app.truework.com Open in urlscan Pro
3.20.210.95 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.truework.com/requester/new
Submission: On February 25 via manual (February 25th 2022, 3:57:43 pm UTC) from US — Scanned from DE

Summary HTTP 85 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 19 domains to perform 85 HTTP transactions. The main IP is 3.20.210.95, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is app.truework.com. The Cisco Umbrella rank of the primary domain is 418273.
TLS certificate: Issued by Amazon on April 26th 2021. Valid for: a year.

This is the only time app.truework.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	3.20.210.95 3.20.210.95	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
7	2600:9000:215... 2600:9000:2156:ac00:6:12a5:ec40:93a1	16509 (AMAZON-02) (AMAZON-02)
8	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::ac43:cefe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:170... 2a02:26f0:1700:793::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	143.204.103.41 143.204.103.41	16509 (AMAZON-02) (AMAZON-02)
1	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	54.184.201.63 54.184.201.63	16509 (AMAZON-02) (AMAZON-02)
4	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	143.204.101.83 143.204.101.83	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	44.235.139.224 44.235.139.224	16509 (AMAZON-02) (AMAZON-02)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	104.198.23.205 104.198.23.205	15169 (GOOGLE) (GOOGLE)
85	24

10 3.20.210.95 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-210-95.us-east-2.compute.amazonaws.com

app.truework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2156:ac00:6:12a5:ec40:93a1 (United States)

ASN16509 (AMAZON-02, US)

dgoidxrjgsomp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:cefe (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-in.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:793::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.204.103.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-41.fra50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.184.201.63 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-201-63.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

truework-contact.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.101.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-83.fra50.r.cloudfront.net

d2yyd1h5u9mauk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.235.139.224 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-139-224.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.23.205 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 205.23.198.104.bc.googleusercontent.com

r.lr-in.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	stripe.com js.stripe.com — Cisco Umbrella Rank: 854 q.stripe.com — Cisco Umbrella Rank: 5951 m.stripe.com — Cisco Umbrella Rank: 828 r.stripe.com — Cisco Umbrella Rank: 4038	205 KB
10	cloudfront.net dgoidxrjgsomp.cloudfront.net d2yyd1h5u9mauk.cloudfront.net	848 KB
10	truework.com app.truework.com — Cisco Umbrella Rank: 418273	48 KB
9	segment.com cdn.segment.com — Cisco Umbrella Rank: 1481	64 KB
8	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1899 ekr.zdassets.com — Cisco Umbrella Rank: 2159	373 KB
4	gstatic.com fonts.gstatic.com	63 KB
4	zendesk.com truework-contact.zendesk.com — Cisco Umbrella Rank: 578135	3 KB
2	segment.io api.segment.io — Cisco Umbrella Rank: 1009	285 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	85 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 913	17 KB
2	lr-in.com cdn.lr-in.com — Cisco Umbrella Rank: 11173 r.lr-in.com — Cisco Umbrella Rank: 15807	175 KB
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 802	6 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6342	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 37	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	sentry.io sentry.io — Cisco Umbrella Rank: 373	406 B
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 703	9 KB
85	19

	Domain	Requested by
10	r.stripe.com	js.stripe.com
10	app.truework.com	app.truework.com dgoidxrjgsomp.cloudfront.net
9	cdn.segment.com	dgoidxrjgsomp.cloudfront.net cdn.segment.com
7	static.zdassets.com	app.truework.com static.zdassets.com
7	dgoidxrjgsomp.cloudfront.net	app.truework.com dgoidxrjgsomp.cloudfront.net
6	js.stripe.com	app.truework.com js.stripe.com
4	fonts.gstatic.com	fonts.googleapis.com
4	truework-contact.zendesk.com	static.zdassets.com
3	d2yyd1h5u9mauk.cloudfront.net	app.truework.com
3	q.stripe.com	app.truework.com
2	api.segment.io	dgoidxrjgsomp.cloudfront.net
2	www.googletagmanager.com	cdn.segment.com
2	m.stripe.com	m.stripe.network
2	m.stripe.network	js.stripe.com m.stripe.network
2	unpkg.com	app.truework.com
2	fonts.googleapis.com	app.truework.com
1	r.lr-in.com	dgoidxrjgsomp.cloudfront.net
1	www.google.de	app.truework.com
1	www.google.com	app.truework.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	ekr.zdassets.com	dgoidxrjgsomp.cloudfront.net
1	sentry.io	dgoidxrjgsomp.cloudfront.net
1	cdn.optimizely.com	dgoidxrjgsomp.cloudfront.net
1	cdn.lr-in.com	dgoidxrjgsomp.cloudfront.net
85	25

This site contains links to these domains. Also see Links.

