urlscan.io logo urlscan.io
SecurityTrails logo

ciweb.ciwebgroup.com Open in urlscan Pro
2606:4700::6812:1b03  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ciweb.ciwebgroup.com/
Effective URL: https://ciweb.ciwebgroup.com/login
Submission: On July 04 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 14 domains to perform 42 HTTP transactions. The main IP is 2606:4700::6812:1b03, located in United States and belongs to CLOUDFLARENET, US. The main domain is ciweb.ciwebgroup.com.
TLS certificate: Issued by WE1 on June 23rd 2024. Valid for: 3 months.
This is the only time ciweb.ciwebgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
7 13.33.158.215 16509 (AMAZON-02)
6 142.250.186.100 15169 (GOOGLE)
1 23.212.202.218 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:1901:0:b... 15169 (GOOGLE)
2 34.96.102.137 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 157.240.253.1 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 23.96.124.156 8075 (MICROSOFT...)
1 4 2600:9000:264... 16509 (AMAZON-02)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 2a05:d018:cc3... 16509 (AMAZON-02)
42 19
6    2606:4700::6812:1b03 (United States)

ASN13335 (CLOUDFLARENET, US)
ciweb.ciwebgroup.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    13.33.158.215 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-158-215.fra60.r.cloudfront.net
d2ra6nuwn69ktl.cloudfront.net
6    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
1    23.212.202.218 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-202-218.deploy.static.akamaitechnologies.com
c15117557.ssl.cf2.rackcdn.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
2    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    23.96.124.156 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
w.clarity.ms
4    2600:9000:2644:4400:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2a05:d018:cc3:fe04:2b63:4b74:dc69:1562 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
Apex Domain
Subdomains		 Transfer
7 cloudfront.net
d2ra6nuwn69ktl.cloudfront.net
628 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
w.clarity.ms — Cisco Umbrella Rank: 7852
c.clarity.ms — Cisco Umbrella Rank: 1434
28 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 5
961 B
6 ciwebgroup.com
ciweb.ciwebgroup.com
18 KB
5 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3747
d.adroll.com — Cisco Umbrella Rank: 1811
30 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 361
c.bing.com — Cisco Umbrella Rank: 224
16 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
246 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
89 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
17 KB
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4205
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
6 KB
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 6280
19 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1073
7 KB
1 rackcdn.com
c15117557.ssl.cf2.rackcdn.com — Cisco Umbrella Rank: 150164
15 KB
42 14
Domain Requested by
7 d2ra6nuwn69ktl.cloudfront.net ciweb.ciwebgroup.com
6 www.google.com ciweb.ciwebgroup.com
www.gstatic.com
6 ciweb.ciwebgroup.com 2 redirects ciweb.ciwebgroup.com
static.cloudflareinsights.com
4 s.adroll.com 1 redirects ciweb.ciwebgroup.com
s.adroll.com
3 bat.bing.com ciweb.ciwebgroup.com
bat.bing.com
2 c.clarity.ms 1 redirects
2 w.clarity.ms www.clarity.ms
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 connect.facebook.net ciweb.ciwebgroup.com
connect.facebook.net
2 stats.g.doubleclick.net ciweb.ciwebgroup.com
2 dev.visualwebsiteoptimizer.com ciweb.ciwebgroup.com
2 fonts.googleapis.com ciweb.ciwebgroup.com
1 d.adroll.com s.adroll.com
1 c.bing.com 1 redirects
1 www.gstatic.com www.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.mxpnl.com ciweb.ciwebgroup.com
1 static.cloudflareinsights.com ciweb.ciwebgroup.com
1 c15117557.ssl.cf2.rackcdn.com ciweb.ciwebgroup.com
42 19

This site contains links to these domains. Also see Links.

Domain
www.hvacscheduler.com
Subject Issuer Validity Valid
ciweb.ciwebgroup.com
WE1		 2024-06-23 -
2024-09-21		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.ssl.cf2.rackcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-24 -
2024-11-27		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1		 2023-07-12 -
2024-08-11		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2024-06-29 -
2025-07-31		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-13 -
2024-07-12		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
s.adroll.com
Amazon RSA 2048 M02		 2024-05-03 -
2025-06-01		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh

This page contains 6 frames:

Primary Page: https://ciweb.ciwebgroup.com/login
Frame ID: 4EC7FEAC264E4A471C6563917B81312B
Requests: 36 HTTP requests in this frame

Frame: https://ciweb.ciwebgroup.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
Frame ID: E367C2FB3C9319242DE0757533DBE2F8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRoxkUAAAAAB1JyNT1vPNfSwwACxqfYZo2E_SY&co=aHR0cHM6Ly9jaXdlYi5jaXdlYmdyb3VwLmNvbTo0NDM.&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=c8x2i9p0ekmp
Frame ID: 4B983D495DFDADEC3434AC32BB7EB782
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRoxkUAAAAAB1JyNT1vPNfSwwACxqfYZo2E_SY&co=aHR0cHM6Ly9jaXdlYi5jaXdlYmdyb3VwLmNvbTo0NDM.&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=chzgyobsbks2
Frame ID: 934B880986E787E1526935AEEFB73D42
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LdRoxkUAAAAAB1JyNT1vPNfSwwACxqfYZo2E_SY
Frame ID: 672AAEFCE2E79C7988EF2C21208AFA17
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LdRoxkUAAAAAB1JyNT1vPNfSwwACxqfYZo2E_SY
Frame ID: EFD5EDCD50098056FBEEC0AA6E36EFB9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login to CIWebGroup.com Online Scheduling System (OSS)

