www.clearshift.com Open in urlscan Pro
157.245.165.179 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.clearshift.com/
Submission: On June 24 via manual (June 24th 2022, 2:25:50 am UTC) from IN — Scanned from DE

Summary HTTP 152 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 39 IPs in 3 countries across 25 domains to perform 152 HTTP transactions. The main IP is 157.245.165.179, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.clearshift.com.
TLS certificate: Issued by R3 on June 7th 2022. Valid for: 3 months.

This is the only time www.clearshift.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	157.245.165.179 157.245.165.179	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
7	13.32.99.15 13.32.99.15	16509 (AMAZON-02) (AMAZON-02)
6	54.215.223.85 54.215.223.85	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:237... 2600:9000:2375:3000:14:ff33:b440:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	54.144.226.48 54.144.226.48	14618 (AMAZON-AES) (AMAZON-AES)
4	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	52.222.225.250 52.222.225.250	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::432 2a04:4e42::432	54113 (FASTLY) (FASTLY)
6	2606:4700:10:... 2606:4700:10::6816:4cb7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:249... 2600:9000:2490:7800:10:c56a:9600:21	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:ef:... 2a02:26f0:ef:2a0::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.148.84.190 54.148.84.190	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
11	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::567	54113 (FASTLY) (FASTLY)
2	52.86.126.67 52.86.126.67	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
6	143.204.101.170 143.204.101.170	16509 (AMAZON-02) (AMAZON-02)
1	108.138.24.161 108.138.24.161	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
6	52.26.175.46 52.26.175.46	16509 (AMAZON-02) (AMAZON-02)
2	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
152	39

37 157.245.165.179 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 480089.cloudwaysapps.com

www.clearshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.99.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-15.fra60.r.cloudfront.net

chat.exceed.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webchat.exceed.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.215.223.85 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-215-223-85.us-west-1.compute.amazonaws.com

birdeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2375:3000:14:ff33:b440:93a1 (United States)

ASN16509 (AMAZON-02, US)

scripts.foureyes.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.226.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-226-48.compute-1.amazonaws.com

prod.exceed.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.225.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-225-250.fra56.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::432 (United States)

ASN54113 (FASTLY, US)

static.cargurus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:4cb7 (United States)

ASN13335 (CLOUDFLARENET, US)

w.chatlio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:7800:10:c56a:9600:21 (United States)

ASN16509 (AMAZON-02, US)

d3j1weegxvu8ns.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:ef:2a0::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.84.190 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-84-190.us-west-2.compute.amazonaws.com

foureyes.adpearance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::567 (United States)

ASN54113 (FASTLY, US)

www.cargurus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.86.126.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-126-67.compute-1.amazonaws.com

sp.cargurus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.101.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-170.fra50.r.cloudfront.net

d3cnqzq0ivprch.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.24.161 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-161.fra56.r.cloudfront.net

d1azc1qln24ryf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.26.175.46 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-175-46.us-west-2.compute.amazonaws.com

api.chatlio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	clearshift.com www.clearshift.com	6 MB
12	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 322 fonts.googleapis.com — Cisco Umbrella Rank: 71	225 KB
12	chatlio.com w.chatlio.com — Cisco Umbrella Rank: 68610 api.chatlio.com — Cisco Umbrella Rank: 78974	131 KB
10	google.com www.google.com — Cisco Umbrella Rank: 8 region1.analytics.google.com — Cisco Umbrella Rank: 5133 apis.google.com — Cisco Umbrella Rank: 162 accounts.google.com — Cisco Umbrella Rank: 116	61 KB
10	gstatic.com fonts.gstatic.com maps.gstatic.com www.gstatic.com	237 KB
8	cloudfront.net d3j1weegxvu8ns.cloudfront.net d3cnqzq0ivprch.cloudfront.net d1azc1qln24ryf.cloudfront.net	459 KB
8	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	385 KB
8	exceed.ai chat.exceed.ai — Cisco Umbrella Rank: 643875 webchat.exceed.ai — Cisco Umbrella Rank: 856104 prod.exceed.ai — Cisco Umbrella Rank: 283420	497 KB
6	birdeye.com birdeye.com — Cisco Umbrella Rank: 39838	16 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	519 B
4	google.de www.google.de — Cisco Umbrella Rank: 5448	781 B
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119	2 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 942	1 KB
4	cargurus.com static.cargurus.com — Cisco Umbrella Rank: 16959 www.cargurus.com — Cisco Umbrella Rank: 16015 sp.cargurus.com — Cisco Umbrella Rank: 24684	12 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	40 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	275 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 107	52 KB
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 794	1 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 784	19 KB
1	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 2750	159 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 741	7 KB
1	adpearance.com foureyes.adpearance.com — Cisco Umbrella Rank: 23266
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 983	8 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	foureyes.io scripts.foureyes.io — Cisco Umbrella Rank: 27762	1 KB
152	25

	Domain	Requested by
37	www.clearshift.com	www.clearshift.com
11	maps.googleapis.com	www.google.com maps.googleapis.com
8	connect.facebook.net	www.clearshift.com connect.facebook.net d3cnqzq0ivprch.cloudfront.net
7	fonts.gstatic.com	www.clearshift.com fonts.googleapis.com
6	api.chatlio.com	w.chatlio.com
6	d3cnqzq0ivprch.cloudfront.net	birdeye.com
6	w.chatlio.com	www.clearshift.com w.chatlio.com
6	birdeye.com	www.clearshift.com birdeye.com d3cnqzq0ivprch.cloudfront.net
5	www.facebook.com	www.clearshift.com
5	chat.exceed.ai	www.clearshift.com chat.exceed.ai
4	www.google.de	www.clearshift.com
4	tr.snapchat.com	sc-static.net www.clearshift.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.google.com	www.clearshift.com
4	www.googletagmanager.com	www.clearshift.com www.googletagmanager.com birdeye.com
3	accounts.google.com	apis.google.com www.clearshift.com www.gstatic.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.youtube.com	www.clearshift.com www.youtube.com
2	ct.pinterest.com	s.pinimg.com www.clearshift.com
2	maps.gstatic.com	www.google.com www.clearshift.com
2	apis.google.com	birdeye.com apis.google.com
2	sp.cargurus.com	d3j1weegxvu8ns.cloudfront.net
2	s.pinimg.com	www.clearshift.com s.pinimg.com
2	webchat.exceed.ai	chat.exceed.ai
1	www.gstatic.com	accounts.google.com
1	platform.linkedin.com	birdeye.com
1	d1azc1qln24ryf.cloudfront.net	birdeye.com
1	fonts.googleapis.com	birdeye.com
1	maxcdn.bootstrapcdn.com	birdeye.com
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.cargurus.com	static.cargurus.com
1	foureyes.adpearance.com	scripts.foureyes.io
1	d3j1weegxvu8ns.cloudfront.net	www.clearshift.com
1	static.cargurus.com	www.clearshift.com
1	sc-static.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	prod.exceed.ai	chat.exceed.ai
1	scripts.foureyes.io	www.clearshift.com
152	39

This site contains links to these domains. Also see Links.

Domain
ww2.clearshift.com
youtu.be
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.pinterest.com
www.linkedin.com

Subject Issuer	Validity	Valid
clearshift.com R3	`2022-06-07` - `2022-09-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.exceed.ai Amazon	`2021-11-22` - `2022-12-20`	a year	crt.sh
*.birdeye.com Go Daddy Secure Certificate Authority - G2	`2021-09-19` - `2022-10-21`	a year	crt.sh
*.foureyes.io Amazon	`2022-01-26` - `2023-02-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-02` - `2022-07-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.cargurus.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-04` - `2023-03-08`	a year	crt.sh
chatlio.com Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
adpearance.com Amazon	`2022-05-01` - `2023-05-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-01` - `2023-01-31`	a year	crt.sh
www.cargurus.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-14` - `2022-11-03`	a year	crt.sh
sp.cargurus.com Amazon	`2022-02-23` - `2023-03-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.chatlio.com Amazon	`2022-05-06` - `2023-06-03`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.clearshift.com/
Frame ID: 0AF44734C900CA4FD209A62C22BF5599
Requests: 103 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3075.7352072076983!2d-104.97370308462976!3d39.565577779473244!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x876c8227f6de2e19%3A0xe8656987c831b2c7!2sClearShift%20Leasing%20%26%20Sales!5e0!3m2!1sen!2sus!4v1621978778394!5m2!1sen!2sus
Frame ID: 187EF947C089B4E33A42FD1093F3C808
Requests: 15 HTTP requests in this frame

Frame: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0
Frame ID: 8206661398E789F123C3FAD8F43CFACB
Requests: 25 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=4d470413-eb92-4a81-8914-d940f9b6bdc0
Frame ID: 358DD13AD7C394E83459ED11F5AC1485
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 98129533AA1E27CAEA67AA0DF717AAB5
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 62D1A0AB746A9C9267770C0A9230448C
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2D3296CFC6B4DD5092F30F2DFD941439
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ClearShift | High Quality Pre Owned Vehicles in Highlands Ranch.

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery Mobile (Mobile Frameworks) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]mobile(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Birdeye (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

birdeye\.com/embed
birdeye\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

152
Requests

100 %
HTTPS

66 %
IPv6

25
Domains

39
Subdomains

39
IPs

3
Countries

8355 kB
Transfer

14482 kB
Size

29
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://ww2.clearshift.com/?sort_by=sale_price%3Adesc
Title: Shop Our Inventory

Search URL Search Domain Scan URL

URL: https://ww2.clearshift.com/finance
Title: Get Approved

Search URL Search Domain Scan URL

URL: https://ww2.clearshift.com/calculate-your-payment
Title: Calculate Your Payment

Search URL Search Domain Scan URL

URL: https://ww2.clearshift.com/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://youtu.be/NhpBueRPggM
Title: Who is ClearShift?

Search URL Search Domain Scan URL

URL: https://ww2.clearshift.com/spanish-finance-app
Title: Aplicación Financiera Española

Search URL Search Domain Scan URL

URL: https://www.facebook.com/clearshift
Title: <img src="https://www.clearshift.com/wp-content/uploads/facebook-icon.png" width="32" height="32" alt="Facebook Social Icon" class="wp-image-410 alignnone size-full" />

Search URL Search Domain Scan URL

URL: https://twitter.com/clearshiftcars
Title: <img src="https://www.clearshift.com/wp-content/uploads/twitter-icon.png" width="32" height="32" alt="Twitter Social Icon" class="wp-image-408 alignnone size-full" />

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCFnN9NnwTTvDJGLqZAUzGTw
Title: <img src="https://www.clearshift.com/wp-content/uploads/youtube-icon.png" width="32" height="32" alt="YouTube Social Icon" class="wp-image-409 alignnone size-full" />

Search URL Search Domain Scan URL

URL: https://www.instagram.com/clearshiftcars
Title: <img src="https://www.clearshift.com/wp-content/uploads/isntagram-icon.png" width="32" height="32" alt="Instagram Social Icon" class="wp-image-411 alignnone size-full" />

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/clearshiftcars
Title: <img src="https://www.clearshift.com/wp-content/uploads/pinterest-icon.png" width="32" height="32" alt="Pinterest Social Icon" class="wp-image-413 alignnone size-full" />

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/clearshiftcars
Title: <img src="https://www.clearshift.com/wp-content/uploads/linkedin-icon.png" width="32" height="32" alt="LinkedIn Social Icon" class="wp-image-412 alignnone size-full" />

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

152 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.clearshift.com/ 219 KB
32 KB 1341ms
789ms Document
text/html 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: d9f4836c7878efe6317f47f44eb492dde3acf318e813dee529bfa9580e6185e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 32749
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 02:25:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://www.clearshift.com/wp-json/>; rel="https://api.w.org/", <https://www.clearshift.com/wp-json/wp/v2/pages/233487>; rel="alternate"; type="application/json", <https://www.clearshift.com/>; rel=shortlink
pragma: no-cache
server: nginx
vary: Accept-Encoding

GET
H2 200 map.css
www.clearshift.com/wp-content/plugins/usahtmlmap/static/css/ 5 KB
1 KB 185ms
180ms Stylesheet
text/css 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/plugins/usahtmlmap/static/css/map.css?ver=6.0
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: dd35c1c303acc2d3c013fd90b637a864cb1acad644209207b8358ba3e6cb4636

