrial.secure.force.com https://*.a.forceusercontent.com/lightningmaps/ https://location.force.com https://theshiftuat.force.com https://testaevent-theshitacevent.cs109.force.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com/ https://theshiftuat.force.com https://testaevent-theshitacevent.cs109.force.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; connect-src 'self' https://theshiftuat.force.com https://testaevent-theshitacevent.cs109.force.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com
Referrer-Policy: origin-when-cross-origin
Content-Language: fr
Expires: Thu, 18 Feb 2021 12:30:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Origin, Accept-Encoding
Last-Modified: Thu, 18 Feb 2021 12:30:00 GMT
Link: </s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.5.13-236.0-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22h19-qjHWUA0WTivqZP4qxg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%221730203071%22%7D/app.js>;rel=preload;as=script;nopush
X-FRAME-OPTIONS: SAMEORIGIN
Server-Timing: Total;dur=577
Timing-Allow-Origin: *
Content-Encoding: gzip
Transfer-Encoding: chunked

Redirect headers

date: Fri, 18 Feb 2022 12:29:59 GMT
location: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
x-robots-tag: none
link: <https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email>; rel="canonical"
referrer-policy: no-referrer
x-hubspot-correlation-id: e59e410e-d5c8-447c-9b18-77acb930d06f
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6df7439b9a4d3761-MXP

GET
H/1.1 200
OK aura_prod.js Show response
www.theshift.be/s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/ 753 KB
238 KB 19ms
19ms Script
text/javascript 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

f6985d6c3d1d7c67add8e7ddc3deb8ac114fcbf16a99f076b784fe42781cbd16

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 11:30:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3591
Server-Timing: Total;dur=39
Content-Length: 243063
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 11:30:09 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server-Timing
Cache-Control: max-age=31536000,public,immutable
Timing-Allow-Origin: *

GET
H/1.1 200
OK app.js Show response
www.theshift.be/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.5.13-236.0-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7... 2 MB
448 KB 370ms
324ms Script
text/javascript 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.5.13-236.0-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22h19-qjHWUA0WTivqZP4qxg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%221730203071%22%7D/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

ac0168081aeabb8818b69852308eab297ae2bf380adb687736d1f497eebc8e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:30:00 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 12:30:00 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000,public,immutable
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fonts.css
www.theshift.be/s/sfsites/runtimedownload/ 0
500 B 78ms
56ms Stylesheet
text/css 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/sfsites/runtimedownload/fonts.css?lastMod=1629881528000&brandSet=c91b6c7c-97fb-4c90-b0f3-a9d9f9bc70a7

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:30:00 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 25 Aug 2021 08:52:08 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/css; charset=utf-8
Cache-Control: public,max-age=31536000
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sat, 18 Feb 2023 12:30:00 GMT

GET
H/1.1 200
OK resources.js Show response
www.theshift.be/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22QbIGjbUweWP5tLmFUE_dTw%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2F... 3 KB
2 KB 231ms
195ms Script
text/javascript 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

b6dce8a9d45a7dd8716b02d73657b621c61df8e0d1ffaacfc09fdfc01fbeb2da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:30:00 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 12:30:00 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000,private,immutable
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.js Show response
www.theshift.be/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22QbIGjbUweWP5tLmFUE_dTw%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2F... 656 KB
139 KB 959ms
924ms Script
text/javascript 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22QbIGjbUweWP5tLmFUE_dTw%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22h19-qjHWUA0WTivqZP4qxg%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22Atq2ZmBti8_SYAELkfKeiA%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%221730203071%22%7D/bootstrap.js?aura.attributes=%7B%22schema%22%3A%22Published%22%2C%22brandingSetId%22%3A%22c91b6c7c-97fb-4c90-b0f3-a9d9f9bc70a7%22%2C%22authenticated%22%3A%22false%22%2C%22ac%22%3A%22%22%2C%22formFactor%22%3A%22LARGE%22%2C%22publishedChangelistNum%22%3A%22172%22%2C%22viewType%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22language%22%3A%22fr%22%2C%22isHybrid%22%3A%22false%22%2C%22pageId%22%3A%2264f05f40-6d34-418f-9421-f76ea9680962%22%7D