Domain
www.truework.com

Subject Issuer	Validity	Valid
app.truework.com Amazon	`2021-04-26` - `2022-05-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-01-26` - `2022-05-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-11` - `2022-05-04`	4 months	crt.sh
truework-contact.zendesk.com Cloudflare Inc ECC CA-3	`2021-06-09` - `2022-06-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
api.logrocket.com R3	`2022-01-26` - `2022-04-26`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://app.truework.com/requester/new
Frame ID: 62295DC207FC9AD3A115B42EFF2F8970
Requests: 53 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html
Frame ID: E0A5FCECDF78E3D6F8AB0691F3C84812
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: D62F6200D3E3593A690AB1DD1454A153
Requests: 5 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-997966966c6c84622001.js
Frame ID: FB30B0479AB80B551490223AF7D78740
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-2ec31373c3f7d381bab1052895baf659.html
Frame ID: 1DB3972BCA3658A6B27A78B54A96B85F
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Truework

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

85
Requests

99 %
HTTPS

43 %
IPv6

19
Domains

25
Subdomains

24
IPs

3
Countries

1915 kB
Transfer

7749 kB
Size

12
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.truework.com/

Search URL Search Domain Scan URL

URL: https://www.truework.com/terms/requesters
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.truework.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request new Show response
app.truework.com/requester/ 6 KB
3 KB 347ms
108ms Document
text/html 3.20.210.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truework.com/requester/new

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.20.210.95 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-210-95.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2bfc7a47ee64561d31ebfb4738836853a3d4613c9814003781b79d29efab47bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://encompassloconnect.com https://.encompassloconnect.com https://ellieservices.com https://.ellieservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
content-type: text/html
server: nginx
last-modified: Tue, 22 Feb 2022 18:22:50 GMT
etag: W/"621529fa-1631"
x-dns-prefetch-control: off
x-frame-options: sameorigin
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://encompassloconnect.com https://*.encompassloconnect.com https://ellieservices.com https://*.ellieservices.com;
content-security-policy-report-only: report-uri https://sentry.io/api/285406/security/?sentry_key=4838404aafea4aa3a71968579571e131 ; default-src 'self' data: https: wss: ; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: wss: ; style-src 'self' 'unsafe-inline' https: ; img-src 'self' data: blob: https: ; font-src 'self' data: https: ; connect-src 'self' https: wss: ; child-src 'self' blob: ; frame-src 'self' https: ; worker-src 'self' blob:
cache-control: no-cache
content-encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 137ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/new

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e28771832b71bbe80674b23765364b9d6b5b3e77815b68fa0ea131ffe0ec674

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 15:57:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 25 Feb 2022 15:57:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Feb 2022 15:57:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 146ms
59ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Mono:400,700|Roboto:400,400i,500,700,700i,900

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/new

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9aa5d0fafc8d220bbed312ca0f014e52e720f8b51ce6dc49d50b37b62966d79b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 15:57:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 25 Feb 2022 15:57:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Feb 2022 15:57:37 GMT

GET
H2 200 bootstrap-3-3-7.min.css
app.truework.com/assets/css/ 118 KB
25 KB 110ms
108ms Stylesheet
text/css 3.20.210.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truework.com/assets/css/bootstrap-3-3-7.min.css

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/new

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.20.210.95 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-210-95.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

934b265c36a554e34c2ad890d922f7a6f5f33900f835ba2db4cc5ac0944331a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://encompassloconnect.com https://.encompassloconnect.com https://ellieservices.com https://.ellieservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.truework.com/requester/new
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Feb 2022 18:17:52 GMT
server: nginx
x-frame-options: sameorigin
etag: W/"621528d0-1d943"
x-download-options: noopen
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=31536000, public
content-security-policy: frame-ancestors 'self' https://encompassloconnect.com https://*.encompassloconnect.com https://ellieservices.com https://*.ellieservices.com;
content-security-policy-report-only: report-uri https://sentry.io/api/285406/security/?sentry_key=4838404aafea4aa3a71968579571e131 ; default-src 'self' data: https: wss: ; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: wss: ; style-src 'self' 'unsafe-inline' https: ; img-src 'self' data: blob: https: ; font-src 'self' data: https: ; connect-src 'self' https: wss: ; child-src 'self' blob: ; frame-src 'self' https: ; worker-src 'self' blob:
expires: Sat, 25 Feb 2023 15:57:37 GMT

GET
H2 200 truework.92a69a89a358bb078b75.css
dgoidxrjgsomp.cloudfront.net/assets/css/ 13 KB
3 KB 69ms
29ms Stylesheet
text/css 2600:9000:2156:ac00:6:12a5:ec40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgoidxrjgsomp.cloudfront.net/assets/css/truework.92a69a89a358bb078b75.css
Requested by: Host: app.truework.com
URL: https://app.truework.com/requester/new
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:6:12a5:ec40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 402efb545aa98ac51065adbf0216c28821313f7f9fba11915ad981805672071a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 21:33:11 GMT
server: AmazonS3
age: 29853
etag: W/"35954e3a4c61ef663b2e003657dc99a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: A_jPuXES7qgHKxqc2-8Bb6INWHH-r7mJ0peA_j8333S79zcoVc3HTQ==

