urlscan.io logo urlscan.io
SecurityTrails logo

feedback.shift32.com Open in urlscan Pro
2606:4700::6810:d09b  Public Scan

Go To Rescan Add Verdict Report
URL: https://feedback.shift32.com/
Submission: On May 07 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 13 domains to perform 48 HTTP transactions. The main IP is 2606:4700::6810:d09b, located in United States and belongs to CLOUDFLARENET, US. The main domain is feedback.shift32.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 7th 2022. Valid for: a year.
This is the only time feedback.shift32.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2606:4700::6810:d09b (United States)

ASN13335 (CLOUDFLARENET, US)
feedback.shift32.com
15    65.9.85.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-85-116.ams1.r.cloudfront.net
static.reviewmgr.com
1    65.9.85.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-85-78.ams1.r.cloudfront.net
uploads.reviewmgr.com
4    2a00:1450:400e:80f::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400e:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    2a00:1450:400e:810::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2600:9000:2156:c00:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.pendo.io
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:801::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.146 (None, )

ASN- ()
bam-cell.nr-data.net
Apex Domain
Subdomains		 Transfer
16 reviewmgr.com
static.reviewmgr.com — Cisco Umbrella Rank: 162402
uploads.reviewmgr.com
708 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
511 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 20
apis.google.com — Cisco Umbrella Rank: 179
accounts.google.com — Cisco Umbrella Rank: 120
96 KB
4 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 401
www.google-analytics.com — Cisco Umbrella Rank: 101
37 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 887
syndication.twitter.com — Cisco Umbrella Rank: 1088
133 KB
3 shift32.com
feedback.shift32.com
45 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 195
83 KB
1 nr-data.net
bam-cell.nr-data.net
1 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 746
14 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
1 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 2700
147 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 142
64 KB
48 13
Domain Requested by
15 static.reviewmgr.com feedback.shift32.com
static.reviewmgr.com
5 www.gstatic.com www.google.com
4 www.google.com feedback.shift32.com
www.gstatic.com
www.google.com
3 feedback.shift32.com feedback.shift32.com
static.reviewmgr.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 apis.google.com feedback.shift32.com
apis.google.com
2 platform.twitter.com feedback.shift32.com
platform.twitter.com
2 connect.facebook.net feedback.shift32.com
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 ssl.google-analytics.com feedback.shift32.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com feedback.shift32.com
1 syndication.twitter.com platform.twitter.com
1 accounts.google.com feedback.shift32.com
1 www.facebook.com feedback.shift32.com
1 cdn.pendo.io feedback.shift32.com
1 fonts.googleapis.com static.reviewmgr.com
1 www.googletagmanager.com feedback.shift32.com
1 uploads.reviewmgr.com feedback.shift32.com
48 19

This site contains links to these domains. Also see Links.

Domain
uploads.reviewmgr.com
www.facebook.com
twitter.com
search.google.com
Subject Issuer Validity Valid
feedback.shift32.com
Cloudflare Inc ECC CA-3		 2022-05-07 -
2023-05-07		 a year crt.sh
reviewmgr.com
Amazon		 2021-08-03 -
2022-09-01		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-13 -
2022-05-14		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
cdn.pendo.io
Amazon		 2021-08-29 -
2022-09-27		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh

This page contains 4 frames:

Primary Page: https://feedback.shift32.com/
Frame ID: 35BB74657C820D2F2F3147F69A11CE10
Requests: 39 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Ffeedback.shift32.com
Frame ID: 918AFF7539BECF99766FF8FDBEF87A7A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVLgkTAAAAABDAapJpBKjW8GbSNq0FW81Y3L_0&co=aHR0cHM6Ly9mZWVkYmFjay5zaGlmdDMyLmNvbTo0NDM.&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=normal&cb=jhcdkj41l527
Frame ID: ECBF84E60BF82A8495304F8EC21B6905
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&k=6LfVLgkTAAAAABDAapJpBKjW8GbSNq0FW81Y3L_0
Frame ID: 0DA9421A1CCE27FE5E7BE3BBDAB90939
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shift32 | Review Us

