urlscan.io logo urlscan.io
SecurityTrails logo

ws.onehub.com Open in urlscan Pro
54.173.137.115  Public Scan

Go To Rescan Add Verdict Report
URL: https://ws.onehub.com/files/e3enir5a
Submission: On September 20 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 13 domains to perform 31 HTTP transactions. The main IP is 54.173.137.115, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is ws.onehub.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 8th 2019. Valid for: 2 years.
This is the only time ws.onehub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 54.173.137.115 14618 (AMAZON-AES)
12 13.32.222.219 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 4 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.208.34 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 151.101.14.110 54113 (FASTLY)
1 162.247.242.20 23467 (NEWRELIC-...)
31 13
2    54.173.137.115 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-173-137-115.compute-1.amazonaws.com
ws.onehub.com
12    13.32.222.219 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-219.fra56.r.cloudfront.net
dp0qkd77b9xjk.cloudfront.net
1    2a02:26f0:6c00:196::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
cdn.optimizely.com
4    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
3    2a00:1450:4001:818::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
3    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f2.1e100.net
www.googleadservices.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net
bam.nr-data.net
Domain Requested by
12 dp0qkd77b9xjk.cloudfront.net ws.onehub.com
dp0qkd77b9xjk.cloudfront.net
4 www.google-analytics.com 2 redirects dp0qkd77b9xjk.cloudfront.net
ws.onehub.com
3 connect.facebook.net ws.onehub.com
connect.facebook.net
3 www.google.de ws.onehub.com
3 www.google.com 2 redirects ws.onehub.com
2 www.facebook.com ws.onehub.com
2 stats.g.doubleclick.net 2 redirects
2 ws.onehub.com ws.onehub.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com ws.onehub.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com ws.onehub.com
1 cdn.optimizely.com ws.onehub.com
31 14

This site contains no links.

Subject Issuer Validity Valid
ws.onehub.com
Go Daddy Secure Certificate Authority - G2		 2019-03-08 -
2021-03-25		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
cdn.optimizely.com
DigiCert ECC Secure Server CA		 2018-11-24 -
2020-02-23		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-08-24 -
2019-10-19		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://ws.onehub.com/files/e3enir5a
Frame ID: E6BA90EBC36D93F79D3A04BACEF367CD
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Overall confidence: 100%
Detected patterns
  • script /optimizely\.com.*\.js/i

Page Statistics

31
Requests

100 %
HTTPS

64 %
IPv6

13
Domains

14
Subdomains

13
IPs

5
Countries

1623 kB
Transfer

4370 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1943735808&t=pageview&_s=1&dl=https%3A%2F%2Fws.onehub.com%2Ffiles%2Fe3enir5a&dp=%2Ffiles%2Fe3enir5a&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAAB~&jid=1399195814&gjid=2003335343&cid=169131808.1569009753&tid=UA-6155421-2&_gid=2036625493.1569009753&_r=1&z=1258821181 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6155421-2&cid=169131808.1569009753&jid=1399195814&_gid=2036625493.1569009753&gjid=2003335343&_v=j79&z=1258821181 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6155421-2&cid=169131808.1569009753&jid=1399195814&_v=j79&z=1258821181 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6155421-2&cid=169131808.1569009753&jid=1399195814&_v=j79&z=1258821181&slf_rd=1&random=2252396536
Request Chain 18
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1943735808&t=pageview&_s=1&dl=https%3A%2F%2Fws.onehub.com%2Ffiles%2Fe3enir5a&ul=en-us&de=UTF-8&dt=Plaintiff%20Slides%20V8%20(AJF).pptx%20%E2%80%A2%20Files%20%E2%80%A2%20Ainsworth%20vs.%20H%26P%20%E2%80%A2%20Onehub&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAAAB~&jid=1213554263&gjid=840550111&cid=169131808.1569009753&tid=UA-6155421-2&_gid=2036625493.1569009753&_r=1&gtm=2wg9b0MHZKVC&z=283348082 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6155421-2&cid=169131808.1569009753&jid=1213554263&_gid=2036625493.1569009753&gjid=840550111&_v=j79&z=283348082 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6155421-2&cid=169131808.1569009753&jid=1213554263&_v=j79&z=283348082 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6155421-2&cid=169131808.1569009753&jid=1213554263&_v=j79&z=283348082&slf_rd=1&random=614014869