Page URL History Show full URLs

  1. http://ciweb.ciwebgroup.com/ HTTP 307
    https://ciweb.ciwebgroup.com/ HTTP 302
    https://ciweb.ciwebgroup.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • cdn\.mxpnl\.com/libs/mixpanel\-([0-9.]+)\.min\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

42
Requests

93 %
HTTPS

63 %
IPv6

14
Domains

19
Subdomains

19
IPs

4
Countries

1120 kB
Transfer

3749 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ciweb.ciwebgroup.com/ HTTP 307
    https://ciweb.ciwebgroup.com/ HTTP 302
    https://ciweb.ciwebgroup.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://ciweb.ciwebgroup.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://ciweb.ciwebgroup.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
Request Chain 32
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5C0A9E37806B48E69C06EDA7E56CB2AD&RedC=c.clarity.ms&MXFR=115A77DC7D8567323B7D636E798569B0 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5C0A9E37806B48E69C06EDA7E56CB2AD&MUID=3CCD659293A96BB40F74712092226A2E
Request Chain 36
  • https://s.adroll.com/j/pre/WZPRYR3BLNDY3I7JPOWBOY/CUU7LSMOUFDDFJQBPTZRFS/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
ciweb.ciwebgroup.com/
Redirect Chain
  • http://ciweb.ciwebgroup.com/
  • https://ciweb.ciwebgroup.com/
  • https://ciweb.ciwebgroup.com/login
44 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94440d0da0f34814ad188e2e918005e8b0b3b340c83ae500ae469d6285ddd70d
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-expose-headers
X-Platform
cache-control
must-revalidate, no-cache, no-store, private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
89e0b20e89565bf1-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 04 Jul 2024 17:04:38 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
/after_login
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma
no-cache
server
cloudflare
status
200 OK
x-frame-options
ALLOWALL
x-platform
true
x-rack-cache
miss
x-request-id
fbeebef77c69b3a49fc87a9290c73f36
x-runtime
0.063528
x-ua-compatible
IE=Edge,chrome=1

Redirect headers

access-control-expose-headers
X-Platform
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
89e0b20b4e705bf1-FRA
content-type
text/html; charset=utf-8
date
Thu, 04 Jul 2024 17:04:37 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://ciweb.ciwebgroup.com/login
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma
no-cache
server
cloudflare
status
302 Found
x-frame-options
ALLOWALL
x-platform
true
x-rack-cache
miss
x-request-id
b08cd844b91bbafc52248e1c79f8bb45
x-runtime
0.024216
x-ua-compatible
IE=Edge,chrome=1
css
fonts.googleapis.com/ 		62 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,100,700|Open+Sans:300italic,400italic,600italic,700italic,300,400,700,600|Montserrat:400,500,600,700|Poppins:100,400,500,600
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bab7d7e7883680719504eeb7d5338e6a26da494ce5a5930d53ea5d786b7b2df7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jul 2024 17:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 17:04:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jul 2024 17:04:38 GMT
css
fonts.googleapis.com/ 		30 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=fonts.googleapis.com/css?family=Caudex|Overlock|Patrick+Hand|Jockey+One|Sarina|Niconne|Fredericka+the+Great|Corben|Kelly+Slab|Marck+Script|Mr+De+Haviland|Lobster|Anton|Josefin+Slab|EB+Garamond|Basic|Chelsea+Market|Enriqueta|Forum|Jura|Noticia+Text|Open+Sans|Play|Signika|Spinnaker
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
788b6d35e309e12b1ab299bc7bf6184804c5224e6f4f5e75b3af7c2e47cbcfe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jul 2024 17:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 17:01:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jul 2024 17:04:38 GMT
application-cd680fd9741ba8778f29f397d5cb8616.css
d2ra6nuwn69ktl.cloudfront.net/assets/ 		486 KB
103 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2ra6nuwn69ktl.cloudfront.net/assets/application-cd680fd9741ba8778f29f397d5cb8616.css
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-215.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4211b811bb485720668ef0a0a16d04da09f5e0f8210c46bffa74aef5f76c06af

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
1.N_Bii6FASYJDcLUER0uw4hEMNP_q8q
content-encoding
gzip
via
1.1 ccd3e547bd5d86bbfbaca15b4307ce70.cloudfront.net (CloudFront)
date
Thu, 04 Jul 2024 02:04:51 GMT
last-modified
Tue, 02 Jul 2024 12:58:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
53988
x-amz-server-side-encryption
AES256
etag
W/"a0f1f6827a32d7faee566341ee60bf09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
x-amz-cf-id
2PFRa7lg3-rYySdEnWOnOl97gECTVAu1-DYiLIZxnBK3oTM2Dik8Rw==
angular-file-upload-shim-611a0a5922961f4e277d87551fb7806a.js
d2ra6nuwn69ktl.cloudfront.net/assets/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2ra6nuwn69ktl.cloudfront.net/assets/angular-file-upload-shim-611a0a5922961f4e277d87551fb7806a.js
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-215.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11543f781939c559795279cad4e50e5e277c69c190c819cf6a0fdac44e822f16