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Sat, 20 Mar 2021 16:24:11 GMT
server: nginx
etag: W/"605621ab-138f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 close-button-icon.css
www.clearshift.com/wp-content/plugins/video-popup/css/vp-close-icon/ 832 B
496 B 186ms
180ms Stylesheet
text/css 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/plugins/video-popup/css/vp-close-icon/close-button-icon.css?ver=1656037542
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: d86dcd439074b8bd3e05a28c5efe791ac9256792377f711751c725edbe76b465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 15:19:53 GMT
server: nginx
etag: W/"6065e499-340"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 YouTubePopUp.css
www.clearshift.com/wp-content/plugins/video-popup/css/ 3 KB
1 KB 186ms
181ms Stylesheet
text/css 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/plugins/video-popup/css/YouTubePopUp.css?ver=1656037542
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 73114854337c7316d1aeecb691f23196873eb1fb45d547eed86526e686d3f5d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 15:19:53 GMT
server: nginx
etag: W/"6065e499-d4a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 general.min.css
www.clearshift.com/wp-content/plugins/wp-job-openings/assets/css/ 38 KB
6 KB 186ms
181ms Stylesheet
text/css 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/plugins/wp-job-openings/assets/css/general.min.css?ver=3.3.0
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 144ee8fd3d8997d932fe2b5497979e7cde8fda86b41b0c6e32e47faa8e1157e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 18:12:16 GMT
server: nginx
etag: W/"62683600-96c7"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 style.min.css
www.clearshift.com/wp-content/plugins/wp-job-openings/assets/css/ 17 KB
3 KB 186ms
182ms Stylesheet
text/css 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/plugins/wp-job-openings/assets/css/style.min.css?ver=3.3.0
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 97f83dc425cf0aecdfce10fd18ba2987f4fb392fca689c2177fa671781eb031e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 18:12:16 GMT
server: nginx
etag: W/"62683600-4331"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 et-divi-dynamic-tb-343-tb-182-233487-late.css
www.clearshift.com/wp-content/et-cache/233487/ 5 KB
1 KB 187ms
182ms Stylesheet
text/css 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/et-cache/233487/et-divi-dynamic-tb-343-tb-182-233487-late.css?ver=1655407466
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: d3e91005e3cd96ec9b492410b5f32c598ab6006c5ceb37c50b136914eaea719d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 19:24:26 GMT
server: nginx
etag: W/"62ab836a-151f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 et-divi-dynamic-tb-343-tb-182-233487.css
www.clearshift.com/wp-content/et-cache/233487/ 17 KB
3 KB 187ms
183ms Stylesheet
text/css 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/et-cache/233487/et-divi-dynamic-tb-343-tb-182-233487.css?ver=1655407466
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 7407bf2db8fca1e587298e25d2d0d4ca58c19aea41bf448c5cf278700937137b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 19:24:26 GMT
server: nginx
etag: W/"62ab836a-4248"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 style.min.css
www.clearshift.com/wp-content/plugins/flip-cards-module-divi/styles/ 2 KB
841 B 187ms
183ms Stylesheet
text/css 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/plugins/flip-cards-module-divi/styles/style.min.css?ver=0.9.4
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 13161620ac821e80048f8b8c4ebb6aeffdf87950d1b93317998ecf1a77bef0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Fri, 04 Feb 2022 00:02:13 GMT
server: nginx
etag: W/"61fc6d05-9bb"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 jquery.min.js Show response
www.clearshift.com/wp-includes/js/jquery/ 87 KB
30 KB 367ms
363ms Script
application/javascript 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 21:04:51 GMT
server: nginx
etag: W/"60f73a73-15db1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 jquery-migrate.min.js Show response
www.clearshift.com/wp-includes/js/jquery/ 11 KB
4 KB 368ms
364ms Script
application/javascript 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 15:39:37 GMT
server: nginx
etag: W/"5fd0efb9-2bd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 jquery.nicescroll.js Show response
www.clearshift.com/wp-content/plugins/usahtmlmap/static/js/ 114 KB
24 KB 371ms
367ms Script
application/javascript 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/plugins/usahtmlmap/static/js/jquery.nicescroll.js?ver=6.0
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: bc1e31a3e531d95baa67f3ab23e51bf0e45c1c23d7763973fadf4e41567b6652

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Sat, 20 Mar 2021 16:24:11 GMT
server: nginx
etag: W/"605621ab-1c6e3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 YouTubePopUp.jquery.js Show response
www.clearshift.com/wp-content/plugins/video-popup/js/ 4 KB
1 KB 548ms
545ms Script
application/javascript 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/plugins/video-popup/js/YouTubePopUp.jquery.js?ver=1656037542
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: bc8419ce3011a0dce3b67bec9272b0f07f7199ebbc3337da54dfb21475ae4c13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 15:19:53 GMT
server: nginx
etag: W/"6065e499-1136"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 YouTubePopUp.js Show response
www.clearshift.com/wp-content/plugins/video-popup/js/ 458 B
498 B 549ms
545ms Script
application/javascript 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/plugins/video-popup/js/YouTubePopUp.js?ver=1656037542
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 490c2ae7ad27b58ae02cb15b529bc7e10f5967d883d81be4afb42cba72759540

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 15:19:53 GMT
server: nginx
etag: W/"6065e499-1ca"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
40 KB 138ms
54ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113511581-1

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c57551a14279dafbcafe1f95b00ee19aa995e48a925dbcaafa2ed2c1421196f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40818
x-xss-protection: 0
expires: Fri, 24 Jun 2022 02:25:43 GMT

GET
H2 200 smush-lazy-load.min.js Show response
www.clearshift.com/wp-content/plugins/wp-smush-pro/app/assets/js/ 8 KB
4 KB 549ms
546ms Script
application/javascript 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.10.2
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 13:45:06 GMT
server: nginx
etag: W/"62ab33e2-1eee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 exceedChatWidget.js Show response
chat.exceed.ai/ 10 KB
10 KB 158ms
40ms Script
application/javascript 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.exceed.ai/exceedChatWidget.js?sequenceid=5f3d5048f20a5a021d115368
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2e9c09c7cede2efd620a8413a3e712566fe2516be72ed68adc64e35373ca4ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 03:40:30 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
last-modified: Sun, 22 May 2022 07:57:50 GMT
server: AmazonS3
age: 83421
etag: "47677a2d1d1460b09d88006c0a39eb6c"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 9757
x-amz-cf-id: HyX99n3FF3o_Rod8bB3VOGpw6u_DSNnXiZ_86juwN9k7GxwnHfCAww==

GET
H2 200 et-core-unified-233487.min.css
www.clearshift.com/wp-content/et-cache/233487/ 272 B
355 B 187ms
183ms Stylesheet
text/css 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/et-cache/233487/et-core-unified-233487.min.css?ver=1655407080
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 052e26c8bbb88d1f907b5b64a9bbe6ed8883629e79e00b9796b4adb86bcb9834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 19:18:00 GMT
server: nginx
etag: W/"62ab81e8-110"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 et-core-unified-tb-343-tb-182-deferred-233487.min.css
www.clearshift.com/wp-content/et-cache/233487/ 22 KB
3 KB 187ms
184ms Stylesheet
text/css 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/et-cache/233487/et-core-unified-tb-343-tb-182-deferred-233487.min.css?ver=1655407466
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: dfe6bf8acf774f106564ae01449018dd60b8b1d3f38afbea1d63acf1f0ce4d03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 19:24:26 GMT
server: nginx
etag: W/"62ab836a-5896"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 595432911 Show response
birdeye.com/embed/v4/151811739795615/3/ 294 B
807 B 588ms
194ms Script
application/javascript 54.215.223.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://birdeye.com/embed/v4/151811739795615/3/595432911

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.215.223.85 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-223-85.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

5e9ebecd31dab25bbf89a8251d5bdb698f410893c49629b598020aa47a58ca88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: Host,Accept-Encoding,User-Agent
content-length: 245
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
pragma: no-cache
server: Apache
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, follow
strict-transport-security: max-age=63072000
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 fe-init.js Show response
scripts.foureyes.io/ 780 B
1 KB 243ms
58ms Script
application/javascript 2600:9000:2375:3000:14:ff33:b440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.foureyes.io/fe-init.js
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2375:3000:14:ff33:b440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa1a3a88a189755a63807bd9d08c64297bbdb76f6c3b6d762256a65543d08ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 02:43:57 GMT
via: 1.1 a9827211f5accfa203d9dee17dcafb30.cloudfront.net (CloudFront)
last-modified: Tue, 19 Feb 2019 18:00:15 GMT
server: AmazonS3
age: 85334
etag: "0b9ae091063dbd2dbec72c8e7d852342"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: HEL51-P2
accept-ranges: bytes
content-length: 780
x-amz-cf-id: j7omuY-AxVkB0ddZKXxKK7931Lyzh7UG_oVfX2Ars1GIxt3z-2wqww==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 114ms
37ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a36e29e4b619e2e1dd1897f6b5c4034f43ea2b752619114b592f84c6ffb5cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.clearshift.com/
Origin: https://www.clearshift.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fjteRYbKzk9suj1ag211mA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: gSAKLIiJb+dJIXAQOBoFYyL8u4pE+iXbYzPjFbzlzsCgKFgbRvCL/t20P3XOAfc8zjBQFkdh2fQZxo3vrzQoAg==
x-fb-trip-id: 686109401
x-fb-content-md5: e7aca505677001d70fc5fae3a571c6a9
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Jun 2022 02:25:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "82d2e22782790d46ec21bef799a52562"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 24 Jun 2022 02:31:49 GMT

GET
H2 200 script.min.js Show response
www.clearshift.com/wp-content/plugins/wp-job-openings/assets/js/ 48 KB
15 KB 549ms
546ms Script
application/javascript 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/plugins/wp-job-openings/assets/js/script.min.js?ver=3.3.0
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 7330d7da68ac64bdbe4f341176ea7f6a78826ba6681b34ad29d72be3c8d0cd59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 18:12:16 GMT
server: nginx
etag: W/"62683600-beab"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 scripts.min.js Show response
www.clearshift.com/wp-content/themes/Divi/js/ 268 KB
69 KB 549ms
546ms Script
application/javascript 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.17.4
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: ae540f5a8341885755ee2dcfbd25633420f935881bdbe8ec1705a8ec5ab231ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 21:16:00 GMT
server: nginx
etag: W/"6282bf10-42e3c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 jquery.fitvids.js Show response
www.clearshift.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 3 KB
1 KB 551ms
548ms Script
application/javascript 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.17.4
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 21:16:00 GMT
server: nginx
etag: W/"6282bf10-d15"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 jquery.mobile.js Show response
www.clearshift.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 8 KB
3 KB 551ms
549ms Script
application/javascript 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.17.4
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 21:16:00 GMT
server: nginx
etag: W/"6282bf10-1f18"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 frontend-bundle.min.js Show response
www.clearshift.com/wp-content/plugins/flip-cards-module-divi/scripts/ 3 KB
1 KB 552ms
549ms Script
application/javascript 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/plugins/flip-cards-module-divi/scripts/frontend-bundle.min.js?ver=0.9.4
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: c16e3a4badea6055f48c4a2b23b6178623fb31989cba0fe38325ad742aecf935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Fri, 04 Feb 2022 00:02:13 GMT
server: nginx
etag: W/"61fc6d05-d80"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 common.js Show response
www.clearshift.com/wp-content/themes/Divi/core/admin/js/ 1 KB
758 B 552ms
550ms Script
application/javascript 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.17.4
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 21:16:00 GMT
server: nginx
etag: W/"6282bf10-53f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 motion-effects.js Show response
www.clearshift.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 154 KB
38 KB 727ms
725ms Script
application/javascript 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/motion-effects.js?ver=4.17.4
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 94b6b0abae01bb56a2c65fac8cb5528f35b0a55400b01a670178b2713661755d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:42 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 21:16:00 GMT
server: nginx
etag: W/"6282bf10-26892"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 113ms
37ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: rxDWK5oCXTDW2i158u0Pb2vAH0wxxl/WW0tHUKsJsZZmc481YVg/SBfd10lLM7TrGAAG1NaiB9St9LXCgP24HQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 24 Jun 2022 02:25:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 202 KB
72 KB 175ms
93ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NPTKGB9

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3291a2e24983c6e1214e4adad2e93bad28081e9de4d51e6d1747a26081501ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73163
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:25:43 GMT

GET
H2 200 2.79fdc551.chunk.js.gz Show response
chat.exceed.ai/static/js/ 1 MB
294 KB 51ms
51ms Script
application/javascript 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.exceed.ai/static/js/2.79fdc551.chunk.js.gz
Requested by: Host: chat.exceed.ai
URL: https://chat.exceed.ai/exceedChatWidget.js?sequenceid=5f3d5048f20a5a021d115368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a27309891fd9309fa412ab67a5bfe17a331f6712c6a35947260016fb4f752382

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 04:10:36 GMT
content-encoding: gzip
last-modified: Sun, 22 May 2022 07:57:52 GMT
server: AmazonS3
age: 80151
etag: "dbe6d1919cd7cbdf506f0e1f2592f7eb"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 299964
x-amz-cf-id: ER2DmXZJk-O5ga1ozrgHHPJfuB2kQqmu668vKj4PG9hcKDj5c26JgQ==

GET
H2 200 main.a5d9a791.chunk.js.gz Show response
chat.exceed.ai/static/js/ 35 KB
9 KB 74ms
74ms Script
application/javascript 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.exceed.ai/static/js/main.a5d9a791.chunk.js.gz
Requested by: Host: chat.exceed.ai
URL: https://chat.exceed.ai/exceedChatWidget.js?sequenceid=5f3d5048f20a5a021d115368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5a38d73dab4defa0c06c22807b71b8f55e01d1ddd054ba6ce792fac95ccf826

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 03:40:30 GMT
content-encoding: gzip
last-modified: Sun, 22 May 2022 07:57:52 GMT
server: AmazonS3
age: 83421
etag: "42bd1040a81346adcdd63f51baf26680"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 8617
x-amz-cf-id: gdjuhmYmvpymt2jLN5kchn9FLi-PF9Psa4uhBIss3dvkFldIfU6GTQ==

GET
H2 200 2.13d0b22c.chunk.css.gz
chat.exceed.ai/static/css/ 89 KB
12 KB 43ms
42ms Stylesheet
text/css 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.exceed.ai/static/css/2.13d0b22c.chunk.css.gz
Requested by: Host: chat.exceed.ai
URL: https://chat.exceed.ai/exceedChatWidget.js?sequenceid=5f3d5048f20a5a021d115368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55ecd9fc90555cc227d86be60b3ed8f7a2287b64eb3d5408ff1a23c5d3f3461a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 05:55:36 GMT
content-encoding: gzip
last-modified: Sun, 22 May 2022 07:57:52 GMT
server: AmazonS3
age: 81013
etag: "0740f6fcffafd47a738f1ab555a0024d"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 11984
x-amz-cf-id: zi03drLmZpjd1kaDBZ17NwD4vQ--dHit5IBH0jVYvURuvA3UBMFP_w==