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set e3enir5a
ws.onehub.com/files/ 		20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws.onehub.com/files/e3enir5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.137.115 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-173-137-115.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a7ffafb2706dd56e67e7b77160c88bf6dd9effd38af03ab61d9b693924f05d67
Security Headers
Name Value
Strict-Transport-Security max-age=0 max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
ws.onehub.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Server
nginx
Date
Fri, 20 Sep 2019 20:02:32 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Keep-Alive
timeout=60
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=edge
ETag
W/"a7ffafb2706dd56e67e7b77160c88bf6"
Cache-Control
max-age=0, private, must-revalidate
Set-Cookie
_onehub_workspaces_session_id=0b34697349a3af87f479537624d22cb4; domain=.onehub.com; path=/; expires=Mon, 21 Oct 2019 20:02:32 -0000; secure; HttpOnly
X-Request-Id
5DBE8C30B91C_0A0100F601BB_5D853057_1EABD409F1
X-Runtime
0.352999
Strict-Transport-Security
max-age=0 max-age=15768000
Content-Encoding
gzip
analytics-a7f4764c696f5f0366d5d2fbe8176829716b8f9054118fa117651420e662a4f7.js
dp0qkd77b9xjk.cloudfront.net/assets/ 		202 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dp0qkd77b9xjk.cloudfront.net/assets/analytics-a7f4764c696f5f0366d5d2fbe8176829716b8f9054118fa117651420e662a4f7.js
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.222.219 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-219.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a7f4764c696f5f0366d5d2fbe8176829716b8f9054118fa117651420e662a4f7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 11 May 2019 01:26:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
11471785
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
46367
Access-Control-Allow-Origin
https://ws.onehub.com
Last-Modified
Mon, 22 May 2017 20:42:15 GMT
Server
nginx
ETag
"59234d27-b51f"
Strict-Transport-Security
max-age=15768000
Content-Type
application/x-javascript
Via
1.1 2fe707f3cc1dc569687bcdf81697e284.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000
X-Amz-Cf-Pop
FRA56
X-Amz-Cf-Id
N_Tsh_RVb74S08ntORuAlhaTyAX7tfGilgSJPt_cHh8S_QMkgzg57Q==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
24437603.js
cdn.optimizely.com/js/ 		170 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/24437603.js
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:196::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5734df78976b01d0762f0651843ed94ff94b0663f0cfe419a388e132ed6b10b6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
jDfnNSJi01mN5ZBTC.wRslM.m4foYIvt
content-encoding
gzip
etag
"f54e62347a54e3573cde4e89f23f9974"
x-amz-request-id
8EEBA3EB679A1EB5
status
200
access-control-allow-methods
GET, HEAD
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:196::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary
Accept-Encoding
content-length
62059
x-amz-id-2
SzT+DlXa/unG17V6XZd3gQkyUYsZCmuaOpeRQZpF7hv8jVqeq+1nHA0FhMgSIzD3RiSsPykSU10=
last-modified
Fri, 28 Oct 2016 23:59:52 GMT
server
AmazonS3
date
Fri, 20 Sep 2019 20:02:32 GMT
access-control-max-age
86400
strict-transport-security
max-age=15768000
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
219
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
workspaces-159e3012bf5327e1f23f370c463350d74f31fbeaafa5b19a311d16779e80a579.css
dp0qkd77b9xjk.cloudfront.net/assets/ 		206 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dp0qkd77b9xjk.cloudfront.net/assets/workspaces-159e3012bf5327e1f23f370c463350d74f31fbeaafa5b19a311d16779e80a579.css
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.222.219 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-219.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
159e3012bf5327e1f23f370c463350d74f31fbeaafa5b19a311d16779e80a579
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 16 Jul 2019 23:19:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
5690596
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
31347
Access-Control-Allow-Origin
https://ws.onehub.com
Last-Modified
Tue, 16 Jul 2019 23:14:45 GMT
Server
nginx
ETag
"5d2e5a65-7a73"
Strict-Transport-Security
max-age=15768000
Content-Type
text/css
Via
1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000
X-Amz-Cf-Pop
FRA56
X-Amz-Cf-Id
tfOFMl6uu4SsNdVSJC13kpoSmmoed0OoG51y2Gg3PChQo-Oak_rhQA==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
workspaces-aa44de655b0bf40ba008f81a8b80b78406e49c783079392dc81bb215ba1788ca.css
dp0qkd77b9xjk.cloudfront.net/assets/mobile/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dp0qkd77b9xjk.cloudfront.net/assets/mobile/workspaces-aa44de655b0bf40ba008f81a8b80b78406e49c783079392dc81bb215ba1788ca.css
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.222.219 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-219.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
aa44de655b0bf40ba008f81a8b80b78406e49c783079392dc81bb215ba1788ca
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 May 2019 03:07:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
11984126
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
925