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

48
Requests

100 %
HTTPS

74 %
IPv6

13
Domains

19
Subdomains

19
IPs

3
Countries

1841 kB
Transfer

5792 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
feedback.shift32.com/ 		34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://feedback.shift32.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:d09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc964c1704c229c9fb2b5c3fb154a991bf2a8f840acffd5923646ace9247f85e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
707642c5ceda9bec-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 07 May 2022 01:42:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
via
1.1 vegur
x-content-type-options
nosniff
x-frame-options
ALLOWALL
x-request-id
1242b653-78d1-4338-affb-dda619118326
x-runtime
0.087367
x-xss-protection
1; mode=block
base_bootstrap.css
static.reviewmgr.com/assets/manifests/minimal/ 		75 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.reviewmgr.com/assets/manifests/minimal/base_bootstrap.css
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-116.ams1.r.cloudfront.net
Software
cloudflare /
Resource Hash
7b883e928cbb78d58e05b6189a3adce73435451afa24a2a604b04cc1686fa2fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 14:24:46 GMT
Via
1.1 vegur, 1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
CF-Cache-Status
HIT
Age
40680
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Encoding
gzip
Content-Length
13648
Last-Modified
Mon, 28 Mar 2022 22:49:28 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
CF-RAY
701bc6189e69996e-FRA
X-Amz-Cf-Id
sxbaSbMfh_2sUdPfA06QEjANxI-8HnFzMp620ttP7NgtxN38xGZHzQ==
Expires
Sat, 07 May 2022 14:24:46 GMT
style.css
static.reviewmgr.com/assets/themes/minimal/filter/ 		141 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.reviewmgr.com/assets/themes/minimal/filter/style.css
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-116.ams1.r.cloudfront.net
Software
cloudflare /
Resource Hash
5e520b3bcb47b5b1aa26a018863b6b90d1d95ee6621512480a65f58080badaa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 01:42:46 GMT
Via
1.1 vegur, 1.1 3c5f93efb24b4927140dd52806f3d1e0.cloudfront.net (CloudFront)
CF-Cache-Status
HIT
Age
31532
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Encoding
gzip
Content-Length
24994
Last-Modified
Tue, 05 Apr 2022 02:51:05 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
CF-RAY
70372d99e882995d-FRA
X-Amz-Cf-Id
XXUyBXIPQYWoxEQGZdPJFUD8rSSKtfsfMHrXBOjdOvPVv7D7LRLnXA==
Expires
Sat, 07 May 2022 16:57:14 GMT
responsive.css
static.reviewmgr.com/assets/themes/minimal/filter/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.reviewmgr.com/assets/themes/minimal/filter/responsive.css
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-116.ams1.r.cloudfront.net
Software
cloudflare /
Resource Hash
bcb44936d3a2045dc5446e8ae0a631f574b2fd6642d5449249161a80ca35aa1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 11:30:12 GMT
Via
1.1 vegur, 1.1 a156165ae278c5ddd408f18e7181dccc.cloudfront.net (CloudFront)
CF-Cache-Status
HIT
Age
70538
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1365
Last-Modified
Tue, 01 Dec 2020 16:25:28 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
CF-RAY
7041bb90af40995d-FRA
X-Amz-Cf-Id
O6H2xogZMYa3wjAfMaDYPfsFonNoWZXzyYVPJxQ6wesR-3BrjQ_XJw==
Expires
Sat, 07 May 2022 11:30:12 GMT
prospect_reports-508d623cf241ddaa2e84.js
static.reviewmgr.com/assets/packs/js/ 		1 MB
348 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.reviewmgr.com/assets/packs/js/prospect_reports-508d623cf241ddaa2e84.js
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-116.ams1.r.cloudfront.net
Software
cloudflare /
Resource Hash
f9450ed7b4adf0781d1b9b7f47ce57fbb4e65cb3e52350084e7d483a305f560b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 10:29:58 GMT
Via
1.1 vegur, 1.1 3c5f93efb24b4927140dd52806f3d1e0.cloudfront.net (CloudFront)
CF-Cache-Status
MISS
Age
54768
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Encoding
gzip
Content-Length
355909
Last-Modified
Sat, 30 Apr 2022 03:26:40 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
CF-RAY
703d37bf497d5b80-FRA
X-Amz-Cf-Id
Vgp_hgB_pDBIvY2NsPKXSZPkUqvpgrYjhTLqiXaNuo16BfGqi5eGLg==
Expires
Sat, 07 May 2022 10:29:58 GMT
react-app.css
static.reviewmgr.com/assets/ 		36 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.reviewmgr.com/assets/react-app.css
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-116.ams1.r.cloudfront.net
Software
cloudflare /
Resource Hash
bb0407542340131f687b467e0841ec9127ccc260ea0397a3288a17372789f292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 08:58:30 GMT
Via
1.1 vegur, 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
CF-Cache-Status
HIT
Age
70538
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Encoding
gzip
Content-Length
5096
Last-Modified
Mon, 24 Jan 2022 17:25:03 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
CF-RAY
70372d994d749128-FRA
X-Amz-Cf-Id
ZO89lf8zdZ8QR6znDjgGgI1egEo2zRBRP-30YIf-S5w8udBJ0YVUnw==
Expires
Sat, 07 May 2022 08:58:30 GMT
targets.css
feedback.shift32.com/stylesheets/ 		555 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://feedback.shift32.com/stylesheets/targets.css
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:d09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef13cde42219b5731259c25506165df24b9b57d5c0eb576e3fe2f04c1698b3a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 01:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-xss-protection
1; mode=block
x-request-id
51b021cc-f852-4063-a587-c8be3856965c
x-runtime
0.019889
server
cloudflare
x-frame-options
ALLOWALL
etag
W/"ef13cde42219b5731259c25506165df2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 vegur
cache-control
public, max-age=14400
cf-ray
707642c91a989bec-FRA
expires
Sat, 07 May 2022 05:42:46 GMT
medium.png
uploads.reviewmgr.com/sites/4f9c9337-0e7c-4220-8075-5989c6be932b/logos/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads.reviewmgr.com/sites/4f9c9337-0e7c-4220-8075-5989c6be932b/logos/medium.png?1573619352