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
AdDSVZKZZM6SBUlstsz84PpfTO.SWd5h
content-encoding
gzip
via
1.1 ccd3e547bd5d86bbfbaca15b4307ce70.cloudfront.net (CloudFront)
date
Thu, 04 Jul 2024 10:34:51 GMT
last-modified
Tue, 02 Jul 2024 12:58:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
23388
x-amz-server-side-encryption
AES256
etag
W/"0fde2b2df197d20feeb50f36baa3a258"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
ojHzvCPA8fFSgl8KmOj_Maecy5Ces8_BbEDENZEjOAu7azSfvxRlzA==
application-980c77fd04b84a63cf15b688990ebcdb.js
d2ra6nuwn69ktl.cloudfront.net/assets/ 		653 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2ra6nuwn69ktl.cloudfront.net/assets/application-980c77fd04b84a63cf15b688990ebcdb.js
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-215.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30610497b5a0c47d76d107d1e7930f1ff972e4037b04f780e50389dac8f8ea27

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Jk7R5hQ7I.OwqZVIokKdyTt7CmpnhdIM
content-encoding
gzip
via
1.1 ccd3e547bd5d86bbfbaca15b4307ce70.cloudfront.net (CloudFront)
date
Thu, 04 Jul 2024 12:03:02 GMT
last-modified
Thu, 13 Jun 2024 06:39:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
34328
x-amz-server-side-encryption
AES256
etag
W/"0d2745b11ef634e70a84344b93709650"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
8owZ-U_-1E4B5o_z5zC1iT_P_JOyFX7_IjqgBifo6ak0dKjADYH6Xg==
angular-pack-c6a5d80b2ca5240c0495ab385f2af989.js
d2ra6nuwn69ktl.cloudfront.net/assets/ 		189 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2ra6nuwn69ktl.cloudfront.net/assets/angular-pack-c6a5d80b2ca5240c0495ab385f2af989.js
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-215.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91c286bfba831de57aef7ad6997b255354c8cd521c3a590cfa6582de9ff550f6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
1Zi7XDKs1FR2pMpaVfbXYBDxqfuCjprI
content-encoding
gzip
via
1.1 ccd3e547bd5d86bbfbaca15b4307ce70.cloudfront.net (CloudFront)
date
Thu, 04 Jul 2024 12:03:02 GMT
last-modified
Thu, 13 Jun 2024 06:39:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
34328
x-amz-server-side-encryption
AES256
etag
W/"d3ed7e2edb0c1fe8d6d7ac3224678572"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
jmp0Knyz2eRV99jGcjGiHI--5s5R15pp5wqY-bbV1jDEAVBqfhkzOg==
api.js
www.google.com/recaptcha/ 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
df85e001ce72e46c578531cf3ea8bbb0712a4af63abc112d9d633e474c05965f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 17:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 04 Jul 2024 17:04:38 GMT
angular-pack-2-b9f643539dcf5e9aec8d8c613bbf9e45.js
d2ra6nuwn69ktl.cloudfront.net/assets/ 		1 MB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2ra6nuwn69ktl.cloudfront.net/assets/angular-pack-2-b9f643539dcf5e9aec8d8c613bbf9e45.js
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-215.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68dcd5ab9ace7cb6f90f96299c2b98c9ec7e75babc3fcf8561989bf565b02534

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
.1AoU31sBNARPxCraYqPg7BhF0GAnHqY
content-encoding
gzip
via
1.1 ccd3e547bd5d86bbfbaca15b4307ce70.cloudfront.net (CloudFront)
date
Thu, 04 Jul 2024 08:12:36 GMT
last-modified
Thu, 13 Jun 2024 06:39:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
34326
x-amz-server-side-encryption
AES256
etag
W/"d4dc53109ab0fb821b098126b8166afa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
As5Rt5_kjLOlmZSp6W7Qni-SYm5NGZKB3ee_IwS72me7KmTV7uhdIg==
signup-672c96d4468011bfefdd6a77d41f88c0.css
d2ra6nuwn69ktl.cloudfront.net/assets/controllers/ 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2ra6nuwn69ktl.cloudfront.net/assets/controllers/signup-672c96d4468011bfefdd6a77d41f88c0.css
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-215.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6fa6bce9e87f8933ef111766f37dc12fa443651a23427da0ee31588d3d1ed36