Access-Control-Allow-Origin
https://ws.onehub.com
Last-Modified
Thu, 25 Apr 2019 21:21:33 GMT
Server
nginx
ETag
"5cc224dd-39d"
Strict-Transport-Security
max-age=15768000
Content-Type
text/css
Via
1.1 8bbec5871de1c2a41003db8fbeafebf8.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000
X-Amz-Cf-Pop
FRA56
X-Amz-Cf-Id
D2jeWwbKV5Gk7t6Vjf5DqcmdSZmBLpQ3MNVOaBRsnviTu5Knwljn6Q==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
147956
ws.onehub.com/workspace_logos/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.onehub.com/workspace_logos/147956
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.137.115 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-173-137-115.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c1804867aded933a9472b5986d43bf1e4c6796d98f7739e67401354d4263b26c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 20:02:32 GMT
Last-Modified
Mon, 08 Dec 2014 17:50:12 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=946728000, public
Content-Disposition
attachment
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
7539
core-02159f54a8b6be8178409dd6980a004ee5cf83d10508bf11ad7c4050d847beaa.js
dp0qkd77b9xjk.cloudfront.net/assets/ 		1 MB
359 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dp0qkd77b9xjk.cloudfront.net/assets/core-02159f54a8b6be8178409dd6980a004ee5cf83d10508bf11ad7c4050d847beaa.js
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.222.219 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-219.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
02159f54a8b6be8178409dd6980a004ee5cf83d10508bf11ad7c4050d847beaa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 16 Jul 2019 23:19:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
5690596
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
367134
Access-Control-Allow-Origin
https://ws.onehub.com
Last-Modified
Tue, 16 Jul 2019 23:14:45 GMT
Server
nginx
ETag
"5d2e5a65-59a1e"
Strict-Transport-Security
max-age=15768000
Content-Type
application/x-javascript
Via
1.1 177d9edea4bc2d9db934cc4080f20342.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000
X-Amz-Cf-Pop
FRA56
X-Amz-Cf-Id
gHoKJTBYNuA5Nx4ojpSYmLP62rjZ0XLF7Mm31uhSN4HZqdNCWAAg_A==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
workspace-95e29e4da733eb31a0478370ec5e68fe219603d2a09703cfdbade10df1fbea01.js
dp0qkd77b9xjk.cloudfront.net/assets/ 		483 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dp0qkd77b9xjk.cloudfront.net/assets/workspace-95e29e4da733eb31a0478370ec5e68fe219603d2a09703cfdbade10df1fbea01.js
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.222.219 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-219.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
95e29e4da733eb31a0478370ec5e68fe219603d2a09703cfdbade10df1fbea01
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 16 Jul 2019 23:19:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
5690596
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
133866
Access-Control-Allow-Origin
https://ws.onehub.com
Last-Modified
Tue, 16 Jul 2019 23:14:45 GMT
Server
nginx
ETag
"5d2e5a65-20aea"
Strict-Transport-Security
max-age=15768000
Content-Type
application/x-javascript
Via
1.1 8bbec5871de1c2a41003db8fbeafebf8.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000
X-Amz-Cf-Pop
FRA56
X-Amz-Cf-Id
tCLKusrvus_7YMC0tOICwA2K4nvpFgYjrtlN6D-lL7awclscT250UA==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
files-9daaa12638a904cde20330f1c26ad8e12e08af933a75795b2549d8ab2094e984.js
dp0qkd77b9xjk.cloudfront.net/assets/ 		422 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dp0qkd77b9xjk.cloudfront.net/assets/files-9daaa12638a904cde20330f1c26ad8e12e08af933a75795b2549d8ab2094e984.js
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.222.219 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-219.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9daaa12638a904cde20330f1c26ad8e12e08af933a75795b2549d8ab2094e984
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 16 Jul 2019 23:19:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
5690596
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
128954
Access-Control-Allow-Origin
https://ws.onehub.com
Last-Modified
Tue, 16 Jul 2019 23:14:46 GMT
Server
nginx
ETag
"5d2e5a66-1f7ba"
Strict-Transport-Security
max-age=15768000
Content-Type
application/x-javascript
Via
1.1 177d9edea4bc2d9db934cc4080f20342.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000
X-Amz-Cf-Pop
FRA56
X-Amz-Cf-Id
buPRmVdjBuy4S1hKUifOhz1wP7dO2SDqZL3B6ZzEqXQ7JC_nGiTBkg==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
tasks-5b98abbff43a2773c3fbe6fcd4e0954c3e541f841b45c17bf8f4895dd859135a.js
dp0qkd77b9xjk.cloudfront.net/assets/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dp0qkd77b9xjk.cloudfront.net/assets/tasks-5b98abbff43a2773c3fbe6fcd4e0954c3e541f841b45c17bf8f4895dd859135a.js
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.222.219 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-219.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
5b98abbff43a2773c3fbe6fcd4e0954c3e541f841b45c17bf8f4895dd859135a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 May 2019 07:14:01 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
9895711
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