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

8aa93074a07473bfda41e0f9a070216e6712c35e44380ba24deffcc064fa62a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:30:00 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 12:30:00 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=900,public
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app.css
www.theshift.be/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22h19-qjHWUA0W... 981 KB
121 KB 206ms
206ms Stylesheet
text/css 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22h19-qjHWUA0WTivqZP4qxg%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityFormFactorLarge%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AsldsFontOverride%22%5D%2C%22tuid%22%3A%22VPPs26GnHmOjKv79IGr9sA%22%2C%22cuid%22%3A1739878605%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css?aura.attributes=%7B%22schema%22%3A%22Published%22%2C%22brandingSetId%22%3A%22c91b6c7c-97fb-4c90-b0f3-a9d9f9bc70a7%22%2C%22authenticated%22%3A%22false%22%2C%22ac%22%3A%22%22%2C%22formFactor%22%3A%22LARGE%22%2C%22publishedChangelistNum%22%3A%22172%22%2C%22viewType%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22language%22%3A%22fr%22%2C%22isHybrid%22%3A%22false%22%2C%22pageId%22%3A%2264f05f40-6d34-418f-9421-f76ea9680962%22%7D&2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

2a29e9bc5fa19645de9c24c47e4b9a6191e6183068828bd3af07b3e11219b212

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:30:00 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 12:30:00 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/css;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000,public,immutable
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK aura Show response
www.theshift.be/s/sfsites/ 562 KB
134 KB 271ms
270ms XHR
application/json 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableComponentLoaderController%2FACTION%24getPageComponent%22%2C%22callingDescriptor%22%3A%22UNKNOWN%22%2C%22params%22%3A%7B%22attributes%22%3A%7B%22viewId%22%3A%225df3193f-c0b5-482f-a55e-1429134a3868%22%2C%22routeType%22%3A%22detail-a0L%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22params%22%3A%7B%22language%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_medium%22%3A%22%22%2C%22_hsmi%22%3A%22%22%2C%22_hsenc%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22utm_source%22%3A%22%22%2C%22viewid%22%3A%226bc317ca-cf34-4c94-821a-39c32a7049f6%22%2C%22view_uddid%22%3A%22%22%2C%22entity_name%22%3A%22%22%2C%22audience_name%22%3A%22%22%2C%22recordId%22%3A%22%22%2C%22recordName%22%3A%22%22%2C%22picasso_id%22%3A%22%22%2C%22routeId%22%3A%22%22%7D%2C%22hasAttrVaringCmps%22%3Afalse%2C%22pageLoadType%22%3A%22STANDARD_PAGE_CONTENT%22%2C%22includeLayout%22%3Atrue%7D%2C%22publishedChangelistNum%22%3A172%2C%22brandingSetId%22%3A%22c91b6c7c-97fb-4c90-b0f3-a9d9f9bc70a7%22%7D%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%22QbIGjbUweWP5tLmFUE_dTw%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22h19-qjHWUA0WTivqZP4qxg%22%7D%2C%22apck%22%3A%22Atq2ZmBti8_SYAELkfKeiA%22%2C%22uad%22%3Afalse%7D&aura.isAction=true

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

ab56ca2343dbcc4d020e38ed3e2244952d73379f9038f05803f518e2143a4ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: 426e3a36-fa7e-4c9e-85b3-abd1e7615ea2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:30:01 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 12:30:01 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800,public
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 18 Feb 2021 12:30:01 GMT

POST
H/1.1 200
OK aura Show response
www.theshift.be/s/sfsites/ 975 KB
230 KB 224ms
223ms XHR
application/json 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/sfsites/aura?r=1&aura.Component.getComponentDef=1

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

907cbd16264a24480d635ae557adb16b842ed453e7ea178d8847266eb0e94185

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
X-SFDC-Page-Cache: a27dae79c850bd0d
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: 426e3a36-fa7e-4c9e-85b3-abd1e7615ea2
X-SFDC-Request-Id: 26200000008217706f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 18 Feb 2022 12:30:01 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 12:30:01 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 18 Feb 2021 12:30:01 GMT