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
TMdcOv4i.tH1o_25zuTyYjGcEkEM3Oj.
content-encoding
gzip
via
1.1 ccd3e547bd5d86bbfbaca15b4307ce70.cloudfront.net (CloudFront)
date
Thu, 04 Jul 2024 01:34:51 GMT
last-modified
Tue, 02 Jul 2024 12:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
55788
x-amz-server-side-encryption
AES256
etag
W/"7eb388d314c26f185b72c54df155f175"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
x-amz-cf-id
wpFpFsWBFUnKcu9Bl0fD71r46oUeTZC5mnKk43YRSH3TQpY72N0PgA==
normal_g380xlfmmxxal2ry2apx0p8huylvczrz.png
c15117557.ssl.cf2.rackcdn.com/avatar/image/218340/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c15117557.ssl.cf2.rackcdn.com/avatar/image/218340/normal_g380xlfmmxxal2ry2apx0p8huylvczrz.png
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.202.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-202-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cfd60ebe32ff6bd01658a9aaf5f737556b387d1b7fb8d204ce747544501a62c5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 17:04:39 GMT
Last-Modified
Wed, 29 Apr 2015 19:15:29 GMT
ETag
e628f66a78281654b9cd7457a4f41af8
Content-Type
image/png
X-Timestamp
1430334928.74565
Cache-Control
public, max-age=259154
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14781
X-Trans-Id
tx73b148c1e2894fe6b5eda-006686d627ord1
Expires
Sun, 07 Jul 2024 17:03:53 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Origin
https://ciweb.ciwebgroup.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 17:04:38 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
89e0b2134cae924f-FRA
api.js
www.google.com/recaptcha/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
df85e001ce72e46c578531cf3ea8bbb0712a4af63abc112d9d633e474c05965f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 17:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 04 Jul 2024 17:04:38 GMT
mixpanel-2.2.min.js
cdn.mxpnl.com/libs/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2.2.min.js
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
60f5f911fd8f366f29390166716a1977430d5472b02b6a1298c818096d7d2aac

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 17:03:35 GMT
content-encoding
gzip
age
63
x-guploader-uploadid
ACJd0NrhnrFcJPFMfpu7dTVlOwsG7QpLotHpAOToh0e7ce2BKc_4PWkst3-qRp9CRnX1q6CV3w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18820
last-modified
Fri, 21 Jun 2024 22:06:19 GMT
server
UploadServer
etag
"6e1bbec04bab52cbcbf6dcf4e9e9f9c6"
vary
Accept-Encoding
x-goog-generation
1719007579240147
x-goog-hash
crc32c=knflVQ==, md5=bhu+wEurUsvL9tz06en5xg==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=600
x-goog-stored-content-length
18820
accept-ranges
bytes
expires
Thu, 04 Jul 2024 17:13:35 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=536610&u=https%3A%2F%2Fciweb.ciwebgroup.com%2Flogin&f=1&r=0.5504580485521313
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
2b3deb0f11bee6017e92156f0c06ef917f924f9faa39c88c36465f24d4cfd3fc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 17:04:38 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jul 2024 16:21:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2611
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17093
expires
Thu, 04 Jul 2024 18:21:07 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 04 Jul 2024 17:04:38 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9170BBFC34004D879E5175FB44514C16 Ref B: FRA31EDGE0511 Ref C: 2024-07-04T17:04:38Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
sdk.js
connect.facebook.net/en_US/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
469a526ca24bbea7324d247723b25f36f8d6808195261e798a5f766679d7cf92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jul 2024 17:04:38 GMT
content-md5
/gNtUzAp91jiTfORr+GKQQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2786, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
xVLefta0nx7SYwVKPJqpElufXZKqDIYMWXFH1FEBoZ/hXJL5RGpaZdT6WfUc+cMS9ODOES0iakGy8HXd1HEEOA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
6f737759d931362cd9aad80fc1a3d842
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"75087c23557753e250938ace9344485a"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 04 Jul 2024 17:06:58 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,100,700|Open+Sans:300italic,400italic,600italic,700italic,300,400,700,600|Montserrat:400,500,600,700|Poppins:100,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://ciweb.ciwebgroup.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:59:20 GMT
x-content-type-options
nosniff
age
14718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 12:59:20 GMT
sdk.js
connect.facebook.net/en_US/ 		299 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=ae90a8c976ab4961a2b761c4103e6079
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
12df12616a33fadaf498c6eef21f1af6c51aaf5313faa35b844d54a67cc3aae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Origin
https://ciweb.ciwebgroup.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jul 2024 17:04:39 GMT
content-md5
4QALaCqh4VACJZxMzEzV6Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87615
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4300, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
jwOeq8a6FDwdrVWxlgOn8mOopgUFMlVAI3StwGilfvTDSPDSi27YB1/u3YoAR0KdtXE61OF3a4gL0qGWWhyj1A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
05fa6ea11c696b2585be4a5193a7a392
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"ae9e7cba243e27c042ed63fe0554e25d"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 04 Jul 2025 13:51:02 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		536 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Origin
https://ciweb.ciwebgroup.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217833
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Jul 2025 00:25:59 GMT
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=536610&d=ciweb.ciwebgroup.com&u=DB4B4BA93F56562BC9CA6D859A262311A&h=c5648e52e58c4f38def327e76d8241d6&t=false
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv2c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 17:04:39 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv2c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
__utm.gif
stats.g.doubleclick.net/r/ 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=245587613&utmhn=ciweb.ciwebgroup.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Login%20to%20CIWebGroup.com%20Online%20Scheduling%20System%20(OSS)&utmhid=923871233&utmr=-&utmp=%2Flogin&utmht=1720112678992&utmac=UA-130670012-4&utmcc=__utma%3D7610656.1076205336.1720112679.1720112679.1720112679.1%3B%2B__utmz%3D7610656.1720112679.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2012190231&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 04 Jul 2024 17:04:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.js
ciweb.ciwebgroup.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/ Frame E367
Redirect Chain
  • https://ciweb.ciwebgroup.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://ciweb.ciwebgroup.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ciweb.ciwebgroup.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js?
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Server
2606:4700::6812:1b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b98d4b09574d8e98ed67602e78ab342e2f9c9028c150d8a19182d7db4b84b08
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Jul 2024 17:04:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
89e0b2145e745bf1-FRA