GET
H2 200 main.4ce87d9e.chunk.css.gz
chat.exceed.ai/static/css/ 5 KB
2 KB 44ms
44ms Stylesheet
text/css 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.exceed.ai/static/css/main.4ce87d9e.chunk.css.gz
Requested by: Host: chat.exceed.ai
URL: https://chat.exceed.ai/exceedChatWidget.js?sequenceid=5f3d5048f20a5a021d115368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 068173ede826e64505eaabda55b122f6a451f0311649ce79ab9241fb42a06456

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 03:40:30 GMT
content-encoding: gzip
last-modified: Sun, 22 May 2022 07:57:52 GMT
server: AmazonS3
age: 83421
etag: "ddb4a3a8ca27853484ebf9257a80c4c4"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 1666
x-amz-cf-id: -dY0WsqTZZfXij0ncq8eOY7UkjzGbapMywIeY5Y0ZNWYghSjnAUSiw==

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Welcome-Bar-and-Customer-Lounge-REV.jpg
www.clearshift.com/wp-content/uploads/ 293 KB
294 KB 181ms
181ms Image
image/jpeg 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clearshift.com/wp-content/uploads/Welcome-Bar-and-Customer-Lounge-REV.jpg
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/wp-content/et-cache/233487/et-core-unified-tb-343-tb-182-deferred-233487.min.css?ver=1655407466
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 9c69cb6a7ed711640ef2c8e9ff6e9630a174f5e77b2260380098fea20d2e5beb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/wp-content/et-cache/233487/et-core-unified-tb-343-tb-182-deferred-233487.min.css?ver=1655407466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
last-modified: Mon, 02 Aug 2021 23:09:46 GMT
server: nginx
etag: "61087b3a-494bb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 300219

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 21 KB
22 KB 121ms
38ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed01287cc7c91ca39383bc12e449fd8042e8a119fd6864639a64566cd1328d59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clearshift.com/
Origin: https://www.clearshift.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 11:48:08 GMT
x-content-type-options: nosniff
age: 311855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21508
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 11:48:08 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 22 KB
22 KB 170ms
89ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58a886cc7d1d22c51bf05e8426072841a6d7894cdbda30379273a09026346f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clearshift.com/
Origin: https://www.clearshift.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 12:55:53 GMT
x-content-type-options: nosniff
age: 307790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22116
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 12:55:53 GMT

GET
H2 200 ClearShift-1.png
www.clearshift.com/wp-content/uploads/ 2 KB
2 KB 349ms
349ms Image
image/png 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clearshift.com/wp-content/uploads/ClearShift-1.png
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: c9a319875d92e0f2f0330c735b1a9883085ed8e998c3a235ed13e5da20c477f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
last-modified: Fri, 02 Oct 2020 20:53:01 GMT
server: nginx
etag: "5f77932d-778"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1912

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 22 KB
22 KB 177ms
108ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4uaVI.woff2

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a89b2284baa0fc6ee5ae370ab7d527a3066fa997c3a7e300e9160cb62a44b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clearshift.com/
Origin: https://www.clearshift.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 236401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22056
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 08:45:42 GMT

GET
H2 200 image5.png
www.clearshift.com/wp-content/uploads/ 1 MB
1 MB 339ms
338ms Image
image/png 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clearshift.com/wp-content/uploads/image5.png
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 7b2277924addbe10e5cb2f66ad7c3d275df560440d727f29bdc4d7f611fe0f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
last-modified: Fri, 06 Nov 2020 22:00:21 GMT
server: nginx
etag: "5fa5c775-16a0d7"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1482967

GET
H2 200 Blurred-road-BG.jpg
www.clearshift.com/wp-content/uploads/ 113 KB
113 KB 338ms
338ms Image
image/jpeg 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clearshift.com/wp-content/uploads/Blurred-road-BG.jpg
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/wp-content/et-cache/233487/et-core-unified-tb-343-tb-182-deferred-233487.min.css?ver=1655407466
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 9d043f1511f27aa9c6a1f9673ca10b0023cdacf1383bdd70b70e0af27fb838a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/wp-content/et-cache/233487/et-core-unified-tb-343-tb-182-deferred-233487.min.css?ver=1655407466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
last-modified: Tue, 16 Mar 2021 22:39:46 GMT
server: nginx
etag: "605133b2-1c4ba"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 115898

GET
H2 200 modules.ttf
www.clearshift.com/wp-content/themes/Divi/core/admin/fonts/modules/all/ 90 KB
91 KB 338ms
338ms Font
application/octet-stream 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

Referer: https://www.clearshift.com/
Origin: https://www.clearshift.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
last-modified: Mon, 16 May 2022 21:16:00 GMT
server: nginx
etag: "6282bf10-168f0"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 92400

GET
H2 200 widget Show response
birdeye.com/embed/ 7 KB
2 KB 191ms
191ms Script
application/javascript 54.215.223.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://birdeye.com/embed/widget?account=151811739795615&ver=4&btype=3&wid=595432911&source=0&key=&update=&

Requested by

Host: birdeye.com
URL: https://birdeye.com/embed/v4/151811739795615/3/595432911

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.215.223.85 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-223-85.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

330a3e6b56af916159ae2c165093c53f87ba994b541b99e64fa590a8ec84adaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: Host,Accept-Encoding,User-Agent
content-length: 1635
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
pragma: no-cache
server: Apache
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, follow
strict-transport-security: max-age=63072000
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 et-divi-dynamic-tb-343-tb-182-233487-late.css
www.clearshift.com/wp-content/et-cache/233487/ 5 KB
1 KB 491ms
491ms Stylesheet
text/css 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clearshift.com/wp-content/et-cache/233487/et-divi-dynamic-tb-343-tb-182-233487-late.css
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: d3e91005e3cd96ec9b492410b5f32c598ab6006c5ceb37c50b136914eaea719d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 19:24:26 GMT
server: nginx
etag: W/"62ab836a-151f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 22 KB
22 KB 92ms
72ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

922297c4e207dae08affdbc21f34329d67f4ed482f5bdecb2369381a3b5eab66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clearshift.com/
Origin: https://www.clearshift.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 20:02:27 GMT
x-content-type-options: nosniff
age: 282196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22096
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:02:27 GMT

GET
H2 200 embed Show response
www.google.com/maps/ Frame 187E 4 KB
2 KB 315ms
227ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3075.7352072076983!2d-104.97370308462976!3d39.565577779473244!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x876c8227f6de2e19%3A0xe8656987c831b2c7!2sClearShift%20Leasing%20%26%20Sales!5e0!3m2!1sen!2sus!4v1621978778394!5m2!1sen!2sus

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

729371dc5e41304d3d887eca7e3dc3ef3e82c210ba0929f54d812364e6fff7ca

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-MeMQn9nbW5Xy7UAtlbqfyQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection	0

Request headers

Referer: https://www.clearshift.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1662
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-MeMQn9nbW5Xy7UAtlbqfyQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 02:25:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: mafe
server-timing: gfet4t7; dur=183
vary: Accept-Language
x-xss-protection: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 294 KB
84 KB 37ms
37ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=72a1de2e8b6b61e7ce307f60f61401c1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae0e602d9ed90240911719d6d99f50664ab502e5811f6175763880fe13e0bad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.clearshift.com/
Origin: https://www.clearshift.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lBPKPMwtwcDiNo/Jt60+MA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85999
x-fb-rlafr: 0
x-fb-debug: SQlluxLEYuGJYX3MF2+U6fZFPrvkoEA1aW2TsyzBeg4xdjBb1oherfvsUMQqVc37QeCpIXBl800lQ//YLghVxg==
x-fb-trip-id: 686109401
x-fb-content-md5: 3c8d233bef041e8598c171f1c0bfb142
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Jun 2022 02:25:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "08eeb4ee378f0d804fca89ceb0c4805f"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 24 Jun 2023 01:02:12 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 63 KB
20 KB 38ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.62

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e547fe50a764e43c4a31eee65d715869f35c7ad8d781584453561b87c4fcf7f3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20460
x-xss-protection: 0
pragma: public
x-fb-debug: sR3yetYXoK1EcqcRO367ywTuaAubgjBatqQ9fHS8kPecrwqU8VoV0JoJ6qXrb5C7WWxexkDw8pcyBvkLgLxaKA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 24 Jun 2022 02:25:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 357410115188596 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 145ms
145ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/357410115188596?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

799922130fe420fb2882dd22f44e36de3e13912cb924f0971e47af1f3226ff8a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: O7NIVMKu6Ziz5ozPlENqmJSuNLaTTXzT3/h/mGmi7HNDCUJjFrPSEBr2pL1tKDQ0hCd6BCZ/elJYhZeVSvZGeQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Jun 2022 02:25:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656037543452
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Pling.wav Show response
webchat.exceed.ai/ 85 KB
85 KB 207ms
112ms XHR
audio/x-wav 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://webchat.exceed.ai/Pling.wav
Requested by: Host: chat.exceed.ai
URL: https://chat.exceed.ai/static/js/2.79fdc551.chunk.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b8d1b8b5769d718b79f7fe7708fadbb640890c53c550fe4b74420b51ee81f0a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:10:28 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Sun, 22 May 2022 07:57:50 GMT
server: AmazonS3
age: 8427
etag: "52833ca4dea690f2ca7ae128c96020d6"
access-control-max-age: 3
access-control-allow-methods: GET, HEAD
content-type: audio/x-wav
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 86612
x-amz-cf-id: 5vkVVCQfvZQaftwR_Ye3RfgBLxo9tHbNQ7AwmMsN8zZZVcIvD4Rtsw==

GET
H2 200 Pling.wav Show response
webchat.exceed.ai/ 85 KB
85 KB 125ms
45ms XHR
audio/x-wav 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://webchat.exceed.ai/Pling.wav
Requested by: Host: chat.exceed.ai
URL: https://chat.exceed.ai/static/js/2.79fdc551.chunk.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b8d1b8b5769d718b79f7fe7708fadbb640890c53c550fe4b74420b51ee81f0a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:10:28 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Sun, 22 May 2022 07:57:50 GMT
server: AmazonS3
age: 8427
etag: "52833ca4dea690f2ca7ae128c96020d6"
access-control-max-age: 3
access-control-allow-methods: GET, HEAD
content-type: audio/x-wav
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 86612
x-amz-cf-id: EBHJ-eXeZCIFJ0ZmOX2TAKP-0ldDKfeCilaUwIDoozTBp1lmDGiY6w==

GET
H2 200 locationSettings Show response
prod.exceed.ai/api/webchat/ 2 B
392 B 427ms
131ms XHR
application/json 54.144.226.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.exceed.ai/api/webchat/locationSettings?sequenceId=5f3d5048f20a5a021d115368

Requested by

Host: chat.exceed.ai
URL: https://chat.exceed.ai/exceedChatWidget.js?sequenceid=5f3d5048f20a5a021d115368

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.144.226.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-144-226-48.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
x-content-type-options: nosniff
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.clearshift.com
access-control-max-age: 1209600
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 2
x-xss-protection: 1; mode=block

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
68 KB 131ms
55ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LCWPT9484N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113511581-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5245e722592a7b1dff01163cf079409010e6be57760dd5d26c8f7651cf583267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70069
x-xss-protection: 0
expires: Fri, 24 Jun 2022 02:25:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 119ms
37ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPTKGB9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5796
date: Fri, 24 Jun 2022 00:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 24 Jun 2022 02:49:07 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 163ms
56ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPTKGB9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 15252473734373555178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Jun 2022 02:25:43 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 21 KB
8 KB 139ms
53ms Script
application/javascript 52.222.225.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPTKGB9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.225.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-225-250.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9fe8a8e2261e527d5b294b5cd8781b93cecf8223e22ba45630345578599cf308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA56-P4
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7452
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-id: admrcC5g7DUFCzuNaeQxIHWIcekrS7rScdqfejeySL1BBHLfF7wfXA==

GET
H2 200 partnermetrics.js Show response
static.cargurus.com/js/api/en_US/2.0/ 64 KB
10 KB 149ms
40ms Script
application/javascript 2a04:4e42::432
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cargurus.com/js/api/en_US/2.0/partnermetrics.js
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::432 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 312ed8c773ecb3cfc26c3652e63938ddce03ab1f7cd952c916cb859b16adbeb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
content-encoding: br
age: 12029
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
content-length: 9891
x-amz-id-2: yIRqYmGM5YQjqLo1tw7gb5rlSArVai4Qt3QxKz8F1zLHiy59hTqeSPgwrkR9c+3cqKCcuPk8kCw=
x-served-by: cache-iad-kiad7000083-IAD, cache-hhn4055-HHN
last-modified: Tue, 15 Mar 2022 17:00:13 GMT
server: AmazonS3
x-timer: S1656037544.664055,VS0,VE0
etag: "2e6b23e4ccfb3940d4c53850853b42c4"
vary: Accept-Encoding
x-amz-request-id: 8JKWG7C9MG4E1TKG
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 87, 5