GET
H/1.1 200
OK ShiftGreen
www.theshift.be/file-asset/ 2 KB
3 KB 141ms
141ms Image
image/png 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theshift.be/file-asset/ShiftGreen?v=1&height=300&width=300

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

ad7b310713775a97debb134fb758d1086a978e50be850064f7c7d6b8fc38bf03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:30:01 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 15 Jun 2021 07:08:54 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="ShiftGreen.png"; filename*=utf-8''ShiftGreen.png
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: image/png
Content-Length: 2460
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Apr 2022 12:30:01 GMT

GET
H/1.1 200
OK ArchivoRegular
www.theshift.be/s/sfsites/c/resource/ 92 KB
93 KB 118ms
118ms Font
application/octet-stream 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/sfsites/c/resource/ArchivoRegular

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

71d2c43785b3c46fa509df2e53cca95eae67bac116e334a746a8f2264f2e79bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM 'self'
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
Origin: https://www.theshift.be
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:30:01 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 15 Jun 2021 08:14:33 GMT
X-FRAME-OPTIONS: ALLOW-FROM 'self'
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/octet-stream
Content-Length: 94384
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Apr 2022 12:30:01 GMT

GET
H/1.1 200
OK TS_JoinUs_Background
www.theshift.be/resource/1623731717000/ 1 MB
1 MB 226ms
226ms Image
image/jpeg 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theshift.be/resource/1623731717000/TS_JoinUs_Background

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

ceedd5e1490b3003935dbfe132335e2ebbce49c4f0e771f09adef54164feb194

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:30:01 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 15 Jun 2021 04:35:17 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: image/jpeg
Content-Length: 1405776
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Apr 2022 12:30:01 GMT

GET
H/1.1 200
OK GoogleReCaptcha Show response
www.theshift.be/apex/ Frame A5E2 1 KB
1 KB 135ms
97ms Document
text/html 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/apex/GoogleReCaptcha

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

/ Salesforce.com ApexPages

Resource Hash

b340efde51f2b2f05453c9f85476c648aed2bc6dfa9b72c3cc31eec609d78171

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email

Response headers

Date: Fri, 18 Feb 2022 12:30:01 GMT
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Strict-Transport-Security: max-age=63072004; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests frame-ancestors 'self'
Referrer-Policy: origin-when-cross-origin
X-Powered-By: Salesforce.com ApexPages
P3P: CP="CUR OTR STA"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H/1.1 200
OK TS_Combobox_CSS
www.theshift.be/resource/1623731717000/ 360 B
720 B 99ms
18ms Stylesheet
text/css 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/resource/1623731717000/TS_Combobox_CSS

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

ac9c2834bf0befd333880f17939afdc61c3381eeb2d982659dfa6fd774d000b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:02:55 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 15 Jun 2021 04:35:17 GMT
Age: 1626
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/css
Vary: Accept-Encoding
Content-Length: 201
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Apr 2022 12:02:55 GMT

GET
H/1.1 200
OK TS_White_Logo_PNG
www.theshift.be/resource/1623731718000/ 2 KB
2 KB 163ms
160ms Image
image/png 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theshift.be/resource/1623731718000/TS_White_Logo_PNG

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

92623c3bc4f3e23d06470d850803c4d62aae04260795d8662240cad806f06c47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:30:01 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 15 Jun 2021 04:35:18 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: image/png
Content-Length: 1844
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Apr 2022 12:30:01 GMT

GET
H/1.1 200
OK TS_Facebook_PNG
www.theshift.be/resource/1623731717000/ 1001 B
1 KB 228ms
198ms Image
image/png 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theshift.be/resource/1623731717000/TS_Facebook_PNG

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

66bf09a10c71119ffdc31c56d15806550f895e3ed044f3eaaca56237f10a09bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:30:01 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 15 Jun 2021 04:35:17 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: image/png
Content-Length: 1001
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Apr 2022 12:30:01 GMT

GET
H/1.1 200
OK TS_LinkedIn_PNG
www.theshift.be/resource/1623731717000/ 1 KB
1 KB 176ms
157ms Image
image/png 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theshift.be/resource/1623731717000/TS_LinkedIn_PNG