Redirect headers

date
Thu, 04 Jul 2024 17:04:39 GMT
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js?
access-control-allow-origin
*
cache-control
max-age: 300, public
cf-ray
89e0b2140e355bf1-FRA
content-length
0
5819928.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5819928.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9b5eb468156ff7ae8ae8a8f1ff29d4d68c4c45485d6c15426f75c50e2899b11f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Thu, 04 Jul 2024 17:04:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5D7C8D0B361E4A96ABC4777972A42D36 Ref B: FRA31EDGE0511 Ref C: 2024-07-04T17:04:39Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5819928&Ver=2&mid=62dcc52a-2a34-42ed-b81a-3e063a366a1f&sid=7f93a2803a2711efa2eac7bbffe51d1d&vid=7f93cb303a2711efb31219f0f9a2dfd3&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Login%20to%20CIWebGroup.com%20Online%20Scheduling%20System%20(OSS)&kw=CIWebGroup.com%20Online%20Scheduling%20System%20(OSS)%20login&p=https%3A%2F%2Fciweb.ciwebgroup.com%2Flogin&r=&lt=1549&evt=pageLoad&sv=1&rn=167337
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 04 Jul 2024 17:04:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AA755C4083C44EA1B647DE40ECBC1AF2 Ref B: FRA31EDGE0511 Ref C: 2024-07-04T17:04:39Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
5819928
www.clarity.ms/tag/uet/ 		826 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/5819928?insights=1
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5819928.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb5de037f283370f10a839549da8fab796f4fc41e0b17afc389dfa2f37c5b0af

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Thu, 04 Jul 2024 17:04:39 GMT
x-azure-ref
20240704T170439Z-r195c4c79d928r8n6m6zg48rm800000001qg00000000uben
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
826
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
89e0b20e89565bf1
ciweb.ciwebgroup.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame E367 		0
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ciweb.ciwebgroup.com/cdn-cgi/challenge-platform/h/g/jsd/r/89e0b20e89565bf1
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 04 Jul 2024 17:04:39 GMT
server
cloudflare
cf-ray
89e0b2150f025bf1-FRA
content-length
0
content-type
text/plain; charset=UTF-8
anchor
www.google.com/recaptcha/api2/ Frame 4B98 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRoxkUAAAAAB1JyNT1vPNfSwwACxqfYZo2E_SY&co=aHR0cHM6Ly9jaXdlYi5jaXdlYmdyb3VwLmNvbTo0NDM.&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=c8x2i9p0ekmp
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OkYbm-sYmopV5UZov7lSDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ciweb.ciwebgroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-OkYbm-sYmopV5UZov7lSDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 17:04:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame 934B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRoxkUAAAAAB1JyNT1vPNfSwwACxqfYZo2E_SY&co=aHR0cHM6Ly9jaXdlYi5jaXdlYmdyb3VwLmNvbTo0NDM.&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=chzgyobsbks2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-A0ZtSdSPyDfuaTxSgTvjag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ciweb.ciwebgroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-A0ZtSdSPyDfuaTxSgTvjag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 17:04:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5819928?insights=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 17:04:39 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240704T170439Z-r195c4c79d928r8n6m6zg48rm800000001qg00000000ubf2
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
882be191-001e-0079-6f98-cdd2ff000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
w.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://w.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://ciweb.ciwebgroup.com
Date
Thu, 04 Jul 2024 17:04:39 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
roundtrip.js
s.adroll.com/j/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: ciweb.ciwebgroup.com
URL: https://ciweb.ciwebgroup.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:4400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02b5db103f24a7395fa2623b371ea764e2948337147de780911dc2fcdec49458