9652
Access-Control-Allow-Origin
https://ws.onehub.com
Last-Modified
Mon, 24 Apr 2017 21:00:59 GMT
Server
nginx
ETag
"58fe678b-25b4"
Strict-Transport-Security
max-age=15768000
Content-Type
application/x-javascript
Via
1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000
X-Amz-Cf-Pop
FRA56
X-Amz-Cf-Id
rn-4a24x0smlwkcootJZhaIVdwDI-fmpmXQdzl62UdxEyBgeN5yv9A==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
preview-ca3bf92b21e4e2aa9668c36ce0f237d6e90c4f396a2da25b0149bc863590cb97.js
dp0qkd77b9xjk.cloudfront.net/assets/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dp0qkd77b9xjk.cloudfront.net/assets/preview-ca3bf92b21e4e2aa9668c36ce0f237d6e90c4f396a2da25b0149bc863590cb97.js
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.222.219 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-219.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ca3bf92b21e4e2aa9668c36ce0f237d6e90c4f396a2da25b0149bc863590cb97
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 May 2019 03:07:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
11984130
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
9588
Access-Control-Allow-Origin
https://ws.onehub.com
Last-Modified
Thu, 19 Jul 2018 00:23:06 GMT
Server
nginx
ETag
"5b4fd9ea-2574"
Strict-Transport-Security
max-age=15768000
Content-Type
application/x-javascript
Via
1.1 2fe707f3cc1dc569687bcdf81697e284.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000
X-Amz-Cf-Pop
FRA56
X-Amz-Cf-Id
8LTTaPWaD80ZRGkhuvNj1_NQEGCUPc9VLokl4l0NnhN8-slgEpyLzQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
autocomplete.css
dp0qkd77b9xjk.cloudfront.net/assets/jquery-ui/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dp0qkd77b9xjk.cloudfront.net/assets/jquery-ui/autocomplete.css
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.222.219 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-219.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
869927c05d13fe5e214b462c60cb86edb393943090afea78c08567c06ef165f5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Jun 2019 11:04:01 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
7808311
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3589
Access-Control-Allow-Origin
https://ws.onehub.com
Last-Modified
Mon, 22 May 2017 20:44:13 GMT
Server
nginx
ETag
"59234d9d-e05"
Strict-Transport-Security
max-age=15768000
Content-Type
text/css
Via
1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000
X-Amz-Cf-Pop
FRA56
X-Amz-Cf-Id
5ROwJoQ8GTA6YUi3ERiocC4AMe1-cD85DhxpWp_biC_d-HCwmRwm6w==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
datepicker.css
dp0qkd77b9xjk.cloudfront.net/assets/jquery-ui/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dp0qkd77b9xjk.cloudfront.net/assets/jquery-ui/datepicker.css
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.222.219 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-219.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
196e46733d10cb43a32ecd4ee0d30944cc59de1db15396199e217c084d070132
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 May 2019 03:07:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
11984130
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3915
Access-Control-Allow-Origin
https://ws.onehub.com
Last-Modified
Mon, 24 Apr 2017 21:03:11 GMT
Server
nginx
ETag
"58fe680f-f4b"
Strict-Transport-Security
max-age=15768000
Content-Type
text/css
Via
1.1 2fe707f3cc1dc569687bcdf81697e284.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000
X-Amz-Cf-Pop
FRA56
X-Amz-Cf-Id
uf6SevlF10NtAFXFyRaw-86PGxitn_MzHKLReNo_CWdhq0hHzkJDEA==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
print-a0a3c65dc4f9b19beb72ad9787bb806f18a548addad9c3ec0b7f64a84c6497d7.css
dp0qkd77b9xjk.cloudfront.net/assets/ 		80 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dp0qkd77b9xjk.cloudfront.net/assets/print-a0a3c65dc4f9b19beb72ad9787bb806f18a548addad9c3ec0b7f64a84c6497d7.css
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.222.219 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-219.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a0a3c65dc4f9b19beb72ad9787bb806f18a548addad9c3ec0b7f64a84c6497d7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 21 Jun 2019 22:34:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
7853300
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
7765
Access-Control-Allow-Origin
https://ws.onehub.com
Last-Modified
Fri, 21 Jun 2019 22:27:37 GMT
Server
nginx
ETag
"5d0d59d9-1e55"
Strict-Transport-Security
max-age=15768000
Content-Type
text/css
Via
1.1 177d9edea4bc2d9db934cc4080f20342.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000
X-Amz-Cf-Pop
FRA56
X-Amz-Cf-Id
IhJSDWvUrCKH1hAa1d9jS3QJ2WmwMUggVw4-WIc7jawRSP6OSEv82A==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dp0qkd77b9xjk.cloudfront.net
URL: https://dp0qkd77b9xjk.cloudfront.net/assets/analytics-a7f4764c696f5f0366d5d2fbe8176829716b8f9054118fa117651420e662a4f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4739
date
Fri, 20 Sep 2019 18:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Fri, 20 Sep 2019 20:43:33 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1943735808&t=pageview&_s=1&dl=https%3A%2F%2Fws.onehub.com%2Ffiles%2Fe3enir5a&dp=%2Ffiles%2Fe3enir5a&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6155421-2&cid=169131808.1569009753&jid=1399195814&_gid=2036625493.1569009753&gjid=2003335343&_v=j79&z=1258821181