GET
H2 200 / Show response
js.stripe.com/v3/ 279 KB
67 KB 47ms
6ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/new

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

550604f0d5d63a2581ef677ea43a1d0b7f094ad8dc0a5291f7d8af0a05e566c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 35
x-cache: HIT
content-length: 68134
etag: "619562da17338acb838b2991efd4892e"
x-request-id: 71fdefd0-8020-4c08-bbee-2668d453bac7
x-served-by: cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Thu, 24 Feb 2022 21:21:53 GMT
server: Fastly
date: Fri, 25 Feb 2022 15:57:37 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17

GET
H2 200 fetch.umd.js Show response
unpkg.com/whatwg-fetch@3.0.0/dist/ 14 KB
4 KB 37ms
18ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/whatwg-fetch@3.0.0/dist/fetch.umd.js

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/new

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a0c4301b6e804a7a808eb69694ed08567605811ae9bef1d3f19c88e20bdec92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2707119
fly-request-id: 01FT83XFTSXF129K74AJ2RQ5RQ
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"39d5-UI75N4tJ00i8iMkuAvRZcklx6l8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6e322162f8279001-FRA

GET
H2 200 polyfill.min.js Show response
unpkg.com/promise-polyfill@8.1.3/dist/ 3 KB
1 KB 62ms
43ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/promise-polyfill@8.1.3/dist/polyfill.min.js

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/new

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d66a9e827146c7cffff75212032752172352dc9eca81efe3ff413eb9e008f73a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2705627
fly-request-id: 01FT85B0X48F8DQ12QSS24B5F2
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"caf-UsKWMWUo1TBY0X5TKxxITvk219g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6e322162f82b9001-FRA

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 20 KB
6 KB 63ms
25ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=02408aa8-e1cb-44df-84d5-6a362558e3c8

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/new

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eb3d539dd1a33f6b36a83cebe63c9bae149933824859089389bd8b24865768c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: JXYXV8D3YB3JM7E6
x-amz-id-2: UY60zg4qVON2ixNIlVzTfZ0Aeu5kfn+MUgHQwNPpgyWg+/CyWwKHj5cT5JfVulmX4i5jLp1bT3A=
last-modified: Sun, 09 Jan 2022 23:14:59 GMT
server: cloudflare
etag: W/"301f9083ec60c9321ec7789c905c3232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3X5tsi4d5Z%2BhdSukhVVb0bQhPWTPexsxc1MBEs1qhnydRL8mmhcnZvYP6INUMNmvVVkfOvUbo3wvqgxJo36S%2BObVyQW7ddtoEABpX9caoGFdZiUqWL2EdLuY5MlBmMtQq9t5ys%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: oV93LKh3GEBdpA7a6pYv5Alew2GE593j
cf-ray: 6e3221631e179969-FRA

GET
H2 200 truework.main.cace8ac81c7d28c6283e.js Show response
dgoidxrjgsomp.cloudfront.net/assets/js/ 751 KB
220 KB 49ms
10ms Script
application/javascript 2600:9000:2156:ac00:6:12a5:ec40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js
Requested by: Host: app.truework.com
URL: https://app.truework.com/requester/new
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:6:12a5:ec40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66a5e6a1f28b7a52a74a0921575607b60061d4511954d8ffb6f728673f94c854

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:49:10 GMT
content-encoding: gzip
last-modified: Tue, 22 Feb 2022 18:24:09 GMT
server: AmazonS3
age: 76108
etag: W/"42bf2b16f258fadc3a9b1325c961d04c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9F6KY8nmnpKBi8GB2lHzy2OhmuTe8azr99YmFiSvVOkz8kUzsVXK2Q==

GET
H2 200 logger-1.min.js Show response
cdn.lr-in.com/ 768 KB
158 KB 80ms
49ms Script
text/javascript 2606:4700:3034::ac43:cefe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-in.com/logger-1.min.js

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:cefe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09abcca3dd1c39b64715e9897d8a3045e519f470bb38ef7f81153431a81f6060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79
x-cache: MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31556926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-hhn4053-HHN
last-modified: Fri, 25 Feb 2022 15:40:12 GMT
server: cloudflare
x-timer: S1645803673.467830,VS0,VE54
etag: W/"ea3ba88858fbb56db0796e1011342bc566ce40ff92393d8e3e0704c024098bf4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hk%2BZVaxualF%2FCFgYXOpT1gn8q%2Fypc1738ENVfVviA6A2oOIQ4ZZigwi%2Fu8drT9BcC059tTqjzTIRXpkrdXGEy%2Bn4kPx%2B%2FFR44yqUqrb00KeosujEcEllq71dIkVwP1FE6rqf%2FS6H2hhcIYsB"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 6e322164b83d9162-FRA
x-cache-hits: 0