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Amz-Version-Id
fsiDuzy5vys3wCM7hYlFnR.TBXHQSKgT
Content-Encoding
gzip
Via
1.1 b2340053ff948864db4d5e3c0ab3f3ea.cloudfront.net (CloudFront)
Date
Thu, 04 Jul 2024 16:55:45 GMT
Age
536
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 04 Jul 2024 15:21:58 GMT
Server
AmazonS3
Etag
W/"c3ca7e6129306d41ac549ab4c252c99b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
BeoSZ38lYxilOCoyuREpIo6KQeumVPjAtpRTmk2_uJKJDjWxG4TenA==
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5C0A9E37806B48E69C06EDA7E56CB2AD&RedC=c.clarity.ms&MXFR=115A77DC7D8567323B7D636E798569B0
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5C0A9E37806B48E69C06EDA7E56CB2AD&MUID=3CCD659293A96BB40F74712092226A2E
42 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5C0A9E37806B48E69C06EDA7E56CB2AD&MUID=3CCD659293A96BB40F74712092226A2E
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ciweb.ciwebgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 17:04:40 GMT
last-modified
Tue, 25 Jun 2024 19:30:12 GMT
server
Microsoft-IIS/10.0
etag
"7473f1936c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 04 Jul 2024 17:04:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2D4430F440D44D649358B598E2B44E0C Ref B: FRA31EDGE0511 Ref C: 2024-07-04T17:04:40Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5C0A9E37806B48E69C06EDA7E56CB2AD&MUID=3CCD659293A96BB40F74712092226A2E
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
rum
ciweb.ciwebgroup.com/cdn-cgi/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ciweb.ciwebgroup.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ciweb.ciwebgroup.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Thu, 04 Jul 2024 17:04:39 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ciweb.ciwebgroup.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
89e0b2194a6c5bf1-FRA
generic_favicon.ico
d2ra6nuwn69ktl.cloudfront.net/assets/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d2ra6nuwn69ktl.cloudfront.net/assets/generic_favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-215.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c469afb6c590be6e295449931d920fd98b79a72e59bfa601e33efab8b9cd8b1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
2YyAY8NGkA5gvlzp.Wq_FSLcqSxC1Ps.
date
Wed, 03 Jul 2024 17:08:13 GMT
via
1.1 ccd3e547bd5d86bbfbaca15b4307ce70.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
86187
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
1150
last-modified
Thu, 20 Jun 2024 12:07:39 GMT
server
AmazonS3
etag
"3212e5f0ef10ada6c24d111da1b3452d"
vary
Accept-Encoding
content-type
image/x-icon
accept-ranges
bytes
x-amz-cf-id
HlqbJET5q2Klp9uaCH2gYSeR_wwlONt6ZTaORrSi0UIRbg54dK8gEQ==
bframe
www.google.com/recaptcha/api2/ Frame 672A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LdRoxkUAAAAAB1JyNT1vPNfSwwACxqfYZo2E_SY
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pGinKBgLecXp21vunmptlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ciweb.ciwebgroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-pGinKBgLecXp21vunmptlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 17:04:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/WZPRYR3BLNDY3I7JPOWBOY/CUU7LSMOUFDDFJQBPTZRFS/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
2600:9000:2644:4400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ciweb.ciwebgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 04 Jul 2024 15:56:43 GMT
X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via
1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
Age
4078
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
YBbz6L0Uy0-j8E4j1WSO3BkFxNGxMZK4vW3oAl_1CoAUGrW4ivCpKQ==

Redirect headers

Date
Thu, 04 Jul 2024 15:57:34 GMT
Via
1.1 b2340053ff948864db4d5e3c0ab3f3ea.cloudfront.net (CloudFront)
Age
4025
X-Amz-Cf-Pop
FRA60-P6
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
O8tOtlvIUaFmD2e0ycGzofWPUDtvlKOWR81UhYWaCXKfVq2huKS-Zg==
index.js
s.adroll.com/j/pre/WZPRYR3BLNDY3I7JPOWBOY/CUU7LSMOUFDDFJQBPTZRFS/ 		0
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/WZPRYR3BLNDY3I7JPOWBOY/CUU7LSMOUFDDFJQBPTZRFS/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:4400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 16:04:53 GMT
X-Amz-Version-Id
EapuxXCF3Cl8TWgpSm_cH3eK_1HPmxAG
Via
1.1 b2340053ff948864db4d5e3c0ab3f3ea.cloudfront.net (CloudFront)
Age
3588
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Thu, 04 Jul 2024 13:01:52 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
kIG4gGs7cKmGWAAeHP6fstX6k1MHpCMIhSAX6qMOp9vE5g2MYA-4yw==
bframe
www.google.com/recaptcha/api2/ Frame EFD5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LdRoxkUAAAAAB1JyNT1vPNfSwwACxqfYZo2E_SY
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-I3e4OtOaIfe0SAql9L3R9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ciweb.ciwebgroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-I3e4OtOaIfe0SAql9L3R9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 17:04:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
WZPRYR3BLNDY3I7JPOWBOY
d.adroll.com/consent/check/ 		503 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/WZPRYR3BLNDY3I7JPOWBOY?pv=81737122147.7361&arrfrr=https%3A%2F%2Fciweb.ciwebgroup.com%2Flogin&_s=11b5137c121ee04d731dd07ed72a94de&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:2b63:4b74:dc69:1562 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
d61e8853f33bf894b013679c770f9264a337cc961bea3c60935503f14c0ea0c0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 17:04:40 GMT
server
nginx/1.22.1
content-length
503
content-type
application/javascript
collect
w.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://w.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://ciweb.ciwebgroup.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://ciweb.ciwebgroup.com
Date
Thu, 04 Jul 2024 17:04:40 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 undefined| event object| fence object| sharedStorage function| frontageIframe function| frontageIframeEvent object| state_shortcodes function| linkToFrontage function| frontageRefresh function| frontageReload function| frontageRedirect function| frontageMessage function| frontageUrlRedirect function| frontageTarget object| target boolean| FRONTAGE_IFRAME function| reportVCitaHeightChange object| FileAPI function| TimeZone function| date_is_dst function| get_date_offset function| get_timezone_info function| get_january_offset function| get_june_offset function| determine_timezone function| show_timezone_info function| getBrowserTimezone function| timezoneToRailsSafe function| getMyTimezone function| getBrowserTimezoneInternal function| getBrowserTimezoneName function| FastClick function| mixpanel_on function| safeTrack function| safeTrackWithCallback function| safeTrackOnce function| safeTrackLink function| safeTrackForm function| googleConversion function| googleTrackingCode function| businessEventTracking function| add_param function| safeTrackFacebookEvent function| safeTrackFacebookLead function| safeTrackFacebookConverstion function| safeGaqPush function| redirectToJoin function| redirectToSignup function| getURLParameter function| today function| nullToEmpty function| vanilasoftTrackEvent function| dateToTime function| setTime function| markAjaxError function| markAjaxErrorSignup function| mergeOverlappingEvents function| isChrome function| isUserAgentIE function| getFlashMovie function| remove_fields function| add_fields function| countCharsLeft function| parseBoolean function| booleanToString function| linkPopup function| directPopup function| popup function| popupCenter function| auth_callback function| synchronizeSubmit function| releaseSubmitLock function| singlePageSubmit function| reloadCurrentPage function| redirectOnDemand function| disableField function| initAutoLoadUser function| initFeatureTips function| loadQTips function| createUUID function| bindNumericInputKeys function| showVideo function| googleTracking function| closeVideo function| dateWithTime function| getQueryParams function| attachPopupControlJS function| lockPopup function| attachWidgetImplementationPopupJS function| openNewWidgetImplementationPopup string| HEMISPHERE_SOUTH string| HEMISPHERE_NORTH string| HEMISPHERE_UNKNOWN object| olson string| dt_zone object| jQueryLoaderOptions object| msBeautify object| I18n object| Base64 boolean| popupOpened object| RedactorPlugins object| html5 object| Modernizr function| yepnope function| $ function| jQuery function| DP_jQuery_1720112678810 object| jQuery183016957171775963475 object| BROWSER function| tinycolor function| designedSelect function| recurlyController function| openPopup function| openEducationCenterPopup function| openDialog function| createDialogContainer object| angular string| mixpanel_id object| mixpanel function| mixpanel_id_callback function| onLoginSubmit number| settings_timer number| _vwo_settings_timer object| _vwo_code function| inner_auth_callback function| onSignupSubmit object| _gaq object| uetq undefined| style function| fbAsyncInit string| adroll_adv_id string| adroll_pix_id object| FB object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client undefined| vwo_e number| _vwo_j_e object| _VWO string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue number| _vwo_acc_id object| _gat object| gaGlobal object| __cfBeacon string| csrf_token string| csrf_param string| browser_timezone_rails string| timezonename object| industries string| professionTitle function| UET function| UET_init function| UET_push object| ueto_b515938dfa object| __buffer object| recaptcha object| closure_lm_560787 function| clarity object| clarityuetq boolean| __adroll_loaded string| adroll_sid object| __adroll_consent_data object| dataLayer object| adroll object| __adroll boolean| adroll_optout object| adroll_loaded object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country