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6155421-2&cid=169131808.1569009753&jid=1399195814&_v=j79&z=1258821181
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6155421-2&cid=169131808.1569009753&jid=1399195814&_v=j79&z=1258821181&slf_rd=1&random=2252396536
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6155421-2&cid=169131808.1569009753&jid=1399195814&_v=j79&z=1258821181&slf_rd=1&random=2252396536
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Sep 2019 20:02:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Sep 2019 20:02:32 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6155421-2&cid=169131808.1569009753&jid=1399195814&_v=j79&z=1258821181&slf_rd=1&random=2252396536
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MHZKVC
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62a67ed0ea73583e1762ae2fe19ccb95334972ed6cb12825bf121ae63b100d57
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 20:02:32 GMT
content-encoding
br
last-modified
Fri, 20 Sep 2019 18:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
23177
x-xss-protection
0
expires
Fri, 20 Sep 2019 20:02:32 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHZKVC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c18222927be8c9230ddf15c73b426477f3dfc4ece3d058d349dadedcd4ab009e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 20:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
9151
x-xss-protection
0
server
cafe
etag
1245592473821507789
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 20 Sep 2019 20:02:32 GMT
fbevents.js
connect.facebook.net/en_US/ 		121 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31604
x-xss-protection
0
pragma
public
x-fb-debug
hJ3Cl9j/8KMQMGqiNblCkLvt9mRZ+y58aJvhrHr7agYHW9IN6AU61S5k6/G78Wfjrpjui5kr6NlgghbKW0c1CA==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Fri, 20 Sep 2019 20:02:32 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1943735808&t=pageview&_s=1&dl=https%3A%2F%2Fws.onehub.com%2Ffiles%2Fe3enir5a&ul=en-us&de=UTF-8&dt=Plaintiff%20Slides%20V8%20(AJF).pptx%20%E2%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6155421-2&cid=169131808.1569009753&jid=1213554263&_gid=2036625493.1569009753&gjid=840550111&_v=j79&z=283348082
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6155421-2&cid=169131808.1569009753&jid=1213554263&_v=j79&z=283348082
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6155421-2&cid=169131808.1569009753&jid=1213554263&_v=j79&z=283348082&slf_rd=1&random=614014869
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6155421-2&cid=169131808.1569009753&jid=1213554263&_v=j79&z=283348082&slf_rd=1&random=614014869
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Sep 2019 20:02:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Sep 2019 20:02:32 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6155421-2&cid=169131808.1569009753&jid=1213554263&_v=j79&z=283348082&slf_rd=1&random=614014869
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2004294186529575
connect.facebook.net/signals/config/ 		307 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2004294186529575?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
8ec02d57bfa45a1400efacbc8225c6b3262f928422b0f3df659ceb503d72a1a0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-xss-protection
0
pragma
public
x-fb-debug
coV09KS7LKRwx+nuQKQaXJv2YqB3wutoCc1/jZjCbUzzGkWWT+ftrLc4iJArUg6gfMR11QJWdtQ8gGEQ2eUT/g==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Fri, 20 Sep 2019 20:02:32 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
icons-experimental-s0bd381ea6f-f050098243b445f705844aa0fcbe0aa98647e9a55044a11cf131e92dbd0850f8.png
dp0qkd77b9xjk.cloudfront.net/assets/ 		631 KB
631 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dp0qkd77b9xjk.cloudfront.net/assets/icons-experimental-s0bd381ea6f-f050098243b445f705844aa0fcbe0aa98647e9a55044a11cf131e92dbd0850f8.png
Requested by
Host: dp0qkd77b9xjk.cloudfront.net
URL: https://dp0qkd77b9xjk.cloudfront.net/assets/core-02159f54a8b6be8178409dd6980a004ee5cf83d10508bf11ad7c4050d847beaa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.222.219 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-219.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
f050098243b445f705844aa0fcbe0aa98647e9a55044a11cf131e92dbd0850f8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://dp0qkd77b9xjk.cloudfront.net/assets/workspaces-159e3012bf5327e1f23f370c463350d74f31fbeaafa5b19a311d16779e80a579.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 10 May 2019 01:32:56 GMT
Via
1.1 8bbec5871de1c2a41003db8fbeafebf8.cloudfront.net (CloudFront)
Age
11557776
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
645871
Last-Modified
Fri, 01 Feb 2019 04:11:00 GMT
Server
nginx
ETag
"5c53c6d4-9daef"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Access-Control-Allow-Origin
https://ws.onehub.com
Cache-Control
max-age=315360000
X-Amz-Cf-Pop
FRA56
Accept-Ranges
bytes
X-Amz-Cf-Id
cJC9uusNBMR2XBikDv034L6A_Nqg1XS4tyB-qJ16DlTGOBUhkZV4ow==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