GET
H2 200 9vTRwbu1YJYpxrM5ZYMkHD.json Show response
cdn.optimizely.com/datafiles/ 60 KB
9 KB 142ms
127ms XHR
application/json 2a02:26f0:1700:793::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/datafiles/9vTRwbu1YJYpxrM5ZYMkHD.json

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:793::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d64a3c39af16fe4249968d11d5e5a8d4af492a23acc5ad31c3ac3b7b4cd69823

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: .m_qCsmDVyWc5J4sO2TNJKUBfExSxt2r
content-encoding: gzip
etag: "7c15d9232f148b6e74b1a66a2823c768"
x-amz-request-id: 2DJKVS9EZ4JN9MCP
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 2409
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD, OPTIONS
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:1700:793::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-length: 7933
x-amz-id-2: 88K8Ll47PbC7YR6Q2rMhNXbf+QcmKp1ZO/xOl6ezEESoLKuUDIWCZ7E7L1vtBK/i1LOeaQUVSl4=
last-modified: Fri, 25 Feb 2022 01:00:16 GMT
server: AmazonS3
date: Fri, 25 Feb 2022 15:57:37 GMT
access-control-max-age: 604800
strict-transport-security: max-age=15768000
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length
cache-control: max-age=118
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/ 90 KB
25 KB 666ms
629ms Script
text/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/analytics.min.js
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4cb129a2bde6e8b12a010ccf32163e3d99eb370c1a5d0ce41d3449020bdadb95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: HfNFpxwPuLm3s_Oq62eMlFEWZNFlGPlw
content-encoding: br
etag: W/"cfee8c831b718abd9ee2195d55413372"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Sat, 29 Jan 2022 21:10:23 GMT
server: AmazonS3
date: Fri, 25 Feb 2022 15:57:38 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: Kvzsm0NUOeGT-CXmAB3AHZO8yUkowZWZf8x1_XjlM0rGzdjKeHXT5Q==

POST
H/1.1 200
OK / Show response
sentry.io/api/1374969/envelope/ 2 B
406 B 458ms
113ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1374969/envelope/?sentry_key=e39052abc6d140d39d4d3c9858aa2d82&sentry_version=7

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.truework.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 25 Feb 2022 15:57:37 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://app.truework.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 / Show response
app.truework.com/api/auth/csrf/ 2 B
597 B 119ms
119ms Fetch
application/json 3.20.210.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truework.com/api/auth/csrf/

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.20.210.95 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-210-95.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Language: de-DE,de;q=0.9
X-TW-LogRocket-ID: undefined
X-TW-Page-Request-ID: 8e3ab9fc-8aa2-4da7-afc8-7cfc6b6efb53
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept: application/json
Referer: https://app.truework.com/requester/new
TW-Tracking-Id
X-CSRFToken
X-LogRocket-URL

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 15:57:37 GMT
vary: Cookie, Origin
server: nginx
x-api-version: 4f49c624b4db165641daa36e2092eee6242ac329
x-frame-options: DENY
allow: OPTIONS, GET
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
referrer-policy: same-origin
content-length: 2
x-content-type-options: nosniff
truework-trace-id: 3iHg8IxJZ32w8T67E4KFEb
expires: 0

GET
H2 200 m-outer-21b66fa0c573e809345fe202113a4338.html Show response
js.stripe.com/v3/ Frame E0A5 240 B
526 B 6ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9a280ca12a2d4400a93d3a9faf5e18bb2f65091a76e4cfe41b78621baab826f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 15 Feb 2022 21:02:56 GMT
etag: "21b66fa0c573e809345fe202113a4338"
content-type: text/html; charset=utf-8
cache-control: max-age=31536000
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Fri, 25 Feb 2022 15:57:37 GMT
via: 1.1 varnish
age: 38
x-request-id: 0e123fcc-203c-4703-8a0f-ed272a1b0137
x-served-by: cache-hhn4062-HHN
x-cache: HIT
x-cache-hits: 25
vary: Accept-Encoding
timing-allow-origin: *
content-length: 140

GET
H2 200 02408aa8-e1cb-44df-84d5-6a362558e3c8 Show response
ekr.zdassets.com/compose/ 541 B
1 KB 206ms
181ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/02408aa8-e1cb-44df-84d5-6a362558e3c8

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

918ddc1a0b089413203bc4fb6164ea0ef6844276cda2f56a1d9692a517feebec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
x-request-id: 5a877cb9-808e-47cf-939d-c9a88e86ba19
x-runtime: 0.003014
server: cloudflare
etag: W/"918ddc1a0b089413203bc4fb6164ea0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZ1FADX2VLprlfDYV%2BdLery9AQxNL7OKU%2FD7biBS3luBQMJez%2BQyukRYOtfUHf6jpCl4mm2cGW0VZUMfE6itKuShJKvqUOOpiGN87NpbhIxaLhnWmEEgmPE7eU5XX%2BJcQko%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6e3221651c579a12-FRA