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-78.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1a5401e6c15db84168407c54c72643ea06681649b449815400a616520bf325f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 01:42:48 GMT
Via
1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
Last-Modified
Wed, 13 Nov 2019 04:29:13 GMT
Server
AmazonS3
X-Amz-Cf-Pop
AMS1-C1
ETag
"84a13facf2b627fcaca153d80b4a8034"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14435
X-Amz-Cf-Id
ejBhlAzAuXfDNOiZd3pkW7PDFQrDsDmT1pI6aqxlZxjO3CTlJfWZDg==
base_bootstrap.js
static.reviewmgr.com/assets/manifests/minimal/ 		627 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.reviewmgr.com/assets/manifests/minimal/base_bootstrap.js
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-116.ams1.r.cloudfront.net
Software
cloudflare /
Resource Hash
e369006eb39cd1076c8747141f049fb1c98f817ad21bdc63818f4390829cfc28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 13:39:36 GMT
Via
1.1 vegur, 1.1 3c5f93efb24b4927140dd52806f3d1e0.cloudfront.net (CloudFront)
CF-Cache-Status
MISS
Age
70538
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Encoding
gzip
Content-Length
175936
Last-Modified
Tue, 23 Nov 2021 00:02:02 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
CF-RAY
701d9f1408c49213-FRA
X-Amz-Cf-Id
LasEtJMvzJDGUIsnWfSEQpnay2SnQkvS-3dxbWY0dGi5soqVit4UJA==
Expires
Sat, 07 May 2022 13:39:36 GMT
api.js
www.google.com/recaptcha/ 		919 B
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=renderMultipleRecaptchas&render=explicit
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4a5c12aa8e3ec5041122aecaefd8c33d7f695f46f17a7bf9f82863f40b6fe0aa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 01:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
581
x-xss-protection
1; mode=block
expires
Sat, 07 May 2022 01:42:46 GMT
filter.js
static.reviewmgr.com/assets/manifests/ 		987 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.reviewmgr.com/assets/manifests/filter.js
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-116.ams1.r.cloudfront.net
Software
cloudflare /
Resource Hash
e1f7bc364b060d4142d94ce8bfbbab50d2ed4b34fcf75db5d8c79accc2dfac16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 12:45:02 GMT
Via
1.1 vegur, 1.1 3c5f93efb24b4927140dd52806f3d1e0.cloudfront.net (CloudFront)
CF-Cache-Status
HIT
Age
46664
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Encoding
gzip
Content-Length
541
Last-Modified
Tue, 01 Dec 2020 16:25:28 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
CF-RAY
701d12076f9e5bf5-FRA
X-Amz-Cf-Id
7DhH5SIzgYyokKz81NRXt-8SOys6GE4jb3_HRMohOO40vkYhFTCpFQ==
Expires
Sat, 07 May 2022 12:45:02 GMT
ahoy.js
static.reviewmgr.com/assets/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.reviewmgr.com/assets/ahoy.js
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-116.ams1.r.cloudfront.net
Software
cloudflare /
Resource Hash
be54befbcb2ef092a619d6052e785ca50c8dbc48a93e22f46784eb9ecddea40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 01:42:46 GMT
Via
1.1 vegur, 1.1 3c5f93efb24b4927140dd52806f3d1e0.cloudfront.net (CloudFront)
CF-Cache-Status
HIT
Age
14041
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1910
Last-Modified
Tue, 01 Dec 2020 16:56:35 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
CF-RAY
7042f2b29b9c9b28-FRA
X-Amz-Cf-Id
q9oa7fYOPkcuzLwbblQOPYaYswYdGKvucSCERQku4Ky7EXVFoonlYw==
Expires
Sat, 07 May 2022 21:48:45 GMT
tracking.js
static.reviewmgr.com/assets/ 		561 B
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.reviewmgr.com/assets/tracking.js
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-116.ams1.r.cloudfront.net
Software
cloudflare /
Resource Hash
acb803953a521f4ab84d7c4e3943fbece3f9148ab342141cf46fcafb0b7dc66f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 01:42:46 GMT
Via
1.1 vegur, 1.1 3c5f93efb24b4927140dd52806f3d1e0.cloudfront.net (CloudFront)
CF-Cache-Status
HIT
Age
13348
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Encoding
gzip
Content-Length
250
Last-Modified
Tue, 01 Dec 2020 16:25:28 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
CF-RAY
701b39ab5e43929c-FRA
X-Amz-Cf-Id
feXip7EswItVzq272S8cah2sMz3LcXXegNIlrnd1tRPn5ZvdF3kz5Q==
Expires
Sat, 07 May 2022 22:00:18 GMT
gtm.js
www.googletagmanager.com/ 		174 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PXPSMT4
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dad142c1a6cca408763ccac66c64ce56afdd43d2a0d7435d344ec7d3abda9130
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 01:42:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65385
x-xss-protection
0
last-modified
Sat, 07 May 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 07 May 2022 01:42:48 GMT
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900
Requested by
Host: static.reviewmgr.com
URL: https://static.reviewmgr.com/assets/themes/minimal/filter/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d39059fefeb34b33734f008048bc45696906f3f729d5d2b58c2032217478995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.reviewmgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 07 May 2022 01:42:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 07 May 2022 01:42:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 07 May 2022 01:42:46 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2088
date
Sat, 07 May 2022 01:07:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sat, 07 May 2022 03:07:59 GMT
thumbs_up_grey.svg
static.reviewmgr.com/assets/themes/minimal/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.reviewmgr.com/assets/themes/minimal/thumbs_up_grey.svg
Requested by
Host: static.reviewmgr.com
URL: https://static.reviewmgr.com/assets/themes/minimal/filter/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-116.ams1.r.cloudfront.net
Software
cloudflare /
Resource Hash
6fe9adde27f5b512f9efe3c6ad1a2d6ee215c7b69aba54452dbc685e952cf087