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

3631c86236c88f5b9cfe97b56855ab255578d08baea0f64bc311614f07e757b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:30:02 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 15 Jun 2021 04:35:17 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: image/png
Content-Length: 1035
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Apr 2022 12:30:02 GMT

GET
H/1.1 200
OK TS_Twitter_PNG
www.theshift.be/resource/1623731718000/ 1 KB
1 KB 44ms
18ms Image
image/png 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theshift.be/resource/1623731718000/TS_Twitter_PNG

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

51328e8ea076d32dc13d59bb3b75834eeb65bf344c57e9401c4bb15c2dcdf897

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:25:40 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 15 Jun 2021 04:35:18 GMT
Age: 262
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: image/png
Content-Length: 1062
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Apr 2022 12:25:40 GMT

GET
H/1.1 200
OK TS_Youtube_PNG
www.theshift.be/resource/1623731718000/ 993 B
1 KB 18ms
18ms Image
image/png 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theshift.be/resource/1623731718000/TS_Youtube_PNG

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

ba2b90c5d3565ee8856e49c11d85ec5f36e322b7a708b60289eaa0569be18167

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 11:38:51 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 15 Jun 2021 04:35:18 GMT
Age: 3071
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: image/png
Content-Length: 993
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Apr 2022 11:38:51 GMT

POST
H/1.1 200
OK aura Show response
www.theshift.be/s/sfsites/ 114 KB
32 KB 604ms
536ms XHR
application/json 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/sfsites/aura?r=2&aura.ApexAction.execute=1&aura.Component.getComponent=1&ui-communities-components-aura-components-forceCommunity-navigationMenu.NavigationMenuDataProvider.getNavigationMenu=2&ui-communities-components-aura-components-forceCommunity-themeHeader.ThemeHeader.getHeaderConfig=1&ui-force-components-controllers-hostConfig.HostConfig.getConfigData=1

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

e90aee81d7a76e1b6650a52f20e4098c447fbb341101b7abff602c326265eea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
X-SFDC-Page-Cache: a27dae79c850bd0d
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: 426e3a36-fa7e-4c9e-85b3-abd1e7615ea2
X-SFDC-Request-Id: 272029000024bb22c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 18 Feb 2022 12:30:01 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 12:30:01 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=472
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 18 Feb 2021 12:30:01 GMT

POST
H/1.1 200
OK aura Show response
www.theshift.be/s/sfsites/ 2 KB
2 KB 268ms
230ms XHR
application/json 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/sfsites/aura?r=3&ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

1e90f0dc3d026dda5059fa3eba00f38b6ce4c59d5daa3b0925949159c3fee953

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
X-SFDC-Page-Cache: a27dae79c850bd0d
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: 426e3a36-fa7e-4c9e-85b3-abd1e7615ea2
X-SFDC-Request-Id: 2756200000f2aaa6d2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 18 Feb 2022 12:30:01 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 12:30:01 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=142
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 18 Feb 2021 12:30:01 GMT

POST
H/1.1 200
OK aura Show response
www.theshift.be/s/sfsites/ 20 KB
5 KB 666ms
584ms XHR
application/json 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/sfsites/aura?r=4&ui-comm-runtime-components-aura-components-siteforce-qb.Quarterback.validateRoute=1&ui-communities-components-aura-components-forceCommunity-seoAssistant.SeoAssistant.getRecordAndTranslationData=1&ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

aeb659a27f6fb84f28dbb0118edb08d31c29852bd1f48bd9aecd29679eeed0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
X-SFDC-Page-Cache: a27dae79c850bd0d
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: 426e3a36-fa7e-4c9e-85b3-abd1e7615ea2
X-SFDC-Request-Id: 28367900009dec7854
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 18 Feb 2022 12:30:01 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 12:30:01 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=527
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 18 Feb 2021 12:30:01 GMT

GET
H/1.1 200
OK TS_RichTextBackground
www.theshift.be/resource/1623731718000/ 359 B
702 B 73ms
34ms Stylesheet
text/css 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/resource/1623731718000/TS_RichTextBackground