POST
H2 200 csp-report
q.stripe.com/ Frame E0A5 0
357 B 524ms
173ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: app.truework.com
URL: https://app.truework.com/requester/new
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 1
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 m-outer-5c4150bc004c99291dfd234a82c582e0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E0A5 1 KB
773 B 6ms
6ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-5c4150bc004c99291dfd234a82c582e0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 60
x-cache: HIT
content-length: 645
etag: "d0c7e21ec457b6a134a496f107c3ca93"
x-request-id: 9e87dda8-9204-4a43-afd3-4f3fce1f822b
x-served-by: cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 21:03:02 GMT
server: Fastly
date: Fri, 25 Feb 2022 15:57:37 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 97

GET
H2 200 inner.html Show response
m.stripe.network/ Frame D62F 932 B
1 KB 25ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-5c4150bc004c99291dfd234a82c582e0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: max-age=300, public
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Feb 2022 15:57:37 GMT
via: 1.1 varnish
age: 57
x-request-id: a44b2bde-8fe0-41c6-9bc1-fb0f5ecf0d87
x-served-by: cache-hhn4062-HHN
x-cache: HIT
x-cache-hits: 83
x-timer: S1645804657.474276,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 528

GET
BLOB 200
OK 589ac56d-144f-4707-955b-e6dd6e022094
https://app.truework.com/ 433 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.truework.com/589ac56d-144f-4707-955b-e6dd6e022094
Requested by: Host: app.truework.com
URL: https://app.truework.com/requester/new
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6021e97510e50b449f87b2399ffcdc1dfb5852a1f267c3a30e021b49015fabef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.truework.com/requester/new
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 443001

POST
H2 200 csp-report
q.stripe.com/ Frame D62F 0
130 B 473ms
174ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/new

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame D62F 85 KB
16 KB 7ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 15786
x-request-id: c2707086-e97a-40c8-85a6-8db325e98d4d
x-served-by: cache-hhn4062-HHN
server: Fastly
x-timer: S1645804658.507851,VS0,VE0
date: Fri, 25 Feb 2022 15:57:37 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 57

POST
H2 200 6 Show response
m.stripe.com/ Frame D62F 156 B
523 B 515ms
171ms XHR
application/json 54.184.201.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.184.201.63 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-184-201-63.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3ee1379b657a57d905579318011aa3e66b4268469b76b67c193e6d1078057f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 25 Feb 2022 15:57:38 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 is-authenticated Show response
app.truework.com/api/auth/ 27 B
347 B 118ms
117ms Fetch
application/json 3.20.210.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truework.com/api/auth/is-authenticated

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.20.210.95 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-210-95.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4d8a159b47d1f254ea6e4a392d3eee330ca0b0c1c5230ca3390bd46f5cb34dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Language: de-DE,de;q=0.9
X-TW-LogRocket-ID: 5-fa173fe1-351d-4279-9731-845e31af59b7/0
X-TW-Page-Request-ID: 8e3ab9fc-8aa2-4da7-afc8-7cfc6b6efb53
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept: application/json
Referer: https://app.truework.com/requester/new
TW-Tracking-Id
X-CSRFToken: OiIypeb3VXIfNfLMjp5V2tjsHwZWfzOLKMdUJq1j4RSvJH8pTnr5DWoDjBWvGBUU
X-LogRocket-URL

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 15:57:37 GMT
vary: Origin, Cookie
server: nginx
x-api-version: 4f49c624b4db165641daa36e2092eee6242ac329
x-frame-options: DENY
allow: OPTIONS, HEAD, GET
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
referrer-policy: same-origin
content-length: 27
x-content-type-options: nosniff
truework-trace-id: 1yOhiXqbBq5swDBBAuVvaz
expires: 0

GET
H2 200 web-widget-framework-997966966c6c84622001.js Show response
static.zdassets.com/web_widget/latest/ Frame FB30 212 KB
71 KB 30ms
30ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-997966966c6c84622001.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=02408aa8-e1cb-44df-84d5-6a362558e3c8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

866267b9a429f1cd04b39e7a0172593be6f6b7a53531dd5ccdce240c98532514

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54722
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: Y0HMF5Y3XRY481GE
x-amz-id-2: +uI6Cfm3a6pGLCbEfe136nuNvYQZqaPgeSAi4gLecY+Ix/XVqDqfkJhpU85hs+RGwy/kPcFIOug=
last-modified: Tue, 22 Feb 2022 02:46:15 GMT
server: cloudflare
etag: W/"34d309aa65f1766675575a0a8c2b50a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2E8MYQsMolz9zEaxEKMfbxTHJ%2FAzKED4Y1bDLwgmY3C9FiuiyTizI1wXKcZJAQfGe8F4I41Jp4yqZXJfWiXVnELTU4FJTLY9DwpY3TYJofxqBDhU%2BCdLTKpNeprba0bh4kTltwU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: NrMpHoTB7miIjVmRorL62uk7Cq2sCyEm
cf-ray: 6e3221665dd29969-FRA
expires: Wed, 22 Feb 2023 02:46:14 GMT