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.reviewmgr.com/assets/themes/minimal/filter/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 07:16:33 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Age
66374
X-Cache
Hit from cloudfront
Access-Control-Max-Age
3628800
Connection
keep-alive
Content-Length
1604
Access-Control-Allow-Origin
*
Last-Modified
Tue, 01 Dec 2020 16:25:28 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Via
1.1 vegur, 1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
CF-RAY
7044f9740ded696f-FRA
Access-Control-Allow-Headers
x-requested-with
X-Amz-Cf-Id
QgmFXt1CAK82xifvf7bqtploDmsGHZ-HVZSVOjs-s1s-nx3QxycLpQ==
Expires
Sat, 07 May 2022 07:16:33 GMT
thumbs_down_grey.svg
static.reviewmgr.com/assets/themes/minimal/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.reviewmgr.com/assets/themes/minimal/thumbs_down_grey.svg
Requested by
Host: static.reviewmgr.com
URL: https://static.reviewmgr.com/assets/themes/minimal/filter/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-116.ams1.r.cloudfront.net
Software
cloudflare /
Resource Hash
d47b0f713ebe0f91592969ef59f9c2d4fa59e69204ce96a5395a3f8111688936

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.reviewmgr.com/assets/themes/minimal/filter/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 06:16:09 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Age
69998
X-Cache
Hit from cloudfront
Access-Control-Max-Age
3628800
Connection
keep-alive
Content-Length
1592
Access-Control-Allow-Origin
*
Last-Modified
Tue, 01 Dec 2020 16:25:28 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Via
1.1 vegur, 1.1 3c5f93efb24b4927140dd52806f3d1e0.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
CF-RAY
7053d7b20d8a9067-FRA
Access-Control-Allow-Headers
x-requested-with
X-Amz-Cf-Id
lm7UCKcWMOUvGOWYvYmZsxmPG4RAWPiprdDLWgXYS5cH3GbDPYugiw==
Expires
Sat, 07 May 2022 06:16:09 GMT
fb.svg
static.reviewmgr.com/assets/themes/minimal/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.reviewmgr.com/assets/themes/minimal/fb.svg
Requested by
Host: static.reviewmgr.com
URL: https://static.reviewmgr.com/assets/themes/minimal/filter/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-116.ams1.r.cloudfront.net
Software
cloudflare /
Resource Hash
f7f0df92630fcb3d8b560cd5091999d5e8ebc29d31a626d3b4897ea49c938ef7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.reviewmgr.com/assets/themes/minimal/filter/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 05:51:12 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Age
71495
X-Cache
Hit from cloudfront
Access-Control-Max-Age
3628800
Connection
keep-alive
Content-Length
695
Access-Control-Allow-Origin
*
Last-Modified
Tue, 01 Dec 2020 16:25:28 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Via
1.1 vegur, 1.1 3c5f93efb24b4927140dd52806f3d1e0.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
CF-RAY
704471b518c56939-FRA
Access-Control-Allow-Headers
x-requested-with
X-Amz-Cf-Id
7z7oJdCikZSByOISTsjLpUi7scuOHO86uxHSea8ttVYWqPx_85Q73A==
Expires
Sat, 07 May 2022 05:51:12 GMT
twitter.svg
static.reviewmgr.com/assets/themes/minimal/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.reviewmgr.com/assets/themes/minimal/twitter.svg
Requested by
Host: static.reviewmgr.com
URL: https://static.reviewmgr.com/assets/themes/minimal/filter/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-116.ams1.r.cloudfront.net
Software
cloudflare /
Resource Hash
61100421db5bf30fe4e3d66b940ffc39c71ef67c58ffa438743bb0b63f855d5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.reviewmgr.com/assets/themes/minimal/filter/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 11:40:56 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
50511
X-Cache
Hit from cloudfront
Access-Control-Max-Age
3628800
Connection
keep-alive
Content-Length
1051
Access-Control-Allow-Origin
*
Last-Modified
Tue, 01 Dec 2020 16:25:28 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Via
1.1 vegur, 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
CF-RAY
7069ed3329489975-FRA
Access-Control-Allow-Headers
x-requested-with
X-Amz-Cf-Id
MoZcVGhfG8MQJwX_TAVoDbAowZvyszQ_GFDOHeEHZ5RTOJYHqdZ1YA==
Expires
Sat, 07 May 2022 11:40:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://feedback.shift32.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 16:23:03 GMT
x-content-type-options
nosniff
age
206384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 May 2023 16:23:03 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://feedback.shift32.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 05:03:14 GMT
x-content-type-options
nosniff
age
74373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 06 May 2023 05:03:14 GMT
fa-regular-400.woff2
static.reviewmgr.com/assets/ 		107 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.reviewmgr.com/assets/fa-regular-400.woff2
Requested by
Host: static.reviewmgr.com
URL: https://static.reviewmgr.com/assets/themes/minimal/filter/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-116.ams1.r.cloudfront.net
Software
cloudflare /
Resource Hash
3cc49fc5ded58b415e3f3fd2f07cff4f18da9e1e09602b5085fcd3f0cc85a486