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

b34446e846aedf36bf675fa54a73c1904f8ed9db40c686a6a0498dc789dc6a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:24:08 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 15 Jun 2021 04:35:18 GMT
Age: 353
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/css
Vary: Accept-Encoding
Content-Length: 184
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Apr 2022 12:24:08 GMT

POST
H/1.1 200
OK aura Show response
www.theshift.be/s/sfsites/ 10 KB
3 KB 240ms
129ms XHR
application/json 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/sfsites/aura?r=5&aura.ApexAction.execute=2

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

68beeb8a099760bdbf137288ac670e468ff1212f35d3a7f0808922ca0bec21ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
X-SFDC-Page-Cache: a27dae79c850bd0d
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: 426e3a36-fa7e-4c9e-85b3-abd1e7615ea2
X-SFDC-Request-Id: 2847500000d5a3f035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 18 Feb 2022 12:30:01 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 12:30:01 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=85
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 18 Feb 2021 12:30:01 GMT

POST
H/1.1 200
OK aura Show response
www.theshift.be/s/sfsites/ 1 KB
1 KB 281ms
104ms XHR
application/json 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/sfsites/aura?r=6&aura.ApexAction.execute=1

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

c0f612e5468013bca97ff53925f7dac95621c02d1704e9431495d6c567f7ac33

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
X-SFDC-Page-Cache: a27dae79c850bd0d
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: 426e3a36-fa7e-4c9e-85b3-abd1e7615ea2
X-SFDC-Request-Id: 2848600000f1d97949
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 18 Feb 2022 12:30:02 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 12:30:02 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=59
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 18 Feb 2021 12:30:02 GMT

GET
H/1.1 200
OK stub.js Show response
www.theshift.be/static/111213/js/perf/ Frame A5E2 1 KB
1 KB 241ms
87ms Script
application/x-javascript 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/static/111213/js/perf/stub.js

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/apex/GoogleReCaptcha

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/apex/GoogleReCaptcha
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:30:02 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Dec 2014 19:28:42 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sat, 18 Jun 2022 12:30:02 GMT

GET
H/1.1 200
OK NetworkTracking.js Show response
www.theshift.be/jslibrary/1635874030236/sfdc/ Frame A5E2 4 KB
2 KB 223ms
18ms Script
application/x-javascript 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/jslibrary/1635874030236/sfdc/NetworkTracking.js

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/apex/GoogleReCaptcha

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

42dd8dc296f0639d42d5bfbed2b46955b3eee445c257b25e624dd812fdba4f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/apex/GoogleReCaptcha
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:02:29 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 14 Feb 2022 22:02:58 GMT
Age: 1653
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1546
X-XSS-Protection: 1; mode=block
Expires: Sat, 18 Jun 2022 12:02:29 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame A5E2 907 B
986 B 47ms
24ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/apex/GoogleReCaptcha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9d0c19469fd38e9d0376f60145ef222fb9ba4517f8fffe7bd0fe54f9ea1fe686

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 573
x-xss-protection: 1; mode=block
expires: Fri, 18 Feb 2022 12:30:01 GMT

POST
H/1.1 200
OK aura Show response
www.theshift.be/s/sfsites/ 132 KB
9 KB 558ms
371ms XHR
application/json 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/sfsites/aura?r=7&aura.ApexAction.execute=1&aura.RecordUi.getObjectInfo=4

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

c5a1d56c8747b61964d6ca253f9f5b16250f275a1134415625aa8cbcef41d577

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
X-SFDC-Page-Cache: a27dae79c850bd0d
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: 426e3a36-fa7e-4c9e-85b3-abd1e7615ea2
X-SFDC-Request-Id: 29008900000a4baa56
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 18 Feb 2022 12:30:02 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 12:30:02 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=301
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 18 Feb 2021 12:30:02 GMT

GET
H/1.1 200
OK rtaImage
www.theshift.be/servlet/ 98 KB
98 KB 112ms
101ms Image
image/jpeg 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theshift.be/servlet/rtaImage?eid=a0L7R00000yGmP9&feoid=00N7R000009JPdh&refid=0EM7R000006PpZU