GET
H2 200 web-widget-chat-sdk-58987df92c8073e96c0f.js Show response
static.zdassets.com/web_widget/latest/ Frame FB30 203 KB
52 KB 24ms
24ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-chat-sdk-58987df92c8073e96c0f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=02408aa8-e1cb-44df-84d5-6a362558e3c8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6cd361fc4dd2ddf8db6c3ea7d3e8e62d38832bd9336e595aafa4abcd024b1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9812562
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: SRPDF78JQN9K987N
x-amz-id-2: PEl9lKzd3xQBnF8++H9gRI2BXBi3HU1KY8BrDImkmUw4yzZkDZUtI7aewa61A51qimgCchW7/2w=
last-modified: Wed, 03 Nov 2021 23:49:38 GMT
server: cloudflare
etag: W/"f4e9b6a21f729895e00473e7f3947ed7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MeixjjE5krzR8drs8bxkwpRcVjUEBFmcUMYG4VHXEFegVBbbJ%2BPQe%2Fe97Lau0Me4T3uV3ujRWauc65vaNhgAkOpBLOJA0Ru7HmaM8RJCscxmHjMId0qgz2wRaAmiBtOl%2F%2F98kHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: VCxuCJi40dVya7RnPTXVZ9S02BueApP5
cf-ray: 6e3221665dd39969-FRA
expires: Thu, 03 Nov 2022 23:49:37 GMT

GET
H2 200 config Show response
truework-contact.zendesk.com/embeddable/ Frame FB30 826 B
1 KB 161ms
132ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://truework-contact.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-997966966c6c84622001.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1975fedf293595384e480101ccd39e28c5319c51ee1a0d1431d7609c12a31d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
x-envoy-decorator-operation: embeddable.embeddable.svc.cluster.local:80/*
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-67777c6f94-hmp6x
x-envoy-upstream-service-time: 4
zendesk-api-version: 2022-01-01
access-control-allow-methods: GET
content-encoding: br
vary: Origin, Accept-Encoding
x-cached: MISS
x-request-id: 6e322166e83f9164-IAD
x-runtime: 0.001329
last-modified: Fri, 25 Feb 2022 01:37:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4um5LupCNIUgoZoFR5UUEYyqId5LXhTLmJgxIkpPABULMMUtLEsBKzoXQxITbyFNDa0ac3LJy6NPystzTiRpOFAKujZQFzE%2FjTikyTsu7D72ToAigpEC4yb4%2Bt%2BHe%2BhyI0mLvfpSN7x360P3tJo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6e322166e83f9164-FRA

POST
H2 200 / Show response
app.truework.com/api/trueflag/experiments/ 335 B
753 B 144ms
143ms Fetch
application/json 3.20.210.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truework.com/api/trueflag/experiments/

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.20.210.95 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-210-95.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

80d700a6af899a494af96e28edbeec8dda901b224d0903fedae40b4ab445c6a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Language: de-DE,de;q=0.9
X-TW-LogRocket-ID: 5-fa173fe1-351d-4279-9731-845e31af59b7/0
X-TW-Page-Request-ID: 8e3ab9fc-8aa2-4da7-afc8-7cfc6b6efb53
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://app.truework.com/requester/new
TW-Tracking-Id
X-CSRFToken: OiIypeb3VXIfNfLMjp5V2tjsHwZWfzOLKMdUJq1j4RSvJH8pTnr5DWoDjBWvGBUU
X-LogRocket-URL

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
x-content-type-options: nosniff
x-api-version: 4f49c624b4db165641daa36e2092eee6242ac329
allow: POST, OPTIONS
content-length: 335
pragma: no-cache
referrer-policy: same-origin
server: nginx
x-frame-options: DENY
vary: Origin, Cookie
content-type: application/json
access-control-allow-origin: https://app.truework.com
access-control-expose-headers: content-length
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
truework-trace-id: 65qRFT1KOh3fb73Gzhf96h
expires: 0

GET
H2 200 web-widget-39900-bad8471d2b7add37a93f.js Show response
static.zdassets.com/web_widget/latest/ Frame FB30 372 KB
114 KB 45ms
45ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-39900-bad8471d2b7add37a93f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-997966966c6c84622001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96591385347da42e5d589f3b5c307dbdca2da4cd12a78b46d01126526258ac81