Request headers

Referer
https://static.reviewmgr.com/assets/themes/minimal/filter/style.css
Origin
https://feedback.shift32.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 16:40:22 GMT
Via
1.1 vegur, 1.1 d3d7cb5a7de36091f7284546b4190a32.cloudfront.net (CloudFront)
CF-Cache-Status
MISS
Age
32545
X-Cache
Hit from cloudfront
Access-Control-Max-Age
3628800
Connection
keep-alive
Content-Length
110020
Last-Modified
Tue, 01 Dec 2020 16:25:28 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
CF-RAY
7061cd2a9d8e902a-FRA
Access-Control-Allow-Headers
x-requested-with
X-Amz-Cf-Id
mY0V99rF9gcXm78fF18eZigofkV12n4O1rYLAvzJRSF73VmJNXhV5w==
Expires
Sat, 07 May 2022 16:40:22 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ 		364 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderMultipleRecaptchas&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://feedback.shift32.com/
Origin
https://feedback.shift32.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 18:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147136
x-xss-protection
0
last-modified
Mon, 02 May 2022 04:03:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 06 May 2023 18:18:22 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d735d2a7a9f75e3616274fc127037a04a1e90069b2b9ff67b1c92e7701a2d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
DDaOt+C+mELOf41gS7dVfA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sat, 07 May 2022 01:54:52 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
uq/LQwf8f91esI/eccM6j9tUeygZePD9a9gMCgZh4wkABtof8jtxLi/ilDUP9BZq51+BSqNeZWIzaNGUUEJDEw==
x-fb-trip-id
686109401
x-fb-content-md5
a1c4801d87a20512d8957748e341fa9e
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 07 May 2022 01:42:47 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"c6f21f8464577b9e0418292c75c33402"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D3) /
Resource Hash
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 01:42:47 GMT
Content-Encoding
gzip
Age
1110
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
29461
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 12:38:34 GMT
Server
ECS (frb/67D3)
Etag
"f1369725ba22125b0df0251e74090aa0+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a46e721738fe773283959d5c78be8e4b74f398ef65efddcc2bc8b2c87f6b02b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20362
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Sat, 07 May 2022 01:42:47 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"63dec9bbc38e8ea1"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 01:42:47 GMT
pendo.js
cdn.pendo.io/agent/static/a7e76136-e5b1-4123-764d-4d9170798a65/ 		475 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/a7e76136-e5b1-4123-764d-4d9170798a65/pendo.js
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c00:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
216b4bb03d1080910b61a675b5bb9202d8185400fde4d9116d64bd0f07b9a057

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 01:42:47 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA50-C1
X-GUploader-UploadID
ADPycduzZgCZkljRK9rfiA9C4N0-Km8XJKFlrWB97WTg196N7aJBtl0fzvWGhzAACM_Ho6D0J0F1QuPeW1F0CdO1KzcQOxoq6ppE
X-Cache
RefreshHit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
149428
Access-Control-Allow-Origin
*
Last-Modified
Thu, 05 May 2022 18:09:00 GMT
Server
UploadServer
ETag
"70ae281b7a09b66a726c5fcd7526dcde"
Vary
Accept-Encoding
x-goog-hash
crc32c=OGwOTQ==, md5=cK4oG3oJtmpybF/NdSbc3g==
x-goog-generation
1651774140474804
Via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
149428
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
ppTci92Bb2YpvvDjN8p1kFAf4ddxfSiZp1a2aT2nsBHHUKeaFN2UoA==
Expires
Sat, 07 May 2022 01:50:17 GMT
spinner.gif
static.reviewmgr.com/assets/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.reviewmgr.com/assets/spinner.gif
Requested by
Host: static.reviewmgr.com
URL: https://static.reviewmgr.com/assets/themes/minimal/filter/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-116.ams1.r.cloudfront.net
Software
cloudflare /
Resource Hash
1496dc51eb8a5c71111f9975683029e72f023aaf94649304cc28b4469ba93595