GET
H2 200 w.chatlio-widget.js Show response
w.chatlio.com/ 2 KB
1 KB 131ms
45ms Script
application/javascript 2606:4700:10::6816:4cb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w.chatlio.com/w.chatlio-widget.js

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8395f37fc30d447640101fa4b2c9a31da5b159a2b28fa6d8513bdaa4dad0f6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
via: 1.1 fly.io
vary: Accept-Encoding
cf-cache-status: HIT
age: 23
cf-polished: origSize=1692
fly-request-id: 01G62KHAMASSANTRP6F5ERXBXG-fra
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Sep 2021 18:38:25 GMT
server: cloudflare
cross-origin-resoure-policy: cross-origin
etag: W/"614cc9a1-69c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=30
cf-ray: 720203b7b9539104-FRA
cf-bgj: minify

GET
H2 200 t.js Show response
d3j1weegxvu8ns.cloudfront.net/ 96 KB
30 KB 130ms
44ms Script
text/javascript 2600:9000:2490:7800:10:c56a:9600:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3j1weegxvu8ns.cloudfront.net/t.js
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:7800:10:c56a:9600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 93afa506e7300c24858c47fe5df4b613cf3e8a6386ff25b043ec1367fdda8ff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 03:54:52 GMT
content-encoding: gzip
last-modified: Mon, 29 Jun 2020 15:34:45 GMT
server: AmazonS3
age: 81052
etag: W/"2067ee71acf6d3023f82c19800bd7d66"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: BuADMrH4EZhof3GrDgg7HXFn2PskERaVU0ff71NJxNl9asQlt43V4A==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 263ms
134ms Script
application/javascript 2a02:26f0:ef:2a0::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:2a0::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 Reception-and-Discovery-Center.jpg
www.clearshift.com/wp-content/uploads/ 219 KB
220 KB 375ms
373ms Image
image/jpeg 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clearshift.com/wp-content/uploads/Reception-and-Discovery-Center.jpg
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/wp-content/et-cache/233487/et-core-unified-tb-343-tb-182-deferred-233487.min.css?ver=1655407466
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: a7977012c3f7a66e087fc58231169ce08a5f34f5b5323e9a4547a9c35112e125

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/wp-content/et-cache/233487/et-core-unified-tb-343-tb-182-deferred-233487.min.css?ver=1655407466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
last-modified: Thu, 15 Jul 2021 17:28:33 GMT
server: nginx
etag: "60f07041-36dad"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 224685

GET
H2 200 Customer-Delivery-Table.jpg
www.clearshift.com/wp-content/uploads/ 221 KB
221 KB 375ms
373ms Image
image/jpeg 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clearshift.com/wp-content/uploads/Customer-Delivery-Table.jpg
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/wp-content/et-cache/233487/et-core-unified-tb-343-tb-182-deferred-233487.min.css?ver=1655407466
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: f1c08e0d39dd5c97077f26607a9b542d7d7e7e678855a3423b71be41832a05f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/wp-content/et-cache/233487/et-core-unified-tb-343-tb-182-deferred-233487.min.css?ver=1655407466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
last-modified: Thu, 15 Jul 2021 17:26:38 GMT
server: nginx
etag: "60f06fce-37338"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 226104

GET
H2 200 Discovery-Center-BMW.jpg
www.clearshift.com/wp-content/uploads/ 191 KB
191 KB 375ms
373ms Image
image/jpeg 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clearshift.com/wp-content/uploads/Discovery-Center-BMW.jpg
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/wp-content/et-cache/233487/et-core-unified-tb-343-tb-182-deferred-233487.min.css?ver=1655407466
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: be9b62a408ab0d04dfcbf726948acdbc7c04ce9abebffb20cd09248cd6a61504

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/wp-content/et-cache/233487/et-core-unified-tb-343-tb-182-deferred-233487.min.css?ver=1655407466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
last-modified: Thu, 15 Jul 2021 17:27:47 GMT
server: nginx
etag: "60f07013-2fbda"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 195546

GET
H2 200 Vehicle-Delivery-Bay.jpg
www.clearshift.com/wp-content/uploads/ 326 KB
326 KB 375ms
373ms Image
image/jpeg 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clearshift.com/wp-content/uploads/Vehicle-Delivery-Bay.jpg
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/wp-content/et-cache/233487/et-core-unified-tb-343-tb-182-deferred-233487.min.css?ver=1655407466
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 9d3164a52994b2cdaf95fe36b05195011392f81bd1a2267dd9341e65908f9c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/wp-content/et-cache/233487/et-core-unified-tb-343-tb-182-deferred-233487.min.css?ver=1655407466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
last-modified: Thu, 15 Jul 2021 17:28:57 GMT
server: nginx
etag: "60f07059-516bb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 333499

GET
H2 200 Building-Front.jpg
www.clearshift.com/wp-content/uploads/ 329 KB
329 KB 375ms
374ms Image
image/jpeg 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clearshift.com/wp-content/uploads/Building-Front.jpg
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/wp-content/et-cache/233487/et-core-unified-tb-343-tb-182-deferred-233487.min.css?ver=1655407466
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 9342580f69543a82692690bccf05a0091927eb072d7313395b32b79f1d9f9841

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/wp-content/et-cache/233487/et-core-unified-tb-343-tb-182-deferred-233487.min.css?ver=1655407466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
last-modified: Thu, 15 Jul 2021 19:38:42 GMT
server: nginx
etag: "60f08ec2-523c1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 336833

GET
H2 403 /
foureyes.adpearance.com/ 0
0 644ms
205ms Script
text/html 54.148.84.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://foureyes.adpearance.com/?ref=&url=https%3A%2F%2Fwww.clearshift.com%2F&lsid=&lsidcheck=1&gtid=
Requested by: Host: scripts.foureyes.io
URL: https://scripts.foureyes.io/fe-init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.84.190 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-84-190.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 113ms
38ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=314817281864915&ev=fb_page_view&dl=https%3A%2F%2Fwww.clearshift.com%2F&rl=&if=false&ts=1656037543564&sw=1600&sh=1200&at=

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 24 Jun 2022 02:25:43 GMT

GET
H2 200 render.php Show response
birdeye.com/widget/ Frame 8206 42 KB
9 KB 201ms
201ms Document
text/html 54.215.223.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0

Requested by

Host: birdeye.com
URL: https://birdeye.com/embed/widget?account=151811739795615&ver=4&btype=3&wid=595432911&source=0&key=&update=&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.215.223.85 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-223-85.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

b127eb3926b174c9007cb9a1bb4967e90c48d6e7a8266ae853e15a661c5a28d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.clearshift.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 02:25:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
server: Apache
strict-transport-security: max-age=63072000
timing-allow-origin: *
vary: Host,Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-robots-tag: noindex, follow
x-ua-compatible: IE=Edge,chrome=1
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 92ms
38ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=357410115188596&ev=PageView&dl=https%3A%2F%2Fwww.clearshift.com%2F&rl=&if=false&ts=1656037543585&sw=1600&sh=1200&v=2.9.62&r=stable&a=wordpress-6.0-3.0.6&ec=0&o=30&fbp=fb.1.1656037543584.844546313&it=1656037543324&coo=false&exp=p0&rqm=GET

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 24 Jun 2022 02:25:43 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 187E 172 KB
57 KB 152ms
41ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3075.7352072076983!2d-104.97370308462976!3d39.565577779473244!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x876c8227f6de2e19%3A0xe8656987c831b2c7!2sClearShift%20Leasing%20%26%20Sales!5e0!3m2!1sen!2sus!4v1621978778394!5m2!1sen!2sus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

da75393148f80c1ece2366988477d048698763a71679f543f58c2ccb982a30b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:43 GMT
content-encoding: gzip
server: mafe
age: 900
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57540
x-xss-protection: 0
expires: Fri, 24 Jun 2022 02:40:43 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 119ms
44ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1492123720&t=pageview&_s=1&dl=https%3A%2F%2Fwww.clearshift.com%2F&ul=en-us&de=UTF-8&dt=ClearShift%20%7C%20High%20Quality%20Pre%20Owned%20Vehicles%20in%20Highlands%20Ranch.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=306499852&gjid=199283843&cid=955239517.1656037544&tid=UA-113511581-1&_gid=1150299296.1656037544&_r=1&gtm=2wg6m0NPTKGB9&z=1430643734

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clearshift.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.clearshift.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 w.chatlio-widget.js Show response
w.chatlio.com/v5/ 94 KB
26 KB 102ms
58ms Script
application/javascript 2606:4700:10::6816:4cb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w.chatlio.com/v5/w.chatlio-widget.js?loader-version=549d4da

Requested by

Host: w.chatlio.com
URL: https://w.chatlio.com/w.chatlio-widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

434df907cf87fc6eaa7502d6bdb6d813fb55a69a0a9b0ca8fb9171862a1d0fbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
via: 1.1 fly.io
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Fri, 25 Mar 2022 20:29:17 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fly-request-id: 01G2D3MCQZDD0BYRSZQ2FNAZXA-fra
server: cloudflare
cross-origin-resoure-policy: cross-origin
etag: W/"623e261d-1792f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=30
cf-ray: 720203b8488b9253-FRA
cf-bgj: minify

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
193 B 144ms
50ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=4d470413-eb92-4a81-8914-d940f9b6bdc0

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

0515269e6fe67e1687b451c7a3d4246da6178814267409c7e5342f75e6e6c454

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.clearshift.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 64 B
439 B 143ms
50ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=4d470413-eb92-4a81-8914-d940f9b6bdc0&tld=com

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

28544be72151d4be4f8ea8f2e8f82ae6765a24db1c9c7c1517c57e0e868c73da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.clearshift.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 358D 0
294 B 129ms
49ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=4d470413-eb92-4a81-8914-d940f9b6bdc0

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.clearshift.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 24 Jun 2022 02:25:43 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 recordMetricsData.action Show response
www.cargurus.com/Cars/api/2.0/ 363 B
1 KB 238ms
130ms XHR
application/json 2a04:4e42:200::567
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cargurus.com/Cars/api/2.0/recordMetricsData.action?k=00000000-0000-0980-0000-000000063893&pv=2k&u=https%3A%2F%2Fwww.clearshift.com%2F&ts=1656037543691

Requested by

Host: static.cargurus.com
URL: https://static.cargurus.com/js/api/en_US/2.0/partnermetrics.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::567 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.6 (CentOS) mod_jk/1.2.41 /

Resource Hash

cfd510f88d60d8f3bfc0b91c7e234a930d31960f0aecfd051bdd6f3263303c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.clearshift.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
content-disposition: inline
x-xss-protection: 1; mode=block
x-served-by: cache-bos4655-BOS, cache-fra19162-FRA
pragma: no-cache
last-modified: Fri, 24 Jun 2022 02:25:43 GMT
server: Apache/2.4.6 (CentOS) mod_jk/1.2.41
x-timer: S1656037544.822102,VS0,VE89
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-language: en-US
access-control-allow-origin: https://www.clearshift.com
expires: 0
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/json;charset=UTF-8
x-cache-hits: 0, 0

OPTIONS
H2 200 tp2
sp.cargurus.com/com.snowplowanalytics.snowplow/ Frame 0
0 418ms
128ms Preflight 52.86.126.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.cargurus.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.126.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-126-67.compute-1.amazonaws.com
Software: akka-http/10.2.7 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.clearshift.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.clearshift.com
access-control-max-age: 86400
content-length: 0
date: Fri, 24 Jun 2022 02:25:44 GMT
server: akka-http/10.2.7

POST
H2 200 tp2 Show response
sp.cargurus.com/com.snowplowanalytics.snowplow/ 2 B
668 B 374ms
123ms XHR
text/plain 52.86.126.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.cargurus.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d3j1weegxvu8ns.cloudfront.net
URL: https://d3j1weegxvu8ns.cloudfront.net/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.126.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-126-67.compute-1.amazonaws.com
Software: akka-http/10.2.7 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.clearshift.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.clearshift.com
date: Fri, 24 Jun 2022 02:25:44 GMT
access-control-allow-credentials: true
server: akka-http/10.2.7
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/655617662/ 2 KB
2 KB 132ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/655617662/?random=1656037543713&cv=9&fst=1656037543713&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.clearshift.com%2F&tiba=ClearShift%20%7C%20High%20Quality%20Pre%20Owned%20Vehicles%20in%20Highlands%20Ranch.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dec95ccee242dd958001f06b9873987f7ca4e9d20440a23aed351781b1439b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
349 B 126ms
44ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LCWPT9484N&gtm=2oe6m0&_p=1492123720&_z=ccd.v9B&_gaz=1&cid=955239517.1656037544&ul=en-us&sr=1600x1200&_s=1&sid=1656037543&sct=1&seg=0&dl=https%3A%2F%2Fwww.clearshift.com%2F&dt=ClearShift%20%7C%20High%20Quality%20Pre%20Owned%20Vehicles%20in%20Highlands%20Ranch.&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LCWPT9484N&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.clearshift.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 141ms
47ms Ping
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LCWPT9484N&cid=955239517.1656037544&gtm=2oe6m0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LCWPT9484N&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.clearshift.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
44ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1492123720&t=pageview&_s=1&dl=https%3A%2F%2Fwww.clearshift.com%2F&ul=en-us&de=UTF-8&dt=ClearShift%20%7C%20High%20Quality%20Pre%20Owned%20Vehicles%20in%20Highlands%20Ranch.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUABBAAAAC~&jid=1008888110&gjid=1282694394&cid=955239517.1656037544&tid=UA-113511581-1&_gid=1150299296.1656037544&_r=1&gtm=2ou6m0&did=dZTNiMT&gdid=dZTNiMT&z=1671720622