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2734959
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: P7AN881A56HPF5NJ
x-amz-id-2: bYNrt8B0ncTBlG11rIJSKckCCpOR1h+Dz3FiWGLrz9LpYXnt1CkAwoyzp5SbeApSVLhDsf8P6RM=
last-modified: Mon, 24 Jan 2022 04:12:32 GMT
server: cloudflare
etag: W/"f529f07bc9a9b52c28c54dfb5ac3d537"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOtiUiJKiL7diUV%2FWkSwKipSpzXeKkEEwCnF%2FM4s1fbU1FQ5P0qRJApaEo2Q%2BduyfCdgbFnJJQUVDKse6zkGZVR4%2Be%2BfImMK08Xa7c6Zs85ns%2FstGLKW9O1sERBsqD%2FJLkquS6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: U.U8t2om1Wk2j0FJhlB2GZVi9MjPm65A
cf-ray: 6e322167c9399969-FRA
expires: Tue, 24 Jan 2023 04:12:31 GMT

GET
H2 200 web-widget-82496-589058dacc8ab84d7796.js Show response
static.zdassets.com/web_widget/latest/ Frame FB30 85 KB
23 KB 30ms
30ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-82496-589058dacc8ab84d7796.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-997966966c6c84622001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a80319212460370537c57e56631f448aff106ecf74ee7a92f15391fcd48def00

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53299
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: VZQTEHYQM13NHABE
x-amz-id-2: OkoOProDQSOxho5sTN2q6iNC6JKofPmQ4iAIkCDm+76Jw1K/N+uvWs8EmJ2jmlaKUhyxPQeVfYs=
last-modified: Thu, 24 Feb 2022 03:44:51 GMT
server: cloudflare
etag: W/"a578a65dad91fe91cb0130ffd39b46ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwKbXudvUm%2FfB%2FOP44G4BhjGKoETkEpmXABgpyBAvlI0k59RHwRQFT6Bn5oBSS5G7X%2Fufb9wtxgDUL6dJVgyXa92B9CR3uMVOKFy9vaqSJOxxEB%2BnqzN%2Biafi1C1iyEMd31EPrI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: VKOp2kTrvOwpfkWxUI1wv4fnUZkEHGW9
cf-ray: 6e322167c93f9969-FRA
expires: Fri, 24 Feb 2023 03:44:50 GMT

GET
H2 200 web_widget-686cc1a59efdf9f14753.js Show response
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame FB30 443 KB
98 KB 46ms
44ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-686cc1a59efdf9f14753.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-997966966c6c84622001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39389c70e26d248ec7c287a1505c1be49616cb62664f19d2ffea9982b901a7be

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 221999
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: ZWQ7Z9HFHMY12NNG
x-amz-id-2: ivZogHgezWru8IyMkBf1SEMtUMf5aWwgkruyKMCuVxCqEChQFSfEMCew9E9RO6asoD+4O86zS6I=
last-modified: Tue, 22 Feb 2022 02:42:56 GMT
server: cloudflare
etag: W/"4c5f4465d18a0edaa0f732a696656b2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LI%2BJlm4f7u2lqlfVLLLfwlPVFNZ%2BvPrfICa%2F7uPd6zPls76F%2FqPmo8fBuI6bSF9c2KaY%2FAPxZGBWF52YKDUEXkwx01RrC6Vwr8utoOXE03J9GeFbtQNnpGveQQ4eLs86SQMUZgY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: RErwJG54aEK6p24b3jwD1nU7VRKJjoAd
cf-ray: 6e322167c9429969-FRA
expires: Wed, 22 Feb 2023 02:42:55 GMT

GET
H2 200 truework.0.31eca719cc5db7d32220.js Show response
dgoidxrjgsomp.cloudfront.net/assets/js/ 842 KB
154 KB 27ms
26ms Script
application/javascript 2600:9000:2156:ac00:6:12a5:ec40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.0.31eca719cc5db7d32220.js
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:6:12a5:ec40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3d8ae1923e49a72eaf5fff0c8d11f74fa77114e29882c8e703295d9e1eb9799

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 21:33:12 GMT
server: AmazonS3
age: 29852
etag: W/"e39a0c0372eeb8995b66377a55dcc687"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: i13BrgqlDF2YhT_lKJy5N0q9zYdPb_AJ8-mSUm-yNcYExlQO0a08Yg==

GET
H2 200 3.truework.d488a845fb076377b090.css
dgoidxrjgsomp.cloudfront.net/assets/css/ 445 B
797 B 15ms
14ms Stylesheet
text/css 2600:9000:2156:ac00:6:12a5:ec40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgoidxrjgsomp.cloudfront.net/assets/css/3.truework.d488a845fb076377b090.css
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:6:12a5:ec40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a4f785d62a155af5d5663e799162c761b322ab778fb6678123875f7c0caa624

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 21:33:10 GMT
server: AmazonS3
age: 43327
etag: "af39c0c29908152f15fe91af493db635"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 445
x-amz-cf-id: Tb9BoDp6AFjCIDNE1QvIw7c24LtyXtB9_4urp3nYT18dBkeVaghq8g==