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.reviewmgr.com/assets/themes/minimal/filter/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 03 Sep 2021 03:37:13 GMT
Via
1.1 vegur, 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
CF-Cache-Status
HIT
Age
23520527
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3866
Last-Modified
Tue, 01 Dec 2020 16:25:28 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
CF-RAY
688bf0356ee62b29-FRA
X-Amz-Cf-Id
JLZZbYBGRIy_eBJ3NemCCCAjAx4n_D_79GXXh6YumZSNa4Zpx_OdNg==
Expires
Sat, 03 Sep 2022 03:37:13 GMT
visits
feedback.shift32.com/ahoy/ 		103 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://feedback.shift32.com/ahoy/visits
Requested by
Host: static.reviewmgr.com
URL: https://static.reviewmgr.com/assets/manifests/minimal/base_bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:d09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f804f0633707d36fe77a8038f48313c70c6039b70716322f4bf6033570f6dc7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://feedback.shift32.com/
X-CSRF-Token
w0rnmBGx/3k9A3dHInNYcK2TlXmd/Gp6sx+ZMjpK7ky0ikNgsgzT6SaBkPw3atSTkmp4bVY6sTw84OzjOFcmNg==
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-runtime
0.058853
date
Sat, 07 May 2022 01:42:48 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"f804f0633707d36fe77a8038f48313c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOWALL
content-type
application/vnd.api+json; charset=utf-8
cache-control
max-age=0, private, must-revalidate, no-transform
cf-ray
707642d4b8ab9bec-FRA
x-xss-protection
1; mode=block
x-request-id
bd2108c5-89c9-4106-8984-cc27549ebf6b
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
all.js
connect.facebook.net/en_US/ 		284 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=3f708ce5a62822e58b224925852b7b49
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
819e810cd76c1cd71c729aa7062e74d92ce205e4ec842a6aec8a3bc1463d9b78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://feedback.shift32.com/
Origin
https://feedback.shift32.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
xtGzegl8zG20RbuhQSpmCQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sat, 06 May 2023 23:52:34 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
82591
x-fb-rlafr
0
x-fb-debug
5MR0nb4rAyrctXPc5mAO7iB6rYfgfSAs8gdz79q4u5xOXuKPyeh/r83QE1gfWlOgyRykGciqp3nGfLuyGKc3bg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
c75e71c6b6270b1d7b7c31a35050a3eb
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 07 May 2022 01:42:47 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"0ed2ad9de4e5026c5df0e9cfac565431"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a667c3feb68929a9fa9a024d1631d6f97d3629bfa86a076efb5268ad11f5bc1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 00:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
523305
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52038
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 15:20:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 May 2023 00:21:02 GMT
widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html
platform.twitter.com/widgets/ Frame 918A 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Ffeedback.shift32.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
https://feedback.shift32.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
295332
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Sat, 07 May 2022 01:42:48 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 13 Apr 2022 12:15:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6711)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
anchor
www.google.com/recaptcha/api2/ Frame ECBF 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVLgkTAAAAABDAapJpBKjW8GbSNq0FW81Y3L_0&co=aHR0cHM6Ly9mZWVkYmFjay5zaGlmdDMyLmNvbTo0NDM.&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=normal&cb=jhcdkj41l527
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6098114320f95b9849f187eb72af26e99dfc939d370a9208a57ef1ee8ca6cf40
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aWLfA5vwEDS/y3e/nM8eCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://feedback.shift32.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22693
content-security-policy
script-src 'report-sample' 'nonce-aWLfA5vwEDS/y3e/nM8eCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 01:42:48 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame ECBF 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVLgkTAAAAABDAapJpBKjW8GbSNq0FW81Y3L_0&co=aHR0cHM6Ly9mZWVkYmFjay5zaGlmdDMyLmNvbTo0NDM.&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=normal&cb=jhcdkj41l527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 17:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 02 May 2022 04:03:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 06 May 2023 17:08:52 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame ECBF 		364 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVLgkTAAAAABDAapJpBKjW8GbSNq0FW81Y3L_0&co=aHR0cHM6Ly9mZWVkYmFjay5zaGlmdDMyLmNvbTo0NDM.&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=normal&cb=jhcdkj41l527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 18:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147136
x-xss-protection
0
last-modified