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clearshift.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.clearshift.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 129ms
48ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LCWPT9484N&cid=955239517.1656037544&gtm=2oe6m0&aip=1&z=231907584

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
tr.snapchat.com/ 68 B
308 B 75ms
49ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?trackId=944362e0-9faf-44ff-a8f5-1702a72eb0fb&pid=4d470413-eb92-4a81-8914-d940f9b6bdc0&ev=PAGE_VIEW&pl=https%3A%2F%2Fwww.clearshift.com%2F&ts=1656037543742&rf=&v=1.6.0&if=false&bt=1d53c387&intg=gtm&m_sl=2395&m_rd=2464&m_pi=2217.800000190735&m_dcl=2219.800000190735&m_fcps=1958.6000003814697&m_pl=0&m_ic=0&m_pv=v2&u_hem=FFFeb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&u_c1=e2360f86-9492-4724-a8e2-44b214a927ef

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
via: 1.1 google
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 Freedom-Lineup-w-Motto-1.png
www.clearshift.com/wp-content/uploads/ 2 MB
2 MB 341ms
340ms Image
image/png 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clearshift.com/wp-content/uploads/Freedom-Lineup-w-Motto-1.png
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: bcda4434fe194bb0f3a24d6a4cd90f039028c351fc0129a7ba5d5b522e6269ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
last-modified: Mon, 05 Jul 2021 20:52:49 GMT
server: nginx
etag: "60e37121-20407b"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 2113659

GET
H2 200 Customer-Keys-for-Test-Drive.jpg
www.clearshift.com/wp-content/uploads/ 198 KB
199 KB 358ms
357ms Image
image/jpeg 157.245.165.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clearshift.com/wp-content/uploads/Customer-Keys-for-Test-Drive.jpg
Requested by: Host: www.clearshift.com
URL: https://www.clearshift.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.165.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 480089.cloudwaysapps.com
Software: nginx /
Resource Hash: 6fedfa8b2071a555a698836e17075670d878bc51bff68635a0bc0ffa3e10618d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
last-modified: Thu, 15 Jul 2021 17:27:02 GMT
server: nginx
etag: "60f06fe6-319b6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 203190

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ Frame 8206 27 KB
7 KB 119ms
42ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: birdeye.com
URL: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 12940239
cdn-cachedat: 2021-06-08 14:23:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 990eb37a8813a99367bd383681b974a4
cf-ray: 720203b939a4904f-FRA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ Frame 8206 6 KB
1 KB 130ms
46ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Host: birdeye.com
URL: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 01:09:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 24 Jun 2022 02:25:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Jun 2022 02:25:43 GMT

GET
H2 200 bf.combined.min.gz.css
d3cnqzq0ivprch.cloudfront.net/prod/2022061301/css/ Frame 8206 121 KB
29 KB 176ms
78ms Stylesheet
text/css 143.204.101.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3cnqzq0ivprch.cloudfront.net/prod/2022061301/css/bf.combined.min.gz.css
Requested by: Host: birdeye.com
URL: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-170.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1a16906d118ba7333671f5baf95f23c6b6a999e649cd6849da00d820fc2d0aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 07:11:01 GMT
content-encoding: gzip
last-modified: Tue, 14 Jun 2022 07:03:48 GMT
server: AmazonS3
age: 846883
etag: "6e8c812d04f3f046c321261b7b5f3f9e"
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=94608000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 29054
x-amz-cf-id: 6XwjB3kb63xVM19dkjPSnsmkix1CTsjG6NWX40GSCT5grrSosfLeYA==
expires: Tue, 21 Jun 2022 07:00:25 GMT

GET
H2 200 publicprofile.min.gz.css
d3cnqzq0ivprch.cloudfront.net/prod/2022061301/css/ Frame 8206 116 KB
21 KB 142ms
44ms Stylesheet
text/css 143.204.101.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3cnqzq0ivprch.cloudfront.net/prod/2022061301/css/publicprofile.min.gz.css
Requested by: Host: birdeye.com
URL: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-170.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 435c3cfc8ed949493568396f8cf164472f0e710c1d77a07391d731352997317b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 07:11:01 GMT
content-encoding: gzip
last-modified: Tue, 14 Jun 2022 07:03:53 GMT
server: AmazonS3
age: 846883
etag: "a97c74a940ffd2daa519a52008c8fd8f"
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=94608000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 20753
x-amz-cf-id: jmLpB0Een9L7levdqQKI-zX9iITqxGcc3W6GeSIbEWaAGnL7ZYqBhg==
expires: Tue, 21 Jun 2022 07:00:25 GMT

GET
H2 200 style-cf.css
d1azc1qln24ryf.cloudfront.net/101518/birdeye-fonts/ Frame 8206 19 KB
4 KB 135ms
38ms Stylesheet
text/css 108.138.24.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1azc1qln24ryf.cloudfront.net/101518/birdeye-fonts/style-cf.css?3vp8
Requested by: Host: birdeye.com
URL: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-161.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0918cca9be05c01a6ccf511e36b9a104e8338451ed433105e96039db021a8852

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 10 May 2022 05:12:51 GMT
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 17:29:59 GMT
server: AmazonS3
age: 3877973
etag: "7416357aa7d056aa999ecc9eb3dee1a4"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cache-control: max-age=31000000
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
content-length: 3253
x-amz-cf-id: P37OIixMpFaPdEOYZozaODPjazwdvgSMf7QPDIkWfgRcSHVovYUGpA==

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame 8206 52 KB
20 KB 128ms
45ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: birdeye.com
URL: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43e22721ce191cab06c0f7269431a9eac8a32579d764c2e005852d3502c459fc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Fri, 24 Jun 2022 02:25:43 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "e961625a9b34a42f"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jun 2022 02:25:43 GMT

GET
H2 200 in.js Show response
platform.linkedin.com/ Frame 8206 507 KB
159 KB 195ms
39ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: birdeye.com
URL: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F0A) /
Resource Hash: 7ff3c0d89cd976e4b39c0424f9dec01b5b2f99b4df6b83f97e791182699990f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
content-encoding: gzip
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 3399
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 162501
x-li-uuid: AAXiJ37m8WiFgie8pOVCEA==
server: ECAcc (frc/8F0A)
last-modified: Fri, 24 Jun 2022 01:29:04 GMT
x-li-pop: prod-lva1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
accept-ranges: bytes
x-li-proto: http/1.1
x-li-fabric: prod-lva1
expires: Fri, 24 Jun 2022 02:29:04 GMT

GET
H2 200 bf.combined.min.gz.js Show response
d3cnqzq0ivprch.cloudfront.net/prod/2022061301/js/ Frame 8206 1 MB
362 KB 192ms
95ms Script
application/javascript 143.204.101.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3cnqzq0ivprch.cloudfront.net/prod/2022061301/js/bf.combined.min.gz.js
Requested by: Host: birdeye.com
URL: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-170.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5323561a19769a27562b4ea92351fcd78b0197630995ebffbfe68efa03ade78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 07:11:01 GMT
content-encoding: gzip
last-modified: Tue, 14 Jun 2022 07:03:26 GMT
server: AmazonS3
age: 846883
etag: "42aaa1caf51f68c6730fa9d7a0c96e5f"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=94608000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 370206
x-amz-cf-id: 5aJ-dEDr4-JdRf19qjE4Yk8LaP-VhiRuoqn2NaX1UF7MS0Gg6WLxdQ==
expires: Tue, 21 Jun 2022 07:00:25 GMT

GET
H2 200 reviewLoader.min.gz.js Show response
d3cnqzq0ivprch.cloudfront.net/prod/2022061301/js/social/ Frame 8206 3 KB
2 KB 135ms
38ms Script
application/javascript 143.204.101.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3cnqzq0ivprch.cloudfront.net/prod/2022061301/js/social/reviewLoader.min.gz.js
Requested by: Host: birdeye.com
URL: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-170.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e09ffe7ef914332f78de3d8d43515d214d4ee95a160080172e6c366db8b60cf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 07:11:01 GMT
content-encoding: gzip
last-modified: Tue, 14 Jun 2022 07:03:45 GMT
server: AmazonS3
age: 846883
etag: "a0096d35c1ddbf10e7d34e9968667824"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=94608000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1436
x-amz-cf-id: HM7tN56MJFegDmvEwhDHE3f9J-jnwKlnUYzZETOSIs08cNLsfrY8Nw==
expires: Tue, 21 Jun 2022 07:00:25 GMT

GET
H2 200 bfbiz.min.gz.js Show response
d3cnqzq0ivprch.cloudfront.net/prod/2022061301/js/social/ Frame 8206 23 KB
8 KB 185ms
88ms Script
application/javascript 143.204.101.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3cnqzq0ivprch.cloudfront.net/prod/2022061301/js/social/bfbiz.min.gz.js
Requested by: Host: birdeye.com
URL: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-170.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 403d7cd0e45926eaa6897f4140b6876fa6946623dab2973e86a27115c269be90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 07:11:01 GMT
content-encoding: gzip
last-modified: Tue, 14 Jun 2022 07:03:44 GMT
server: AmazonS3
age: 846883
etag: "7a24c6f389078129e855d5a3105ca822"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=94608000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7902
x-amz-cf-id: EH5hOja0EUetQ-H2MO5x36TGa45V2TE57i4VLVRqKVVNnxKUMw2FXw==
expires: Tue, 21 Jun 2022 07:00:25 GMT

GET
H2 200 public-profile.min.gz.js Show response
d3cnqzq0ivprch.cloudfront.net/prod/2022061301/js/ Frame 8206 8 KB
4 KB 144ms
47ms Script
application/javascript 143.204.101.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3cnqzq0ivprch.cloudfront.net/prod/2022061301/js/public-profile.min.gz.js
Requested by: Host: birdeye.com
URL: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-170.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d13371b1c09d8d0bb39331df6857cd25ecc741b7171fe2dbe14484c915a4fb06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 07:11:01 GMT
content-encoding: gzip
last-modified: Tue, 14 Jun 2022 07:03:43 GMT
server: AmazonS3
age: 846883
etag: "71aaa880583cf198bbab6b54724285da"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=94608000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3247
x-amz-cf-id: uPozlpKfosOguJTqwTWsDEr0H9P01Ha6NGT0WfQleoaA0X3i-ymmSQ==
expires: Tue, 21 Jun 2022 07:00:25 GMT

GET
H2 200 p.php
birdeye.com/tracking/ Frame 8206 35 B
529 B 221ms
220ms Image
image/gif 54.215.223.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://birdeye.com/tracking/p.php?number=151811739795615&stype=badge&btype=3&referer=https://www.clearshift.com/

Requested by

Host: birdeye.com
URL: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.215.223.85 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-223-85.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:44 GMT
x-content-type-options: nosniff
server: Apache
timing-allow-origin: *
x-frame-options: SAMEORIGIN
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=63072000
content-type: image/gif
vary: Host,User-Agent
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 88ms
46ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-113511581-1&cid=955239517.1656037544&jid=306499852&gjid=199283843&_gid=1150299296.1656037544&_u=YEBAAEAAAAAAAC~&z=375645727

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clearshift.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 24 Jun 2022 02:25:43 GMT
content-type: text/plain
access-control-allow-origin: https://www.clearshift.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 88ms
47ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-113511581-1&cid=955239517.1656037544&jid=1008888110&gjid=1282694394&_gid=1150299296.1656037544&_u=aGDACUABBAAAAC~&z=677603504

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clearshift.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 24 Jun 2022 02:25:43 GMT
content-type: text/plain
access-control-allow-origin: https://www.clearshift.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 143ms
143ms Script
application/javascript 2a02:26f0:ef:2a0::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:2a0::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H3 200 chatlio.min.7ab10269.js Show response
w.chatlio.com/v5/vendor/ 209 KB
60 KB 81ms
80ms Script
application/javascript 2606:4700:10::6816:4cb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w.chatlio.com/v5/vendor/chatlio.min.7ab10269.js

Requested by

Host: w.chatlio.com
URL: https://w.chatlio.com/v5/w.chatlio-widget.js?loader-version=549d4da

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b964f1f1ad2730220364bdaa5d9ecc03ca78ecfbcb0a4af0bcb948ab5321f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
via: 1.1 fly.io
vary: Accept-Encoding
cf-cache-status: HIT
age: 4182605
cf-polished: origSize=214680
fly-request-id: 01G2D3PADNP8RXX4D62645WJTX-fra
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 25 Mar 2022 20:29:17 GMT
server: cloudflare
cross-origin-resoure-policy: cross-origin
etag: W/"623e261d-34698"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=63072000
cf-ray: 720203b8e9079253-FRA
cf-bgj: minify

GET
H3 200 main.7dbecde6.css
w.chatlio.com/v5/ 38 KB
7 KB 42ms
42ms Stylesheet
text/css 2606:4700:10::6816:4cb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w.chatlio.com/v5/main.7dbecde6.css

Requested by

Host: w.chatlio.com
URL: https://w.chatlio.com/v5/w.chatlio-widget.js?loader-version=549d4da

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c150cf789561f8e0494ba9d3341390a19e70cd0afea4ded9ca936c08df0497d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
via: 1.1 fly.io
vary: Accept-Encoding
cf-cache-status: HIT
age: 4182605
cf-polished: origSize=39271
fly-request-id: 01G2D3KP9NKCVVTSBDRN6M6C9H-fra
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 25 Mar 2022 20:29:17 GMT
server: cloudflare
cross-origin-resoure-policy: cross-origin
etag: W/"623e261d-9967"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: text/css
cache-control: max-age=63072000
cf-ray: 720203b8f9099253-FRA
cf-bgj: minify