24 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AOG26BdYetPFaGbTVrHmr1hs40B-igDlso2IocCz0oVm_kdZClDHJVsQ8MKMYJnF0o19vcXQFKbkG7eJjq6rGGQ
.ciweb.ciwebgroup.com/ Name: __cf_bm
Value: chNTzTavm6fhHgqInyrXWp7W8UUfDMhPTB9fbJ5C0hA-1720112677-1.0.1.1-K_vd6jmFB.LZ__8q6HYDFc.jpKZ9ZlukPflzGrz8hMRRujh3f_7atUQPrGWfh.XCsLMHxklpRubNHf4448KloH4RTGMVv1ocg8VTSsQuvYA
.ciweb.ciwebgroup.com/ Name: _cfuvid
Value: Cp_1BY4dVR7ZjZl.V9qPqjxWP6kPod0n1T8ZmZKYmy8-1720112677989-0.0.1.1-604800000
.ciwebgroup.com/ Name: ____vcita_session
Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTY4NjFhMzBhNjFlOTVhMTg5NjMyYzA3NWJiM2E1YTk3BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMW5DbG9BMVFzQUpLMjNUZXBNRE1nWitJTFRBc2tGVTNIbUZwN0FkeXdBSWs9BjsARg%3D%3D--b1b54fe579bb258505339b8a695f966141d91d14
.ciweb.ciwebgroup.com/ Name: _vwo_uuid_v2
Value: DB4B4BA93F56562BC9CA6D859A262311A|c5648e52e58c4f38def327e76d8241d6
.ciwebgroup.com/ Name: mp_78aa39b3aa49594f172cfccda537ef1a_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A1907eb4883a5da-05dfd58aaa8bd-26001f51-1d4c00-1907eb4883a5da%22%2C%22%24device_id%22%3A%20%221907eb4883a5da-05dfd58aaa8bd-26001f51-1d4c00-1907eb4883a5da%22%2C%22Application%22%3A%20%22Website%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.ciweb.ciwebgroup.com/ Name: __utma
Value: 7610656.1076205336.1720112679.1720112679.1720112679.1
.ciweb.ciwebgroup.com/ Name: __utmc
Value: 7610656
.ciweb.ciwebgroup.com/ Name: __utmz
Value: 7610656.1720112679.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.ciweb.ciwebgroup.com/ Name: __utmt
Value: 1
.ciweb.ciwebgroup.com/ Name: __utmb
Value: 7610656.1.10.1720112679
.ciwebgroup.com/ Name: _uetsid
Value: 7f93a2803a2711efa2eac7bbffe51d1d
.ciwebgroup.com/ Name: _uetvid
Value: 7f93cb303a2711efb31219f0f9a2dfd3
.bing.com/ Name: MUID
Value: 3CCD659293A96BB40F74712092226A2E
.ciweb.ciwebgroup.com/ Name: cf_clearance
Value: .m0d5ZBG34udIuWaSQ92VuBTkARW8tUWBpQ7vXx6CvA-1720112679-1.0.1.1-G6xTsfC4sVThsFdmIw1C72qAa.2ds5kwDFpP82EMtQdvMjSVlqTaZ31Fc.K2VRppAW.d_Wu7ediz1sJcLvhbNg
www.clarity.ms/ Name: CLID
Value: 169a9053dec2477f8970bec71c49d85b.20240704.20250704
.ciwebgroup.com/ Name: _clck
Value: 16svwyp%7C2%7Cfn6%7C0%7C1646
.ciwebgroup.com/ Name: _clsk
Value: nx87sn%7C1720112679993%7C1%7C1%7Cw.clarity.ms%2Fcollect
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 3CCD659293A96BB40F74712092226A2E
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3CCD659293A96BB40F74712092226A2E
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