Mon, 02 May 2022 04:03:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 06 May 2023 18:18:22 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame ECBF 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVLgkTAAAAABDAapJpBKjW8GbSNq0FW81Y3L_0&co=aHR0cHM6Ly9mZWVkYmFjay5zaGlmdDMyLmNvbTo0NDM.&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=normal&cb=jhcdkj41l527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e2bb902ccc459d03e4b9d2fdc84903ba65745388cee5a5bea30f8f16d135dda6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVLgkTAAAAABDAapJpBKjW8GbSNq0FW81Y3L_0&co=aHR0cHM6Ly9mZWVkYmFjay5zaGlmdDMyLmNvbTo0NDM.&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=normal&cb=jhcdkj41l527
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 01:42:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 07 May 2022 01:42:48 GMT
bframe
www.google.com/recaptcha/api2/ Frame 0DA9 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&k=6LfVLgkTAAAAABDAapJpBKjW8GbSNq0FW81Y3L_0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
78a51675a1fbbd7f8f073ab79338cdddbdec64f0b0bb9800eefcec0ea52f98be
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bUU7ofJo1BM3lHhafMn2qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://feedback.shift32.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1112
content-security-policy
script-src 'report-sample' 'nonce-bUU7ofJo1BM3lHhafMn2qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 01:42:48 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXPSMT4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
478
date
Sat, 07 May 2022 01:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 07 May 2022 03:34:50 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1677860541&t=pageview&_s=1&dl=https%3A%2F%2Ffeedback.shift32.com%2F&ul=en-us&de=UTF-8&dt=Shift32%20%7C%20Review%20Us&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=773397270&gjid=412717221&cid=1901270373.1651887768&tid=UA-37784350-1&_gid=1269554086.1651887768&_r=1&gtm=2wg540PXPSMT4&z=1912147742
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://feedback.shift32.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 07 May 2022 01:42:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://feedback.shift32.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=739455537&utmhn=feedback.shift32.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shift32%20%7C%20Review%20Us&utmhid=1677860541&utmr=-&utmp=%2F&utmht=1651887767808&utmac=UA-37784350-1&utmcc=__utma%3D263612443.1901270373.1651887768.1651887768.1651887768.1%3B%2B__utmz%3D263612443.1651887768.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=210000939&utmredir=1&utmu=qAAgAAAAAAAAAAAAAAABAAAE~
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 01:42:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame 0DA9 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&k=6LfVLgkTAAAAABDAapJpBKjW8GbSNq0FW81Y3L_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 17:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 02 May 2022 04:03:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 06 May 2023 17:08:52 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame 0DA9 		364 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&k=6LfVLgkTAAAAABDAapJpBKjW8GbSNq0FW81Y3L_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 18:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147136
x-xss-protection
0
last-modified
Mon, 02 May 2022 04:03:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 06 May 2023 18:18:22 GMT
settings
syndication.twitter.com/ Frame 918A 		120 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=6c64bf6b7051c256e4ec2aa37bcd460ee2c5f582
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Ffeedback.shift32.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
f8cacb171afeb1d90fb92a35f80f9110210a287be17eba6f3603d9d4a7e4527a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
108
date
Sat, 07 May 2022 01:42:51 GMT
content-encoding
gzip
last-modified
Sat, 07 May 2022 01:42:51 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
ebe1a66d2837c7d05a4c576ce971a2497bc7ac6cd6bd7b6ba8cfde2d6a9fd11e
content-length
126
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: feedback.shift32.com
URL: https://feedback.shift32.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id
TG0A5SDZJ767Q1E7
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
+SM8u7osfmExQLZWh68JZqQBrUjeaPn+iRiHCVB3IwlHIvvcrTZhMwzKZMUT8BlC+T+K2o8ok2g=
x-served-by
cache-hhn4059-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1651887772.755745,VS0,VE0
date
Sat, 07 May 2022 01:42:51 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1918
1a830208da
bam-cell.nr-data.net/1/ 		49 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/1a830208da?a=1871990&v=1216.487a282&to=IQtaRRNbWg8GFB1TEAsIUFQTG0YCBANBHhYKC0M%3D&rst=6685&ck=1&ref=https://feedback.shift32.com/&qt=2&ap=87&be=831&fe=6631&dc=2673&perf=%7B%22timing%22:%7B%22of%22:1651887764315,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:43,%22c%22:43,%22s%22:50,%22ce%22:300,%22rq%22:300,%22rp%22:778,%22rpe%22:790,%22dl%22:786,%22di%22:2673,%22ds%22:2673,%22de%22:2686,%22dc%22:6631,%22l%22:6631,%22le%22:6634%7D,%22navigation%22:%7B%7D%7D&fp=2626&fcp=2626&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feedback.shift32.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 01:42:52 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Connection
keep-alive
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcPwGvkhvq%2FsUUoCq2zv2NCjuSuLetQaDBD636STWcUav9KzJF6tyGSOm1lamEBK8Zg6M9exxFQeaO7W%2BJA3eJBx%2BQHpTinc1%2Fglp5WwyaN7PiANc8flgkVcJ05b8aMj2mpjerpu"}],"group":"cf-nel","max_age":604800}
Content-Type
text/javascript
Access-Control-Allow-Origin
*
access-control-allow-credentials
true
CF-Ray
707642eddfc75b62-FRA