GET
H3 200 emojione-1.4.1.min.2f0e13b4.js Show response
w.chatlio.com/v5/vendor/ 73 KB
17 KB 44ms
44ms Script
application/javascript 2606:4700:10::6816:4cb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w.chatlio.com/v5/vendor/emojione-1.4.1.min.2f0e13b4.js

Requested by

Host: w.chatlio.com
URL: https://w.chatlio.com/v5/w.chatlio-widget.js?loader-version=549d4da

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ffbec309cd5c739a84c98fb472c9eda8d9d3660045ff4067430e4c4e698b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
via: 1.1 fly.io
vary: Accept-Encoding
cf-cache-status: HIT
age: 4182605
cf-polished: origSize=74987
fly-request-id: 01G2D3MB76V6DNDGAG8J94Z33E-fra
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 25 Mar 2022 20:29:17 GMT
server: cloudflare
cross-origin-resoure-policy: cross-origin
etag: W/"623e261d-124eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=63072000
cf-ray: 720203b8f90a9253-FRA
cf-bgj: minify

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 187E 3 B
46 B 122ms
46ms XHR
application/json 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.google.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/49/6/ Frame 187E 233 KB
69 KB 127ms
42ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/49/6/init_embed.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83de8b0a5ccb59f08338d1a7ac4e16082755114e8d11c9446973e36ac0113fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 17:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70007
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 18:11:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Jun 2023 17:57:31 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/655617662/ 42 B
64 B 127ms
50ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/655617662/?random=1656037543713&cv=9&fst=1656036000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwww.clearshift.com%2F&tiba=ClearShift%20%7C%20High%20Quality%20Pre%20Owned%20Vehicles%20in%20Highlands%20Ranch.&async=1&fmt=3&is_vtc=1&random=1487000948&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/655617662/ 42 B
154 B 47ms
47ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/655617662/?random=1656037543713&cv=9&fst=1656036000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwww.clearshift.com%2F&tiba=ClearShift%20%7C%20High%20Quality%20Pre%20Owned%20Vehicles%20in%20Highlands%20Ranch.&async=1&fmt=3&is_vtc=1&random=1487000948&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 96ms
47ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-113511581-1&cid=955239517.1656037544&jid=306499852&_u=YEBAAEAAAAAAAC~&z=411162890

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 132ms
52ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-113511581-1&cid=955239517.1656037544&jid=306499852&_u=YEBAAEAAAAAAAC~&z=411162890

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 97ms
50ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-113511581-1&cid=955239517.1656037544&jid=1008888110&_u=aGDACUABBAAAAC~&z=714510493

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 131ms
51ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-113511581-1&cid=955239517.1656037544&jid=1008888110&_u=aGDACUABBAAAAC~&z=714510493

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 new Show response
api.chatlio.com/v1/p/visitor/session/ 17 B
892 B 274ms
274ms XHR
application/javascript 52.26.175.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.chatlio.com/v1/p/visitor/session/new

Requested by

Host: w.chatlio.com
URL: https://w.chatlio.com/v5/w.chatlio-widget.js?loader-version=549d4da

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.26.175.46 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-26-175-46.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

35c68ae34e6a648ce704a3619332aa10bee088b307d07d9d82b16942ffe8f906

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.clearshift.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 24 Jun 2022 02:25:44 GMT
x-chatlio-at: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiJjYTAyZDllZS05MWQ5LTRiYTktNGRjZC05ZWI1Nzc5ODhlMDYiLCJleHAiOjE2NTYwNDQ3NDQsImlhdCI6MTY1NjAzNzU0NCwidnNVVUlEIjoiMzA2NWY3Y2ItNTk0ZS00NzkyLTgwNjktN2U0MWY5NmY3YTcxIn0.Kzo-7U9BOblg58EBRVsb0datJMSENOe8z1-mSVSmmtE
x-content-type-options: nosniff
x-chatlio-vsuuid: 3065f7cb-594e-4792-8069-7e41f96f7a71
content-length: 17
x-chatlio-rt: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiJjYTAyZDllZS05MWQ5LTRiYTktNGRjZC05ZWI1Nzc5ODhlMDYiLCJleHAiOjE3MTkxMDk1NDQsImlhdCI6MTY1NjAzNzU0NCwidnNVVUlEIjoiMzA2NWY3Y2ItNTk0ZS00NzkyLTgwNjktN2U0MWY5NmY3YTcxIn0.d1p_m8s-D0gNptQCthYuZ8qfioZpaoY2DE9ySpJIQL0
server: nginx
x-frame-options: DENY
strict-transport-security: max-age=31536000
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
content-security-policy: default-src 'none'; frame-ancestors 'none'
access-control-allow-headers: Content-Type, Authorization
expires: -1

OPTIONS
H2 200 new
api.chatlio.com/v1/p/visitor/session/ Frame 0
0 620ms
200ms Preflight
text/plain 52.26.175.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.chatlio.com/v1/p/visitor/session/new

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.26.175.46 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-26-175-46.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.clearshift.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: *
access-control-expose-headers: X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
allow: POST, OPTIONS
content-length: 0
content-security-policy: default-src 'none'; frame-ancestors 'none'
content-type: text/plain; charset=utf-8
date: Fri, 24 Jun 2022 02:25:44 GMT
expires: -1
server: nginx
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 981348465694228 Show response
connect.facebook.net/signals/config/ 287 KB
83 KB 224ms
223ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/981348465694228?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

36472c42444d40e663bce55ef2eaec812a7ce15953a81f4677d6ba59e881f7be

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: rz+7YJcoI8VRKTP6Y8P+6I28ti0ThAk1QDBOmVRI4dE9JCyQkqTYRGOxnTboF41PLvenmnB0jJShkyWuSP3rYg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Jun 2022 02:25:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656037544153
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 488 B
835 B 193ms
72ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613533665573&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1656037543981

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:44 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.9d6656b8.1656037544.b0f32ad1
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1628437314975752
pin-unauth: dWlkPVlUUTVObU14WTJFdE1HSTFNeTAwT0RVMUxXSTNZMlV0WXpSa1pESmpPV1V3WmpKag
access-control-allow-origin: https://www.clearshift.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 182ms
71ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613533665573&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.clearshift.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1656037543992

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:44 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.9d6656b8.1656037544.b0f32ad2
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1653265184187588
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 8206 340 KB
95 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MP5KQWF

Requested by

Host: birdeye.com
URL: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0651b44556f9392d63e22137d1dcc54eca743bbfd72747471df7f8717b129476

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97098
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:25:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8206 15 KB
16 KB 121ms
40ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://birdeye.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 236402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 08:45:42 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8206 15 KB
15 KB 120ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://birdeye.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 285469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 19:07:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8206 15 KB
15 KB 139ms
58ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://birdeye.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 294359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 16:39:45 GMT

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/6/ Frame 187E 243 KB
67 KB 136ms
57ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/6/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac02d01a05702b8d8b868569a2162e8494045922e7d51342505c827f54b2b145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68683
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 18:11:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Jun 2023 00:23:40 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/6/ Frame 187E 155 KB
57 KB 159ms
80ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/6/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb62e406758ae31fb4f2d574dff9630fa2a11b072ad2906ea20b7cce03951ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 01:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58493
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 18:11:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Jun 2023 01:07:15 GMT

GET
H3 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/6/ Frame 187E 67 KB
24 KB 117ms
40ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/6/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8211af3ec6a90443d062c3e32f7bef3d6ae28e03476c59bf32c5108ecaa3335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 01:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24699
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 18:11:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Jun 2023 01:33:14 GMT

GET
H3 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/6/ Frame 187E 4 KB
4 KB 119ms
55ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/6/overlay.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003c612e27e3d63be6b41194c4dab29ce5032398ee602bbf2342e7c68a7a46a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 17:57:52 GMT
x-content-type-options: nosniff
age: 116872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3643
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 18:11:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Jun 2023 17:57:52 GMT

GET
DATA 200
OK truncated
/ Frame 187E 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/6/ Frame 187E 26 KB
10 KB 133ms
72ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/6/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be1d199ac13ab792182928e9edb2307e5432e0e2c3de8f2373e2f61195276a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 15:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9807
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 18:11:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Jun 2023 15:16:22 GMT

GET
H3 200 search_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/6/ Frame 187E 3 KB
1 KB 99ms
38ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/6/search_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57524f51d249504abcf152a9e2957fab5f83bd254fb0ffb1c2f81c77e59f815e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 18:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 18:11:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Jun 2023 18:02:57 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 8206 3 KB
2 KB 63ms
63ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: d3cnqzq0ivprch.cloudfront.net
URL: https://d3cnqzq0ivprch.cloudfront.net/prod/2022061301/js/public-profile.min.gz.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a36e29e4b619e2e1dd1897f6b5c4034f43ea2b752619114b592f84c6ffb5cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fjteRYbKzk9suj1ag211mA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: gSAKLIiJb+dJIXAQOBoFYyL8u4pE+iXbYzPjFbzlzsCgKFgbRvCL/t20P3XOAfc8zjBQFkdh2fQZxo3vrzQoAg==
x-fb-content-md5: e7aca505677001d70fc5fae3a571c6a9
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Jun 2022 02:25:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "82d2e22782790d46ec21bef799a52562"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 24 Jun 2022 02:31:49 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ Frame 8206 108 KB
36 KB 114ms
37ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59c7712e75a6f0bbefd0fefa67e85d464cf14bbd7463331f4ba7e0a963ace1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 17:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 463861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36570
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Jun 2023 17:34:43 GMT

GET
H2 200 deeplink Show response
birdeye.com/papi/business/151811739795615/ Frame 8206 3 KB
2 KB 337ms
337ms XHR
application/json 54.215.223.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://birdeye.com/papi/business/151811739795615/deeplink?_=1656037544105

Requested by

Host: d3cnqzq0ivprch.cloudfront.net
URL: https://d3cnqzq0ivprch.cloudfront.net/prod/2022061301/js/bf.combined.min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.215.223.85 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-223-85.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

783ae3b2e1112f3c8eb3ec63f5d1b7c22d892fac5297006653ea7672d939de8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 24 Jun 2022 02:25:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: Host,Accept-Encoding,User-Agent
content-length: 1328
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
pragma: no-cache
server: Apache
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 151811739795615 Show response
birdeye.com/papi/campaign/enterprise/deeplink/business/ Frame 8206 4 KB
2 KB 281ms
280ms XHR
application/json 54.215.223.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://birdeye.com/papi/campaign/enterprise/deeplink/business/151811739795615?_=1656037544106

Requested by

Host: d3cnqzq0ivprch.cloudfront.net
URL: https://d3cnqzq0ivprch.cloudfront.net/prod/2022061301/js/bf.combined.min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.215.223.85 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-223-85.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

941c71aa5a75df858795e118789dcadcb436dd3e312a44d89b472a077484bf19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://birdeye.com/widget/render.php?bid=151811739795615&wid=3&ver=4&update=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 24 Jun 2022 02:25:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: Host,Accept-Encoding,User-Agent
content-length: 1418
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
pragma: no-cache
server: Apache
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 8206 49 KB
20 KB 40ms
40ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP5KQWF

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5797
date: Fri, 24 Jun 2022 00:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 24 Jun 2022 02:49:07 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 8206 980 B
2 KB 152ms
55ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32aa45ae6d18a04cf5985a3ff0149460e7c7145fef07dd2df08cf9c6c29336c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 24 Jun 2022 02:25:44 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 8206 294 KB
84 KB 37ms
37ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=72a1de2e8b6b61e7ce307f60f61401c1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae0e602d9ed90240911719d6d99f50664ab502e5811f6175763880fe13e0bad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://birdeye.com/
Origin: https://birdeye.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lBPKPMwtwcDiNo/Jt60+MA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85999
x-fb-rlafr: 0
x-fb-debug: SQlluxLEYuGJYX3MF2+U6fZFPrvkoEA1aW2TsyzBeg4xdjBb1oherfvsUMQqVc37QeCpIXBl800lQ//YLghVxg==
x-fb-content-md5: 3c8d233bef041e8598c171f1c0bfb142
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Jun 2022 02:25:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "08eeb4ee378f0d804fca89ceb0c4805f"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 24 Jun 2023 01:02:12 GMT

GET
H3 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame 187E 326 B
350 B 122ms
46ms Image
image/bmp 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:44 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Fri, 24 Jun 2022 02:25:44 GMT

GET
H3 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame 187E 42 KB
4 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d39.5585256274249&2d-104.99504940323561&2m2&1d39.572883766431914&2d-104.9482696600192&2u17&4sen&5e0&6sm%40608000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._dbtii2&client=google-maps-embed&token=109270

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/49/6/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

ce3298112c54c55a9cde370f5e558be9e92a4ba81112ae821fc056af83b751d8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:44 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4128
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 78ms
38ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=981348465694228&ev=Search&dl=https%3A%2F%2Fwww.clearshift.com%2F&rl=&if=false&ts=1656037544314&cd[content_type]=vehicle&cd[content_ids]=%5B%223%22%2C%222%22%2C%221%22%5D&cd[amplify_attribute]=false&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1656037543584.844546313&it=1656037543324&coo=false&tm=1&exp=p0&rqm=GET