5 Console Messages

Source Level URL
Text
rendering warning URL: https://d2ra6nuwn69ktl.cloudfront.net/assets/application-980c77fd04b84a63cf15b688990ebcdb.js(Line 28)
Message:
The specified value "!" does not conform to the required format. The format is "#rrggbb" where rr, gg, bb are two-digit hexadecimal numbers.
rendering warning URL: https://d2ra6nuwn69ktl.cloudfront.net/assets/application-980c77fd04b84a63cf15b688990ebcdb.js(Line 28)
Message:
The specified value "!" does not conform to the required format. The format is "#rrggbb" where rr, gg, bb are two-digit hexadecimal numbers.
recommendation warning URL: https://ciweb.ciwebgroup.com/login
Message:
[DOM] Found 2 elements with non-unique id #lang: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://ciweb.ciwebgroup.com/login
Message:
[DOM] Found 2 elements with non-unique id #user_email: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://ciweb.ciwebgroup.com/login
Message:
[DOM] Found 2 elements with non-unique id #user_password: (More info: https://goo.gl/9p2vKq) %o %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
c.bing.com
c.clarity.ms
c15117557.ssl.cf2.rackcdn.com
cdn.mxpnl.com
ciweb.ciwebgroup.com
connect.facebook.net
d.adroll.com
d2ra6nuwn69ktl.cloudfront.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
s.adroll.com
static.cloudflareinsights.com
stats.g.doubleclick.net
w.clarity.ms
www.clarity.ms
www.google.com
www.gstatic.com
13.33.158.215
13.74.129.1
142.250.186.100
157.240.253.1
23.212.202.218
23.96.124.156
2600:1901:0:bc29::
2600:9000:2644:4400:6:9280:1080:93a1
2606:4700::6810:5049
2606:4700::6812:1b03
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:809::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:829::2003
2a00:1450:400c:c00::9c
2a03:2880:f083:100:face:b00c:0:3
2a05:d018:cc3:fe04:2b63:4b74:dc69:1562
34.96.102.137
02b5db103f24a7395fa2623b371ea764e2948337147de780911dc2fcdec49458
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
11543f781939c559795279cad4e50e5e277c69c190c819cf6a0fdac44e822f16
12df12616a33fadaf498c6eef21f1af6c51aaf5313faa35b844d54a67cc3aae2
2b3deb0f11bee6017e92156f0c06ef917f924f9faa39c88c36465f24d4cfd3fc
30610497b5a0c47d76d107d1e7930f1ff972e4037b04f780e50389dac8f8ea27
4211b811bb485720668ef0a0a16d04da09f5e0f8210c46bffa74aef5f76c06af
469a526ca24bbea7324d247723b25f36f8d6808195261e798a5f766679d7cf92
4c469afb6c590be6e295449931d920fd98b79a72e59bfa601e33efab8b9cd8b1
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
60f5f911fd8f366f29390166716a1977430d5472b02b6a1298c818096d7d2aac
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
68dcd5ab9ace7cb6f90f96299c2b98c9ec7e75babc3fcf8561989bf565b02534
788b6d35e309e12b1ab299bc7bf6184804c5224e6f4f5e75b3af7c2e47cbcfe3
7b98d4b09574d8e98ed67602e78ab342e2f9c9028c150d8a19182d7db4b84b08
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
91c286bfba831de57aef7ad6997b255354c8cd521c3a590cfa6582de9ff550f6
94440d0da0f34814ad188e2e918005e8b0b3b340c83ae500ae469d6285ddd70d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b5eb468156ff7ae8ae8a8f1ff29d4d68c4c45485d6c15426f75c50e2899b11f
bab7d7e7883680719504eeb7d5338e6a26da494ce5a5930d53ea5d786b7b2df7
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
cb5de037f283370f10a839549da8fab796f4fc41e0b17afc389dfa2f37c5b0af
cfd60ebe32ff6bd01658a9aaf5f737556b387d1b7fb8d204ce747544501a62c5
d61e8853f33bf894b013679c770f9264a337cc961bea3c60935503f14c0ea0c0
df85e001ce72e46c578531cf3ea8bbb0712a4af63abc112d9d633e474c05965f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6fa6bce9e87f8933ef111766f37dc12fa443651a23427da0ee31588d3d1ed36