www.google-analytics.com/ 		35 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1943735808&t=event&_s=2&dl=https%3A%2F%2Fws.onehub.com%2Ffiles%2Fe3enir5a&ul=en-us&de=UTF-8&dt=Plaintiff%20Slides%20V8%20(AJF).pptx%20%E2%80%A2%20Files%20%E2%80%A2%20Ainsworth%20vs.%20H%26P%20%E2%80%A2%20Onehub&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=File&ea=File%20Details&el=application%2Fvnd.openxmlformats-officedocument.presentationml.presentation&ev=0&_u=aEDAAAAB~&jid=&gjid=&cid=169131808.1569009753&tid=UA-6155421-2&_gid=2036625493.1569009753&z=2057785446
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2019 18:53:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1472933
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1039464777/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1039464777/?random=1569009752744&cv=9&fst=1569009752744&num=1&label=GueNCInRzgIQyfLT7wM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9b0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fws.onehub.com%2Ffiles%2Fe3enir5a&tiba=Plaintiff%20Slides%20V8%20(AJF).pptx%20%E2%80%A2%20Files%20%E2%80%A2%20Ainsworth%20vs.%20H%26P%20%E2%80%A2%20Onehub&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
86967a69f8a3228b0e86e114e0daaafc74ef2f847dd901a20fe6639fa5ffcbb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Sep 2019 20:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
1036
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1039464777/ 		42 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1039464777/?random=1569009752744&cv=9&fst=1569009600000&num=1&label=GueNCInRzgIQyfLT7wM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9b0&sendb=1&frm=0&url=https%3A%2F%2Fws.onehub.com%2Ffiles%2Fe3enir5a&tiba=Plaintiff%20Slides%20V8%20(AJF).pptx%20%E2%80%A2%20Files%20%E2%80%A2%20Ainsworth%20vs.%20H%26P%20%E2%80%A2%20Onehub&async=1&fmt=3&is_vtc=1&random=1953620273&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Sep 2019 20:02:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1039464777/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1039464777/?random=1569009752744&cv=9&fst=1569009600000&num=1&label=GueNCInRzgIQyfLT7wM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9b0&sendb=1&frm=0&url=https%3A%2F%2Fws.onehub.com%2Ffiles%2Fe3enir5a&tiba=Plaintiff%20Slides%20V8%20(AJF).pptx%20%E2%80%A2%20Files%20%E2%80%A2%20Ainsworth%20vs.%20H%26P%20%E2%80%A2%20Onehub&async=1&fmt=3&is_vtc=1&random=1953620273&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Sep 2019 20:02:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
10218
x-xss-protection
0
pragma
public
x-fb-debug
4oOtdNlY62QbO7RvNCNXPGW7AlNhPYakTem4DskDiH9fxMBfHCug0dqQrNlNcGMUkv5qq4Vxhv+WsHqfFo0b7g==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Fri, 20 Sep 2019 20:02:32 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2004294186529575&ev=PageView&dl=https%3A%2F%2Fws.onehub.com%2Ffiles%2Fe3enir5a&rl=&if=false&ts=1569009752954&sw=1600&sh=1200&v=2.9.4&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1569009752953.580794390&it=1569009752689&coo=false&rqm=GET
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 20:02:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 20 Sep 2019 20:02:32 GMT
nr-1130.min.js
js-agent.newrelic.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1130.min.js
Requested by
Host: ws.onehub.com
URL: https://ws.onehub.com/files/e3enir5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 20:02:33 GMT
content-encoding
gzip
x-amz-request-id
8174A4BD27442C39
x-cache
HIT
status
200
content-length
9407
x-amz-id-2
okRb4AqloAZZ3+qaWnpqMQYC7hkPpbr/Yrluzst01SO9f1ckk5T9tspUtBHMBazVI7CvXAVZCdo=
x-served-by
cache-fra19169-FRA
last-modified
Tue, 09 Jul 2019 23:52:06 GMT
server
AmazonS3
x-timer
S1569009753.022986,VS0,VE0
etag
"73f8857196b9ef7fd3b302cbc557b8ac"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2118
9c92e3ebfa
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/9c92e3ebfa?a=699588&v=1130.54e767a&to=J15fEhddCloDQBhRDQhUQkkWWglB&rst=1685&ref=https://ws.onehub.com/files/e3enir5a&qt=1&ap=350&be=1169&fe=1610&dc=1354&perf=%7B%22timing%22:%7B%22of%22:1569009751353,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:19,%22c%22:19,%22s%22:33,%22ce%22:328,%22rq%22:328,%22rp%22:990,%22rpe%22:991,%22dl%22:993,%22di%22:1353,%22ds%22:1353,%22de%22:1382,%22dc%22:1610,%22l%22:1610,%22le%22:1611%7D,%22navigation%22:%7B%7D%7D&fp=1216&fcp=1216&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1130.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
/
www.facebook.com/tr/ 		44 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2004294186529575&ev=Microdata&dl=https%3A%2F%2Fws.onehub.com%2Ffiles%2Fe3enir5a&rl=&if=false&ts=1569009754457&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Plaintiff%20Slides%20V8%20(AJF).pptx%20%E2%80%A2%20Files%20%E2%80%A2%20Ainsworth%20vs.%20H%26P%20%E2%80%A2%20Onehub%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.4&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1569009752953.580794390&it=1569009752689&coo=false&es=automatic&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ws.onehub.com/files/e3enir5a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 20:02:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 20 Sep 2019 20:02:34 GMT