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

b89d8de1349d1bf97bd8b6d114baeaf8decaa7595d9cd592ad0baea492541c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:30:02 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 5 Jan 2022 15:25:25 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: image/jpeg
Content-Length: 100405
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Apr 2022 12:30:02 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame A5E2 357 KB
142 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theshift.be/
Origin: https://www.theshift.be
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:58:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144562
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 10:58:40 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame FFAE 43 KB
23 KB 30ms
29ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcM4TgbAAAAAJUy13v2XGYK_wu6sCDzJgRzzqxV&co=aHR0cHM6Ly93d3cudGhlc2hpZnQuYmU6NDQz&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=normal&cb=g28mkpym3pe5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

34051b18e2de5c53a6f6941d16b1fcc554918884496dc78647a20ffd83d640c1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KCdB0eJyG2EHB1BgGA6lCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Feb 2022 12:30:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-KCdB0eJyG2EHB1BgGA6lCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22888
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame FFAE 51 KB
24 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcM4TgbAAAAAJUy13v2XGYK_wu6sCDzJgRzzqxV&co=aHR0cHM6Ly93d3cudGhlc2hpZnQuYmU6NDQz&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=normal&cb=g28mkpym3pe5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:58:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 10:58:34 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame FFAE 357 KB
141 KB 26ms
11ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:58:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144562
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 10:58:40 GMT

GET
DATA 200
OK truncated
/ Frame FFAE 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FFAE 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame FFAE 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 03:05:30 GMT
x-content-type-options: nosniff
age: 206672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 23 Feb 2022 03:05:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FFAE 15 KB
16 KB 27ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 263517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 11:18:05 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame FFAE 102 B
134 B 17ms
16ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a07361b9992cee19b55676bde1d128c8cec6864ba8e9f158ba8eef071d36f107

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcM4TgbAAAAAJUy13v2XGYK_wu6sCDzJgRzzqxV&co=aHR0cHM6Ly93d3cudGhlc2hpZnQuYmU6NDQz&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=normal&cb=g28mkpym3pe5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 18 Feb 2022 12:30:02 GMT

GET
H/1.1 200
OK ShiftGreen
www.theshift.be/file-asset/ 2 KB
3 KB 342ms
342ms Image
image/png 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theshift.be/file-asset/ShiftGreen?v=1&height=300&width=300

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

ad7b310713775a97debb134fb758d1086a978e50be850064f7c7d6b8fc38bf03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:30:02 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 15 Jun 2021 07:08:54 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="ShiftGreen.png"; filename*=utf-8''ShiftGreen.png
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: image/png
Content-Length: 2460
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Apr 2022 12:30:02 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 681B 7 KB
1 KB 20ms
20ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6LcM4TgbAAAAAJUy13v2XGYK_wu6sCDzJgRzzqxV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7eda8fb9c3f3b2eb4779b7e998cff12a7d74d8672cfd9b2b33de0a3368590452

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-go06CXCJ8lXYPLD4TlXuKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Feb 2022 12:30:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-go06CXCJ8lXYPLD4TlXuKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1113
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK TS_RichTextBackground
www.theshift.be/resource/1623731718000/ 359 B
702 B 21ms
21ms Stylesheet
text/css 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/resource/1623731718000/TS_RichTextBackground

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

b34446e846aedf36bf675fa54a73c1904f8ed9db40c686a6a0498dc789dc6a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:24:08 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 15 Jun 2021 04:35:18 GMT
Age: 354
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/css
Vary: Accept-Encoding
Content-Length: 184
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Apr 2022 12:24:08 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame 681B 51 KB
24 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6LcM4TgbAAAAAJUy13v2XGYK_wu6sCDzJgRzzqxV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:58:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 10:58:34 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame 681B 357 KB
141 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6LcM4TgbAAAAAJUy13v2XGYK_wu6sCDzJgRzzqxV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:58:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144562
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 10:58:40 GMT

POST
H/1.1 200
OK aura Show response
www.theshift.be/s/sfsites/ 2 KB
1 KB 249ms
231ms XHR
application/json 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/sfsites/aura?r=8&ui-instrumentation-components-beacon.InstrumentationBeacon.sendData=1