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.clearshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 24 Jun 2022 02:25:44 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9812 0
18 B 74ms
38ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.clearshift.com
Referer: https://www.clearshift.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.clearshift.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 02:25:44 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 62D1 280 B
1 KB 186ms
52ms Document
text/html 2a00:1450:4001:82b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682bfe95e753c9771d931db6687c1801ca01155fb657a4f0749559101daa9c30

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YeQkItSLfFEmRq5MjvUo5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://birdeye.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-YeQkItSLfFEmRq5MjvUo5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 02:25:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame 187E 62 B
84 B 46ms
46ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&callback=_xdc_._lkdbea&client=google-maps-embed&token=41377

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/49/6/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

e8787b986ce1452c351a4976cb95b95be50429a278530debf91d524e72a65ec8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:44 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/9017ba60/www-widgetapi.vflset/ Frame 8206 155 KB
50 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9017ba60/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32e5d3676f7cca9d4bc0898299033b5fd8dfa56c917d007a9696355d1c271c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:16:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51402
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 00:18:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Jun 2023 16:16:33 GMT

GET
H3 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ Frame 187E 62 B
83 B 48ms
48ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7srtzv7q&10e1&callback=_xdc_._rbm420&client=google-maps-embed&token=75300

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/49/6/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

14d5e426048f619331c6a2b6f56706994750ad6ec28095cce496dbdb128403e0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:44 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 62D1 2 KB
847 B 135ms
57ms Other
text/html 2a00:1450:4001:82b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: www.clearshift.com
URL: https://www.clearshift.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e82260e024f17f638cab496a9ddfaa089e6f9ddbf1cc6b22b243c7dbde0c6974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:25:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.09WhKdyFl6Y.es5.O/d=1/rs=AOaEmlGJBCxkHWB_sS6k-mkaZyINBBcZcw/ Frame 62D1 98 KB
34 KB 119ms
37ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.09WhKdyFl6Y.es5.O/d=1/rs=AOaEmlGJBCxkHWB_sS6k-mkaZyINBBcZcw/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

447a966f9c3c316da778ae29c2cd3972fa922b00f7b01bd3473c59a4141324a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 00:45:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34455
x-xss-protection: 0
last-modified: Sat, 11 Jun 2022 03:41:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 00:45:05 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 62D1 49 B
95 B 85ms
85ms XHR
application/json 2a00:1450:4001:82b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fbirdeye.com&client_id=682523347885-u56l8bsqebvq8gu5o12pgr04t27drb5e.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.09WhKdyFl6Y.es5.O/d=1/rs=AOaEmlGJBCxkHWB_sS6k-mkaZyINBBcZcw/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XZDVww7OoEwC92WbDwIYTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:25:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-XZDVww7OoEwC92WbDwIYTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
expires: Fri, 24 Jun 2022 02:25:44 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2D32 0
15 B 38ms
37ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.clearshift.com
Referer: https://www.clearshift.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.clearshift.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 02:25:44 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 register
api.chatlio.com/v1/v/visitor/ Frame 0
0 199ms
199ms Preflight
text/plain 52.26.175.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.chatlio.com/v1/v/visitor/register

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.26.175.46 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-26-175-46.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.clearshift.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: *
access-control-expose-headers: X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
allow: POST, OPTIONS
content-length: 0
content-security-policy: default-src 'none'; frame-ancestors 'none'
content-type: text/plain; charset=utf-8
date: Fri, 24 Jun 2022 02:25:44 GMT
expires: -1
server: nginx
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 200 register Show response
api.chatlio.com/v1/v/visitor/ 5 KB
2 KB 220ms
219ms XHR
application/json 52.26.175.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.chatlio.com/v1/v/visitor/register

Requested by

Host: w.chatlio.com
URL: https://w.chatlio.com/v5/w.chatlio-widget.js?loader-version=549d4da

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.26.175.46 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-26-175-46.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

93145c48056bed5373e68d5d4272d5c90667d8bd9653435c7939f347507e03d8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://www.clearshift.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiJjYTAyZDllZS05MWQ5LTRiYTktNGRjZC05ZWI1Nzc5ODhlMDYiLCJleHAiOjE2NTYwNDQ3NDQsImlhdCI6MTY1NjAzNzU0NCwidnNVVUlEIjoiMzA2NWY3Y2ItNTk0ZS00NzkyLTgwNjktN2U0MWY5NmY3YTcxIn0.Kzo-7U9BOblg58EBRVsb0datJMSENOe8z1-mSVSmmtE
Content-Type: application/json

Response headers

date: Fri, 24 Jun 2022 02:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
access-control-allow-headers: Content-Type, Authorization
x-frame-options: DENY
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
cache-control: max-age=30, no-transform, public
content-security-policy: default-src 'none'; frame-ancestors 'none'
strict-transport-security: max-age=31536000
vary: Accept-Encoding
expires: -1

GET
H2 204 ack Show response
api.chatlio.com/v1/v/visitor/token/ 0
354 B 213ms
213ms XHR
text/plain 52.26.175.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.chatlio.com/v1/v/visitor/token/ack?vsUuid=3065f7cb-594e-4792-8069-7e41f96f7a71&ceUuid=ca02d9ee-91d9-4ba9-4dcd-9eb577988e06

Requested by

Host: w.chatlio.com
URL: https://w.chatlio.com/v5/w.chatlio-widget.js?loader-version=549d4da

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.26.175.46 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-26-175-46.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://www.clearshift.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiJjYTAyZDllZS05MWQ5LTRiYTktNGRjZC05ZWI1Nzc5ODhlMDYiLCJleHAiOjE2NTYwNDQ3NDQsImlhdCI6MTY1NjAzNzU0NCwidnNVVUlEIjoiMzA2NWY3Y2ItNTk0ZS00NzkyLTgwNjktN2U0MWY5NmY3YTcxIn0.Kzo-7U9BOblg58EBRVsb0datJMSENOe8z1-mSVSmmtE
Content-Type: application/json

Response headers

date: Fri, 24 Jun 2022 02:25:45 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: DENY
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: *
access-control-expose-headers: X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
content-security-policy: default-src 'none'; frame-ancestors 'none'
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type, Authorization
expires: -1

OPTIONS
H2 200 ack
api.chatlio.com/v1/v/visitor/token/ Frame 0
0 199ms
199ms Preflight
text/plain 52.26.175.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.chatlio.com/v1/v/visitor/token/ack?vsUuid=3065f7cb-594e-4792-8069-7e41f96f7a71&ceUuid=ca02d9ee-91d9-4ba9-4dcd-9eb577988e06

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.26.175.46 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-26-175-46.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://www.clearshift.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: *
access-control-expose-headers: X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
allow: GET, HEAD, OPTIONS
content-length: 0
content-security-policy: default-src 'none'; frame-ancestors 'none'
content-type: text/plain; charset=utf-8
date: Fri, 24 Jun 2022 02:25:44 GMT
expires: -1
server: nginx
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 206 chatlio-new-message.c1e7ef43.mp3
w.chatlio.com/v5/media/ 16 KB
16 KB 43ms
42ms Media
audio/mpeg 2606:4700:10::6816:4cb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w.chatlio.com/v5/media/chatlio-new-message.c1e7ef43.mp3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

848104268205e15b17cda61a6b404a2e393ea99e6cb5db0a17f22ebd3fdccc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.clearshift.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 24 Jun 2022 02:25:45 GMT
via: 1.1 fly.io
vary: Accept-Encoding
cf-cache-status: HIT
age: 4182606
fly-request-id: 01G2D3PBKPS1FAYXA5NT2QBN8T-fra
Content-Range: bytes 0-16425/16426
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 16426
last-modified: Fri, 25 Mar 2022 20:29:17 GMT
server: cloudflare
cross-origin-resoure-policy: cross-origin
etag: "623e261d-402a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: audio/mpeg
cache-control: max-age=63072000
cf-ray: 720203c22e1f9253-FRA

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 04:02:03	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
www.clearshift.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3vgr7s2hiovk14s4hagn90vch0
.clearshift.com/	1970-01-20 06:10:13	Name: _gcl_au Value: 1.1.1561350353.1656037544
.clearshift.com/	1970-01-20 06:10:13	Name: _fbp Value: fb.1.1656037543584.844546313
.clearshift.com/	1970-01-20 04:02:03	Name: _gid Value: GA1.2.1150299296.1656037544
.clearshift.com/	1970-01-20 04:00:37	Name: _gat_UA-113511581-1 Value: 1
.clearshift.com/	1970-01-20 04:00:39	Name: _sp_ses.c4ca Value: *
.clearshift.com/	1970-01-20 21:31:49	Name: _sp_id.c4ca Value: 8967947c-fcb1-48f2-926f-602de0d8c29c.1656037544.1.1656037544.1656037544.c904dc18-28ef-4e59-aa75-1483a5d078e1
.clearshift.com/	1970-01-20 13:30:24	Name: _scid Value: e2360f86-9492-4724-a8e2-44b214a927ef
.clearshift.com/	1970-01-20 21:31:49	Name: _ga_LCWPT9484N Value: GS1.1.1656037543.1.0.1656037543.60
.clearshift.com/	1970-01-20 21:31:49	Name: _ga Value: GA1.2.955239517.1656037544
.clearshift.com/	1970-01-20 04:00:37	Name: _gat_gtag_UA_113511581_1 Value: 1
.snapchat.com/	1970-01-20 13:22:13	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgRHAIAgDwIm4s5CEOo6onYLh+z+5l2sey2AavGTltWzf7xCA+Kr7ETUiiejxAyfL2joyAAAA
.doubleclick.net/	1970-01-20 04:00:38	Name: test_cookie Value: CheckForPermission
www.cargurus.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 2B5A9695DDDB036A865E904BF6861301.www15
www.cargurus.com/	1970-01-21 23:48:37	Name: ViewVersion Value: %7B%22en%22%3A%7B%22includes%22%3A%5B%220d41bc2c-a715-b255-7968-2cf15891f054%22%5D%2C%22exclude%22%3A%7B%22d15c1bc6-8838-4b24-988a-d871cd81c299%22%3A20%2C%227bf01801-3707-433d-b5c9-35e3ac9fe5b7%22%3A1%2C%225545b969-0730-4545-a87a-5b394fd87792%22%3A10%7D%2C%22type%22%3A%22IN%22%7D%7D
www.cargurus.com/	1970-01-21 23:48:37	Name: CarGurusUserT Value: "bDJT-2a01:4a0:1338:92::8.1656037543865"
www.cargurus.com/	1970-01-21 23:48:37	Name: cg-ssid Value: 1445836b5316d61cac82b9ee989ddff17cdcbc729f3b1c2d92988f1ca3b2f144
www.cargurus.com/	1970-01-21 23:48:37	Name: MultivariateTest Value: H4sIAAAAAAAAAKtWcvVz9%2FEM9lCyqlayNFCyUjIyMlbSUTI3BzINLUFMCwsg08AazDQGMnUNgSwjSxgLJGQOoo2gymprATp33mBVAAAAfw3HSVIV1VI0usGCy%2Fj%2BwjtMGKihOk6BVXUODEedAOE%3D
.clearshift.com/	1970-01-20 12:46:13	Name: _pin_unauth Value: dWlkPVlUUTVObU14WTJFdE1HSTFNeTAwT0RVMUxXSTNZMlV0WXpSa1pESmpPV1V3WmpKag
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 3DRcH0FdZCE
.youtube.com/	1970-01-20 08:19:49	Name: VISITOR_INFO1_LIVE Value: Beuh9T_3GQo
sp.cargurus.com/	1970-01-20 04:10:42	Name: AWSALBCORS Value: PpMgeqC2Aj5TyWQc4gH2z077aJahB/mDoFflxBT3TEf8e0SE4NIv2DoyieCUbkiDjbPVkNUIRI9fgSWSFP5dbQ+CvfVfodXsl0Q0P5ArUCDPWRvT+RSlq4MBuJuc
.cargurus.com/	1970-01-20 12:46:13	Name: sp-nuid Value: 2cf6c131-786d-47fd-bae5-88417ea8a255
.clearshift.com/	1969-12-31 23:59:59	Name: chatlio_uuid--ca02d9ee-91d9-4ba9-4dcd-9eb577988e06 Value: 3065f7cb-594e-4792-8069-7e41f96f7a71
.clearshift.com/	1969-12-31 23:59:59	Name: chatlio_rt--ca02d9ee-91d9-4ba9-4dcd-9eb577988e06 Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiJjYTAyZDllZS05MWQ5LTRiYTktNGRjZC05ZWI1Nzc5ODhlMDYiLCJleHAiOjE3MTkxMDk1NDQsImlhdCI6MTY1NjAzNzU0NCwidnNVVUlEIjoiMzA2NWY3Y2ItNTk0ZS00NzkyLTgwNjktN2U0MWY5NmY3YTcxIn0.d1p_m8s-D0gNptQCthYuZ8qfioZpaoY2DE9ySpJIQL0
.clearshift.com/	1969-12-31 23:59:59	Name: chatlio_at--ca02d9ee-91d9-4ba9-4dcd-9eb577988e06 Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiJjYTAyZDllZS05MWQ5LTRiYTktNGRjZC05ZWI1Nzc5ODhlMDYiLCJleHAiOjE2NTYwNDQ3NDQsImlhdCI6MTY1NjAzNzU0NCwidnNVVUlEIjoiMzA2NWY3Y2ItNTk0ZS00NzkyLTgwNjktN2U0MWY5NmY3YTcxIn0.Kzo-7U9BOblg58EBRVsb0datJMSENOe8z1-mSVSmmtE
www.clearshift.com/	1970-01-20 06:10:13	Name: cgpd Value: %7B%22es%22%3A%5B%22318-3%3Asp.cargurus.com%3A%22%2C%22318-3%3Awww.google-analytics.com%3A%22%2C%22318-3%3Astats.g.doubleclick.net%3A%22%2C%22318-3%3Astats.g.doubleclick.net%3A%22%2C%22318-3%3Aapi.chatlio.com%3A%22%2C%22318-3%3Act.pinterest.com%3A%22%2C%22318-3%3Aapi.chatlio.com%3A%22%2C%22318-3%3Aapi.chatlio.com%3A%22%5D%7D
.google.com/	1970-01-20 08:24:08	Name: NID Value: 511=UkpbFuUT5eqFSoCoxBCKclD9DWTNW7blqfK_4pTjuU-DZM5g-yTo1E49KJRPfvmqbSHArRq1b7f2Ub9e1hAO4nhEFM9Kr1Rlw6SNorTubxGBgQhay4ZnHPK7HaxL1NHAq8xNCFIxpRxK2F58P3REIw1w_63EswP_mRdXY_q8o6M