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| analytics object| geolocation object| optly object| optimizely string| GoogleAnalyticsObject function| ga object| NREUM object| newrelic function| __nr_require object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer string| CKEDITOR_BASEPATH object| names function| k object| Doppio object| Hogan object| Marionette function| OnehubBarView function| FlashMessage function| createCookie function| readCookie function| isOnehubDomain object| match string| keyword string| data function| Stream function| EditAttributeView function| WorkspaceEditView function| VersionGroupRoleEditView function| ResourceModal object| Onehub function| DocumentSecurityView function| FeatureView object| UserCardHelper function| AutobotStory function| FirstRunStory object| html5 object| Modernizr object| style object| bowser function| $ function| jQuery function| Q function| iOSCheckbox function| moment function| filesize function| _ object| _s object| Backbone object| SortedMixin object| Handlebars function| updateFavicon function| InlineError function| Announcement object| regex object| jstz object| ActionCable object| App object| JST object| HandlebarsTemplates object| google_tag_manager function| fbq function| _fbq function| Workspace function| WorkspaceView function| WorkspaceLogoView function| AgreementView function| ThemeEditorView function| PageTabsView function| ContentItem function| ContentItemCollection function| DiscussionView function| Message function| MessageCollection function| MessageListView function| MessagesView function| MessageView function| WorkspaceActivityShowView function| ZeroClipboardView object| ZeroClipboard function| Html5ClipboardView function| ClipboardView function| FirstRunStep1View function| FirstRunStepView object| W object| CKEDITOR object| Mousetrap function| ping function| debounced_ping object| Autobot object| workspace object| stream object| swfobject function| Folder function| FolderCollection function| FolderView function| FileView function| MoveCopy function| LinksView function| LinkEmailsView function| EditContentItemLinkView function| FolderProgressView function| NewFolderView function| SWFUpload function| GoogleDriveDocument function| GoogleDriveButtonView function| GoogleDriveFormView function| GoogleDriveEditorView function| GoogleDriveInfoView object| F function| jwplayer object| FolderUploadController object| Mouse function| mouseMoveHandler object| Position function| Slider object| slider undefined| docViewer undefined| flexPaperVars undefined| params boolean| FlexPaperFullScreen boolean| PendingFullScreen function| getDocViewer function| addSlider function| onScaleChanged function| swfCallbackFn function| onDocumentLoading function| onPageLoaded function| onFitModeChanged function| onViewModeChanged function| onDocumentLoaded function| onDocumentLoadedError function| onProgress function| onCurrentPageChanged function| onCursorModeChanged function| bindEventListeners function| searchText function| setFullScreen function| onExternalLinkClicked function| onDocumentPrinted function| onTextSelected function| showFullScreen function| AudioPreview function| DocumentPreview function| ImagePreview function| VideoPreview object| jQuery183010593930771951321 function| $f function| FlexPaperViewer function| flashembed string| csrf_token string| csrf_param object| onehubBar undefined| spinnersDegraded object| workspaceView object| fileView function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