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

b5f477948223d43f703fce908218c24537406e9b43d6017c9b24fe9b4b5005be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
X-SFDC-Page-Cache: a27dae79c850bd0d
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: 426e3a36-fa7e-4c9e-85b3-abd1e7615ea2
X-SFDC-Request-Id: 3580500000d9c99f58
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 18 Feb 2022 12:30:02 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 12:30:02 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=103
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 18 Feb 2021 12:30:02 GMT

POST
H/1.1 200
OK aura Show response
www.theshift.be/s/sfsites/ 1 KB
1 KB 67ms
67ms XHR
application/json 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/s/sfsites/aura?r=9&ui-comm-runtime-components-aura-components-siteforce-network-tracking.NetworkTracking.createLogRecord=1

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/s/sfsites/auraFW/javascript/QbIGjbUweWP5tLmFUE_dTw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

dd38f3d52f0fee2dac193286489fcb7304255ac13f7abf288e371ea051dd5113

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theshift.be/s/ts-shift-event/a0L7R00000yGmP9UAK/b-corp-info-session?language=fr&utm_campaign=NEWSLETTERS&utm_medium=email&_hsmi=204342658&_hsenc=p2ANqtz-94px0ffSEX_1TV89z43lNwCOVmHZq2ENtV9dSa5EnQIBob-NavoqmssfRSYp9lNtXEr8DzCIOZ3g1R7Of9yFZePyZPAQ&utm_content=204342658&utm_source=hs_email
X-SFDC-Page-Cache: a27dae79c850bd0d
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: 426e3a36-fa7e-4c9e-85b3-abd1e7615ea2
X-SFDC-Request-Id: 3584290000ae629444
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 18 Feb 2022 12:30:02 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 12:30:02 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=22
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 18 Feb 2021 12:30:02 GMT

POST
H/1.1 204
No Content NetworkTrackingServlet Show response
www.theshift.be/_ui/networks/tracking/ Frame A5E2 0
283 B 48ms
48ms XHR
application/json 160.8.18.56
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theshift.be/_ui/networks/tracking/NetworkTrackingServlet

Requested by

Host: www.theshift.be
URL: https://www.theshift.be/jslibrary/1635874030236/sfdc/NetworkTracking.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.18.56 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains

Request headers

Referer: https://www.theshift.be/apex/GoogleReCaptcha
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 18 Feb 2022 12:30:03 GMT
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Type: application/json; charset=UTF-8
Strict-Transport-Security: max-age=63072004; includeSubDomains
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.theshift.be/s	1969-12-31 23:59:59	Name: renderCtx Value: %7B%22pageId%22%3A%2264f05f40-6d34-418f-9421-f76ea9680962%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%22c91b6c7c-97fb-4c90-b0f3-a9d9f9bc70a7%22%2C%22audienceIds%22%3A%226Au7R00000001gy%22%7D
www.theshift.be/	1970-01-20 09:45:23	Name: CookieConsentPolicy Value: 0:1
www.theshift.be/	1970-01-20 09:45:23	Name: LSKey-c$CookieConsentPolicy Value: 0:1
.www.theshift.be/	1969-12-31 23:59:59	Name: PicassoLanguagee9aff8b1-ace9-4dd2-a9d5-3d71d8694fa5Published Value: 7f612fd1-cd4a-4467-8181-5d0c2ccff299
.www.theshift.be/	1970-01-20 09:45:23	Name: CookieConsentPolicy Value: 0:0
.www.theshift.be/	1970-01-20 09:45:23	Name: LSKey-c$CookieConsentPolicy Value: 0:0
www.theshift.be/	1970-01-20 00:59:58	Name: sfdc-stream Value: !S6glCWZahviyDh5i68zm/+UUwdZbexhBg5sT4Ibx9UvX8utZlPJXtzdazUFwttUwrr8aEfAVNotCDA==
www.theshift.be/	1970-01-20 09:45:23	Name: pctrk Value: 1f2861d9-10c9-4817-a629-f9f279226039