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://chat.exceed.ai/static/js/2.79fdc551.chunk.js.gz(Line 1) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://chat.exceed.ai/static/js/2.79fdc551.chunk.js.gz(Line 1) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network	error	URL: https://foureyes.adpearance.com/?ref=&url=https%3A%2F%2Fwww.clearshift.com%2F&lsid=&lsidcheck=1&gtid= Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.chatlio.com
apis.google.com
birdeye.com
chat.exceed.ai
connect.facebook.net
ct.pinterest.com
d1azc1qln24ryf.cloudfront.net
d3cnqzq0ivprch.cloudfront.net
d3j1weegxvu8ns.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
foureyes.adpearance.com
googleads.g.doubleclick.net
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
platform.linkedin.com
prod.exceed.ai
region1.analytics.google.com
s.pinimg.com
sc-static.net
scripts.foureyes.io
sp.cargurus.com
static.cargurus.com
stats.g.doubleclick.net
tr.snapchat.com
w.chatlio.com
webchat.exceed.ai
www.cargurus.com
www.clearshift.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
104.75.88.209
108.138.24.161
13.32.99.15
142.250.185.162
143.204.101.170
157.245.165.179
2001:4860:4802:34::36
2001:4860:4802:36::178
2600:9000:2375:3000:14:ff33:b440:93a1
2600:9000:2490:7800:10:c56a:9600:21
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:4700:10::6816:4cb7
2606:4700::6812:bcf
2a00:1450:4001:800::2004
2a00:1450:4001:802::2003
2a00:1450:4001:802::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:813::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200d
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c08::9d
2a02:26f0:ef:2a0::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::567
2a04:4e42::432
35.190.43.134
52.222.225.250
52.26.175.46
52.86.126.67
54.144.226.48
54.148.84.190
54.215.223.85
003c612e27e3d63be6b41194c4dab29ce5032398ee602bbf2342e7c68a7a46a8
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0515269e6fe67e1687b451c7a3d4246da6178814267409c7e5342f75e6e6c454
052e26c8bbb88d1f907b5b64a9bbe6ed8883629e79e00b9796b4adb86bcb9834
0651b44556f9392d63e22137d1dcc54eca743bbfd72747471df7f8717b129476
068173ede826e64505eaabda55b122f6a451f0311649ce79ab9241fb42a06456
0918cca9be05c01a6ccf511e36b9a104e8338451ed433105e96039db021a8852
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13161620ac821e80048f8b8c4ebb6aeffdf87950d1b93317998ecf1a77bef0d9
144ee8fd3d8997d932fe2b5497979e7cde8fda86b41b0c6e32e47faa8e1157e7
14d5e426048f619331c6a2b6f56706994750ad6ec28095cce496dbdb128403e0
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28544be72151d4be4f8ea8f2e8f82ae6765a24db1c9c7c1517c57e0e868c73da
28ffbec309cd5c739a84c98fb472c9eda8d9d3660045ff4067430e4c4e698b10
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
312ed8c773ecb3cfc26c3652e63938ddce03ab1f7cd952c916cb859b16adbeb4
3291a2e24983c6e1214e4adad2e93bad28081e9de4d51e6d1747a26081501ed6
32aa45ae6d18a04cf5985a3ff0149460e7c7145fef07dd2df08cf9c6c29336c0
32e5d3676f7cca9d4bc0898299033b5fd8dfa56c917d007a9696355d1c271c26
330a3e6b56af916159ae2c165093c53f87ba994b541b99e64fa590a8ec84adaf
35c68ae34e6a648ce704a3619332aa10bee088b307d07d9d82b16942ffe8f906
36472c42444d40e663bce55ef2eaec812a7ce15953a81f4677d6ba59e881f7be
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
403d7cd0e45926eaa6897f4140b6876fa6946623dab2973e86a27115c269be90
434df907cf87fc6eaa7502d6bdb6d813fb55a69a0a9b0ca8fb9171862a1d0fbc
435c3cfc8ed949493568396f8cf164472f0e710c1d77a07391d731352997317b
43e22721ce191cab06c0f7269431a9eac8a32579d764c2e005852d3502c459fc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447a966f9c3c316da778ae29c2cd3972fa922b00f7b01bd3473c59a4141324a0
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
490c2ae7ad27b58ae02cb15b529bc7e10f5967d883d81be4afb42cba72759540
4a36e29e4b619e2e1dd1897f6b5c4034f43ea2b752619114b592f84c6ffb5cb1
5245e722592a7b1dff01163cf079409010e6be57760dd5d26c8f7651cf583267
540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8
55ecd9fc90555cc227d86be60b3ed8f7a2287b64eb3d5408ff1a23c5d3f3461a
57524f51d249504abcf152a9e2957fab5f83bd254fb0ffb1c2f81c77e59f815e
58a886cc7d1d22c51bf05e8426072841a6d7894cdbda30379273a09026346f21
5e9ebecd31dab25bbf89a8251d5bdb698f410893c49629b598020aa47a58ca88
682bfe95e753c9771d931db6687c1801ca01155fb657a4f0749559101daa9c30
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6fedfa8b2071a555a698836e17075670d878bc51bff68635a0bc0ffa3e10618d
729371dc5e41304d3d887eca7e3dc3ef3e82c210ba0929f54d812364e6fff7ca
73114854337c7316d1aeecb691f23196873eb1fb45d547eed86526e686d3f5d4
7330d7da68ac64bdbe4f341176ea7f6a78826ba6681b34ad29d72be3c8d0cd59
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
7407bf2db8fca1e587298e25d2d0d4ca58c19aea41bf448c5cf278700937137b
783ae3b2e1112f3c8eb3ec63f5d1b7c22d892fac5297006653ea7672d939de8b
799922130fe420fb2882dd22f44e36de3e13912cb924f0971e47af1f3226ff8a
7b2277924addbe10e5cb2f66ad7c3d275df560440d727f29bdc4d7f611fe0f20
7ff3c0d89cd976e4b39c0424f9dec01b5b2f99b4df6b83f97e791182699990f8
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
8395f37fc30d447640101fa4b2c9a31da5b159a2b28fa6d8513bdaa4dad0f6e4
83de8b0a5ccb59f08338d1a7ac4e16082755114e8d11c9446973e36ac0113fb3
848104268205e15b17cda61a6b404a2e393ea99e6cb5db0a17f22ebd3fdccc0a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a89b2284baa0fc6ee5ae370ab7d527a3066fa997c3a7e300e9160cb62a44b47
922297c4e207dae08affdbc21f34329d67f4ed482f5bdecb2369381a3b5eab66
93145c48056bed5373e68d5d4272d5c90667d8bd9653435c7939f347507e03d8
9342580f69543a82692690bccf05a0091927eb072d7313395b32b79f1d9f9841
93afa506e7300c24858c47fe5df4b613cf3e8a6386ff25b043ec1367fdda8ff0
941c71aa5a75df858795e118789dcadcb436dd3e312a44d89b472a077484bf19
94b6b0abae01bb56a2c65fac8cb5528f35b0a55400b01a670178b2713661755d
97f83dc425cf0aecdfce10fd18ba2987f4fb392fca689c2177fa671781eb031e
9b964f1f1ad2730220364bdaa5d9ecc03ca78ecfbcb0a4af0bcb948ab5321f81
9c69cb6a7ed711640ef2c8e9ff6e9630a174f5e77b2260380098fea20d2e5beb
9d043f1511f27aa9c6a1f9673ca10b0023cdacf1383bdd70b70e0af27fb838a8
9d3164a52994b2cdaf95fe36b05195011392f81bd1a2267dd9341e65908f9c21
9fe8a8e2261e527d5b294b5cd8781b93cecf8223e22ba45630345578599cf308
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a16906d118ba7333671f5baf95f23c6b6a999e649cd6849da00d820fc2d0aa
a27309891fd9309fa412ab67a5bfe17a331f6712c6a35947260016fb4f752382
a7977012c3f7a66e087fc58231169ce08a5f34f5b5323e9a4547a9c35112e125
a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b
aa1a3a88a189755a63807bd9d08c64297bbdb76f6c3b6d762256a65543d08ac1
ac02d01a05702b8d8b868569a2162e8494045922e7d51342505c827f54b2b145
ae0e602d9ed90240911719d6d99f50664ab502e5811f6175763880fe13e0bad7
ae540f5a8341885755ee2dcfbd25633420f935881bdbe8ec1705a8ec5ab231ca
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b127eb3926b174c9007cb9a1bb4967e90c48d6e7a8266ae853e15a661c5a28d5
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b
b59c7712e75a6f0bbefd0fefa67e85d464cf14bbd7463331f4ba7e0a963ace1d
b8d1b8b5769d718b79f7fe7708fadbb640890c53c550fe4b74420b51ee81f0a4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc1e31a3e531d95baa67f3ab23e51bf0e45c1c23d7763973fadf4e41567b6652
bc8419ce3011a0dce3b67bec9272b0f07f7199ebbc3337da54dfb21475ae4c13
bcda4434fe194bb0f3a24d6a4cd90f039028c351fc0129a7ba5d5b522e6269ee
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be1d199ac13ab792182928e9edb2307e5432e0e2c3de8f2373e2f61195276a0c
be9b62a408ab0d04dfcbf726948acdbc7c04ce9abebffb20cd09248cd6a61504
c150cf789561f8e0494ba9d3341390a19e70cd0afea4ded9ca936c08df0497d6
c16e3a4badea6055f48c4a2b23b6178623fb31989cba0fe38325ad742aecf935
c57551a14279dafbcafe1f95b00ee19aa995e48a925dbcaafa2ed2c1421196f3
c9a319875d92e0f2f0330c735b1a9883085ed8e998c3a235ed13e5da20c477f7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb62e406758ae31fb4f2d574dff9630fa2a11b072ad2906ea20b7cce03951ef4
ce3298112c54c55a9cde370f5e558be9e92a4ba81112ae821fc056af83b751d8
cfd510f88d60d8f3bfc0b91c7e234a930d31960f0aecfd051bdd6f3263303c4b
d13371b1c09d8d0bb39331df6857cd25ecc741b7171fe2dbe14484c915a4fb06
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d2e9c09c7cede2efd620a8413a3e712566fe2516be72ed68adc64e35373ca4ba
d3e91005e3cd96ec9b492410b5f32c598ab6006c5ceb37c50b136914eaea719d
d5323561a19769a27562b4ea92351fcd78b0197630995ebffbfe68efa03ade78
d5a38d73dab4defa0c06c22807b71b8f55e01d1ddd054ba6ce792fac95ccf826
d8211af3ec6a90443d062c3e32f7bef3d6ae28e03476c59bf32c5108ecaa3335
d86dcd439074b8bd3e05a28c5efe791ac9256792377f711751c725edbe76b465
d9f4836c7878efe6317f47f44eb492dde3acf318e813dee529bfa9580e6185e1
da75393148f80c1ece2366988477d048698763a71679f543f58c2ccb982a30b5
dd35c1c303acc2d3c013fd90b637a864cb1acad644209207b8358ba3e6cb4636
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec95ccee242dd958001f06b9873987f7ca4e9d20440a23aed351781b1439b7f
dfe6bf8acf774f106564ae01449018dd60b8b1d3f38afbea1d63acf1f0ce4d03
e09ffe7ef914332f78de3d8d43515d214d4ee95a160080172e6c366db8b60cf4
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e547fe50a764e43c4a31eee65d715869f35c7ad8d781584453561b87c4fcf7f3
e82260e024f17f638cab496a9ddfaa089e6f9ddbf1cc6b22b243c7dbde0c6974
e8787b986ce1452c351a4976cb95b95be50429a278530debf91d524e72a65ec8
ed01287cc7c91ca39383bc12e449fd8042e8a119fd6864639a64566cd1328d59
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f1c08e0d39dd5c97077f26607a9b542d7d7e7e678855a3423b71be41832a05f9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

www.clearshift.com Open in urlscan Pro 157.245.165.179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

152 Requests

100 %HTTPS

66 %IPv6

25 Domains

39 Subdomains

39 IPs

3 Countries

8355 kBTransfer

14482 kBSize

29 Cookies

12 Outgoing links

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.clearshift.com Open in urlscan Pro
157.245.165.179 Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

100 %
HTTPS

66 %
IPv6

25
Domains

39
Subdomains

39
IPs

3
Countries

8355 kB
Transfer

14482 kB
Size

29
Cookies

152 HTTP transactions
2 data transactions