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| dataLayer object| NREUM object| newrelic function| __nr_require object| ReactRailsUJS object| _gaq function| getParameterByName function| randomString function| defaultFor function| triggerEvent function| domReady function| setupForms function| showProgress function| hideProgress function| enablePopovers function| renderMultipleRecaptchas function| showPageSpinner function| removePageSpinner function| ajaxError function| statusReset function| modalsReset function| applyCharLimit function| showPhone function| hidePhone function| showEmail function| hideEmail function| emailPhoneToggle function| emailPhoneHide function| emailPhoneReset function| formatPhoneOnKeyup function| pollJob function| activateTelInput function| stopVideo object| isMobile boolean| mapdefault boolean| mapmodal function| $ function| jQuery function| swal function| sweetAlert object| jQuery112108044954820944301 object| intlTelInputUtils object| L object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client number| loggedInTestCount number| loggedInPossibleCount object| loggedInLinks object| pendo object| ahoy object| loginTargets object| FB object| gapi object| ___jsl object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __twttrll object| twttr object| __twttr object| recaptcha object| closure_lm_247975 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| _gat

11 Cookies

Domain/Path Name / Value
.shift32.com/ Name: ahoy_visitor
Value: 0be7987a-356e-49b8-9c0c-9d87c1e6ac28
.shift32.com/ Name: ahoy_visit
Value: 81d75144-3997-46de-816e-604208a29ced
.shift32.com/ Name: _gcl_au
Value: 1.1.628226612.1651887768
.feedback.shift32.com/ Name: _ga
Value: GA1.3.1901270373.1651887768
.feedback.shift32.com/ Name: _gid
Value: GA1.3.1269554086.1651887768
.feedback.shift32.com/ Name: _gat_UA-37784350-1
Value: 1
.feedback.shift32.com/ Name: __utma
Value: 263612443.1901270373.1651887768.1651887768.1651887768.1
.feedback.shift32.com/ Name: __utmc
Value: 263612443
.feedback.shift32.com/ Name: __utmz
Value: 263612443.1651887768.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.feedback.shift32.com/ Name: __utmt_b
Value: 1
.feedback.shift32.com/ Name: __utmb
Value: 263612443.1.10.1651887768

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
bam-cell.nr-data.net
cdn.pendo.io
connect.facebook.net
feedback.shift32.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
platform.twitter.com
ssl.google-analytics.com
static.reviewmgr.com
syndication.twitter.com
uploads.reviewmgr.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.244.42.72
151.101.2.137
162.247.243.146
2600:9000:2156:c00:1f:aa31:7740:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:d09b
2a00:1450:4001:801::200d
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:400e:80e::2008
2a00:1450:400e:80f::2004
2a00:1450:400e:810::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
65.9.85.116
65.9.85.78
0d39059fefeb34b33734f008048bc45696906f3f729d5d2b58c2032217478995
0d735d2a7a9f75e3616274fc127037a04a1e90069b2b9ff67b1c92e7701a2d5f
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1496dc51eb8a5c71111f9975683029e72f023aaf94649304cc28b4469ba93595
216b4bb03d1080910b61a675b5bb9202d8185400fde4d9116d64bd0f07b9a057
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3cc49fc5ded58b415e3f3fd2f07cff4f18da9e1e09602b5085fcd3f0cc85a486
4a5c12aa8e3ec5041122aecaefd8c33d7f695f46f17a7bf9f82863f40b6fe0aa
5e520b3bcb47b5b1aa26a018863b6b90d1d95ee6621512480a65f58080badaa0
6098114320f95b9849f187eb72af26e99dfc939d370a9208a57ef1ee8ca6cf40
61100421db5bf30fe4e3d66b940ffc39c71ef67c58ffa438743bb0b63f855d5f
6a46e721738fe773283959d5c78be8e4b74f398ef65efddcc2bc8b2c87f6b02b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
6fe9adde27f5b512f9efe3c6ad1a2d6ee215c7b69aba54452dbc685e952cf087
78a51675a1fbbd7f8f073ab79338cdddbdec64f0b0bb9800eefcec0ea52f98be
7b883e928cbb78d58e05b6189a3adce73435451afa24a2a604b04cc1686fa2fc
819e810cd76c1cd71c729aa7062e74d92ce205e4ec842a6aec8a3bc1463d9b78
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a5401e6c15db84168407c54c72643ea06681649b449815400a616520bf325f
a667c3feb68929a9fa9a024d1631d6f97d3629bfa86a076efb5268ad11f5bc1f
acb803953a521f4ab84d7c4e3943fbece3f9148ab342141cf46fcafb0b7dc66f
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bb0407542340131f687b467e0841ec9127ccc260ea0397a3288a17372789f292
bcb44936d3a2045dc5446e8ae0a631f574b2fd6642d5449249161a80ca35aa1b
be54befbcb2ef092a619d6052e785ca50c8dbc48a93e22f46784eb9ecddea40f
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07
d47b0f713ebe0f91592969ef59f9c2d4fa59e69204ce96a5395a3f8111688936
dad142c1a6cca408763ccac66c64ce56afdd43d2a0d7435d344ec7d3abda9130
e1f7bc364b060d4142d94ce8bfbbab50d2ed4b34fcf75db5d8c79accc2dfac16
e2bb902ccc459d03e4b9d2fdc84903ba65745388cee5a5bea30f8f16d135dda6
e369006eb39cd1076c8747141f049fb1c98f817ad21bdc63818f4390829cfc28
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef13cde42219b5731259c25506165df24b9b57d5c0eb576e3fe2f04c1698b3a4
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7f0df92630fcb3d8b560cd5091999d5e8ebc29d31a626d3b4897ea49c938ef7
f804f0633707d36fe77a8038f48313c70c6039b70716322f4bf6033570f6dc7e
f8cacb171afeb1d90fb92a35f80f9110210a287be17eba6f3603d9d4a7e4527a
f9450ed7b4adf0781d1b9b7f47ce57fbb4e65cb3e52350084e7d483a305f560b
fc964c1704c229c9fb2b5c3fb154a991bf2a8f840acffd5923646ace9247f85e