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

czqs-04.na1.hubspotlinks.com
fonts.gstatic.com
www.google.com
www.gstatic.com
www.theshift.be
160.8.18.56
2606:4700::6812:1e69
2a00:1450:4001:810::2003
2a00:1450:4001:827::2003
2a00:1450:4001:829::2004
03ab79498b36ade876a328d618a5ab3b441216a35a419f6ac3538d7481dea57a
094b77147d547901ea36e2e2bcac2af670710653a778f204f9f2f9d78168a328
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e90f0dc3d026dda5059fa3eba00f38b6ce4c59d5daa3b0925949159c3fee953
2a29e9bc5fa19645de9c24c47e4b9a6191e6183068828bd3af07b3e11219b212
34051b18e2de5c53a6f6941d16b1fcc554918884496dc78647a20ffd83d640c1
3631c86236c88f5b9cfe97b56855ab255578d08baea0f64bc311614f07e757b5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42dd8dc296f0639d42d5bfbed2b46955b3eee445c257b25e624dd812fdba4f7e
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
51328e8ea076d32dc13d59bb3b75834eeb65bf344c57e9401c4bb15c2dcdf897
5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb
66bf09a10c71119ffdc31c56d15806550f895e3ed044f3eaaca56237f10a09bc
68beeb8a099760bdbf137288ac670e468ff1212f35d3a7f0808922ca0bec21ba
71d2c43785b3c46fa509df2e53cca95eae67bac116e334a746a8f2264f2e79bb
7eda8fb9c3f3b2eb4779b7e998cff12a7d74d8672cfd9b2b33de0a3368590452
8aa93074a07473bfda41e0f9a070216e6712c35e44380ba24deffcc064fa62a1
907cbd16264a24480d635ae557adb16b842ed453e7ea178d8847266eb0e94185
92623c3bc4f3e23d06470d850803c4d62aae04260795d8662240cad806f06c47
9d0c19469fd38e9d0376f60145ef222fb9ba4517f8fffe7bd0fe54f9ea1fe686
a07361b9992cee19b55676bde1d128c8cec6864ba8e9f158ba8eef071d36f107
ab56ca2343dbcc4d020e38ed3e2244952d73379f9038f05803f518e2143a4ab0
ac0168081aeabb8818b69852308eab297ae2bf380adb687736d1f497eebc8e17
ac9c2834bf0befd333880f17939afdc61c3381eeb2d982659dfa6fd774d000b1
ad7b310713775a97debb134fb758d1086a978e50be850064f7c7d6b8fc38bf03
aeb659a27f6fb84f28dbb0118edb08d31c29852bd1f48bd9aecd29679eeed0a3
b340efde51f2b2f05453c9f85476c648aed2bc6dfa9b72c3cc31eec609d78171
b34446e846aedf36bf675fa54a73c1904f8ed9db40c686a6a0498dc789dc6a19
b5f477948223d43f703fce908218c24537406e9b43d6017c9b24fe9b4b5005be
b6dce8a9d45a7dd8716b02d73657b621c61df8e0d1ffaacfc09fdfc01fbeb2da
b89d8de1349d1bf97bd8b6d114baeaf8decaa7595d9cd592ad0baea492541c30
ba2b90c5d3565ee8856e49c11d85ec5f36e322b7a708b60289eaa0569be18167
c0f612e5468013bca97ff53925f7dac95621c02d1704e9431495d6c567f7ac33
c5a1d56c8747b61964d6ca253f9f5b16250f275a1134415625aa8cbcef41d577
ceedd5e1490b3003935dbfe132335e2ebbce49c4f0e771f09adef54164feb194
dd38f3d52f0fee2dac193286489fcb7304255ac13f7abf288e371ea051dd5113
e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e90aee81d7a76e1b6650a52f20e4098c447fbb341101b7abff602c326265eea2
f6985d6c3d1d7c67add8e7ddc3deb8ac114fcbf16a99f076b784fe42781cbd16
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

www.theshift.be Open in urlscan Pro 160.8.18.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

80 %IPv6

4 Domains

5 Subdomains

6 IPs

3 Countries

3489 kBTransfer

9237 kBSize

8 Cookies

4 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theshift.be Open in urlscan Pro
160.8.18.56 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

3489 kB
Transfer

9237 kB
Size

8
Cookies

46 HTTP transactions
2 data transactions