16 Cookies

Domain/Path Name / Value
.ws.onehub.com/ Name: _ga
Value: GA1.3.169131808.1569009753
.onehub.com/ Name: _fbp
Value: fb.1.1569009752953.580794390
.onehub.com/ Name: _gcl_au
Value: 1.1.501775263.1569009753
.ws.onehub.com/ Name: _gid
Value: GA1.3.2036625493.1569009753
.onehub.com/ Name: _gat
Value: 1
.onehub.com/ Name: _gid
Value: GA1.2.2036625493.1569009753
.onehub.com/ Name: first_touch
Value: %7B%22location%22%3A%22/files/e3enir5a%22%2C%20%22query%22%3A%22%22%2C%20%22referrer%22%3A%22%22%2C%20%22keyword%22%3A%22%22%7D
.onehub.com/ Name: ajs_group_id
Value: null
.onehub.com/ Name: optimizelyPendingLogEvents
Value: %5B%5D
.onehub.com/ Name: optimizelyBuckets
Value: %7B%7D
.onehub.com/ Name: ajs_user_id
Value: null
.onehub.com/ Name: optimizelySegments
Value: %7B%7D
.onehub.com/ Name: _ga
Value: GA1.2.169131808.1569009753
.onehub.com/ Name: optimizelyEndUserId
Value: oeu1569009752513r0.6614589025009043
.ws.onehub.com/ Name: _gat_UA-6155421-2
Value: 1
.onehub.com/ Name: _onehub_workspaces_session_id
Value: 0b34697349a3af87f479537624d22cb4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0 max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.optimizely.com
connect.facebook.net
dp0qkd77b9xjk.cloudfront.net
googleads.g.doubleclick.net
js-agent.newrelic.com
stats.g.doubleclick.net
ws.onehub.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.32.222.219
151.101.14.110
162.247.242.20
216.58.208.34
2a00:1450:4001:809::2002
2a00:1450:4001:818::2004
2a00:1450:4001:819::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81c::2003
2a00:1450:400c:c08::9b
2a02:26f0:6c00:196::13b8
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
54.173.137.115
02159f54a8b6be8178409dd6980a004ee5cf83d10508bf11ad7c4050d847beaa
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
159e3012bf5327e1f23f370c463350d74f31fbeaafa5b19a311d16779e80a579
196e46733d10cb43a32ecd4ee0d30944cc59de1db15396199e217c084d070132
5734df78976b01d0762f0651843ed94ff94b0663f0cfe419a388e132ed6b10b6
5b98abbff43a2773c3fbe6fcd4e0954c3e541f841b45c17bf8f4895dd859135a
62a67ed0ea73583e1762ae2fe19ccb95334972ed6cb12825bf121ae63b100d57
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86967a69f8a3228b0e86e114e0daaafc74ef2f847dd901a20fe6639fa5ffcbb9
869927c05d13fe5e214b462c60cb86edb393943090afea78c08567c06ef165f5
8ec02d57bfa45a1400efacbc8225c6b3262f928422b0f3df659ceb503d72a1a0
95e29e4da733eb31a0478370ec5e68fe219603d2a09703cfdbade10df1fbea01
9daaa12638a904cde20330f1c26ad8e12e08af933a75795b2549d8ab2094e984
a0a3c65dc4f9b19beb72ad9787bb806f18a548addad9c3ec0b7f64a84c6497d7
a7f4764c696f5f0366d5d2fbe8176829716b8f9054118fa117651420e662a4f7
a7ffafb2706dd56e67e7b77160c88bf6dd9effd38af03ab61d9b693924f05d67
aa44de655b0bf40ba008f81a8b80b78406e49c783079392dc81bb215ba1788ca
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
c1804867aded933a9472b5986d43bf1e4c6796d98f7739e67401354d4263b26c
c18222927be8c9230ddf15c73b426477f3dfc4ece3d058d349dadedcd4ab009e
ca3bf92b21e4e2aa9668c36ce0f237d6e90c4f396a2da25b0149bc863590cb97
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f050098243b445f705844aa0fcbe0aa98647e9a55044a11cf131e92dbd0850f8
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23