GET
H2 200 truework.3.4d89b8fcf2c41eb5bc91.js Show response
dgoidxrjgsomp.cloudfront.net/assets/js/ 621 KB
168 KB 31ms
30ms Script
application/javascript 2600:9000:2156:ac00:6:12a5:ec40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.3.4d89b8fcf2c41eb5bc91.js
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:6:12a5:ec40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20935a9dab57510e776ae8b8621076f7f8c98d6fb6d513cb8aa471585c78ffb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 21:33:12 GMT
server: AmazonS3
age: 29852
etag: W/"37ca3257e3cf4f7d61e8a72d123cd701"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: linHHaT0jfrc-Yqt9Cx-1gGwmPpejB6wjTZIAElu3KfsrhalEdh_bA==

GET
H2 200 truework.1.dfc9aa5995532c55c067.js Show response
dgoidxrjgsomp.cloudfront.net/assets/js/ 52 KB
12 KB 25ms
25ms Script
application/javascript 2600:9000:2156:ac00:6:12a5:ec40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.1.dfc9aa5995532c55c067.js
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:6:12a5:ec40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d34404eb0e1624fed1385aae12e1d52d23b2e1570e7ebc43e72f6c523018799c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:37 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 21:33:12 GMT
server: AmazonS3
age: 29852
etag: W/"7169ff33dba2fd60c94c272e26d287c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: lP7b6yy2ZYFhJrE0qvl5z_Vsg5czHl6hqZ9ZWhEmOltT0_Mz-jXFoA==

GET
H2 200 truework.5.9533ecc2fec111197405.js Show response
dgoidxrjgsomp.cloudfront.net/assets/js/ 961 KB
207 KB 11ms
11ms Script
application/javascript 2600:9000:2156:ac00:6:12a5:ec40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.5.9533ecc2fec111197405.js
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:6:12a5:ec40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7e17d5ea847427d555e88a83ff56745fea1d5a6a0dd8d43270d2840fa816ad7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:49:11 GMT
content-encoding: gzip
last-modified: Tue, 22 Feb 2022 18:24:08 GMT
server: AmazonS3
age: 76107
etag: W/"90c8aef79266756e6e213047d60d0450"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: O6ck4kn22h-FrmY5SQKGxDmkSeOUzEVdYyEqUksNu1HA_DM1QoIiCQ==

GET
H/1.1 200
OK delighted.js Show response
d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/WEDNdoDF0ZWfbhEj/ 91 KB
28 KB 457ms
429ms Script
text/javascript 143.204.101.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/WEDNdoDF0ZWfbhEj/delighted.js

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/new

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-83.fra50.r.cloudfront.net

Software

Resource Hash

0856cdfe1d24352790c2d47ad667bcba8fef5736ccfee6aa779d36d25d08b8bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 25 Feb 2022 15:57:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA50-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Request-Id: b6f26c4392587c09679f36569eea569f
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.049836
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
Cache-Control: max-age=120, public
X-Amz-Cf-Id: Bb5FxqQJBW0XzbcULbD2zvDq_c40JqqiTHq0RqX3kRF9G7q0vfBWRw==

GET
H/1.1 200
OK delightedCsat.js Show response
d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/8OUbyxY7uJGpZTp6/ 89 KB
28 KB 451ms
423ms Script
text/javascript 143.204.101.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/8OUbyxY7uJGpZTp6/delightedCsat.js

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/new

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-83.fra50.r.cloudfront.net

Software

Resource Hash

86716e4ccd373cdb104f2bd4752292a1b1cde162b3d7bc057166851cda58e140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 25 Feb 2022 15:57:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA50-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Request-Id: bd4406303e4267fa682020252cbe1296
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.042713
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
Cache-Control: max-age=120, public
X-Amz-Cf-Id: llgoveCtmv5WnkxXOvoL8JcMYMo9xPxWIK3lHIG3nCmH8O4a9xc39Q==

GET
H/1.1 200
OK delightedCsat2.js Show response
d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/09Bnn89MeKVQ9Osk/ 89 KB
28 KB 544ms
516ms Script
text/javascript 143.204.101.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/09Bnn89MeKVQ9Osk/delightedCsat2.js

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/new

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-83.fra50.r.cloudfront.net

Software

Resource Hash

2baaf7df1a827fe821a061a4c51902f4e92296c92f91b8ed1b94298457c103bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 25 Feb 2022 15:57:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA50-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Request-Id: d480227aa63679084abab75df7024008
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.130120
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
Cache-Control: max-age=120, public
X-Amz-Cf-Id: MvZHNVnThvEPeSwbzL1iXuDbczBQ-CVhVO16K2q5z3o7jESJiYosEA==

GET
H2 200 logo.svg
app.truework.com/assets/images/ 1 KB
2 KB 109ms
108ms Image
image/svg+xml 3.20.210.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truework.com/assets/images/logo.svg

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/signup

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.20.210.95 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-210-95.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b4adf4d6ac73d474c6a49c40a8989a9174524af20e8e578204dc27df6af764e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://encompassloconnect.com https://.encompassloconnect.com https://ellieservices.com https://.ellieservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.truework.com/requester/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:38 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-length: 1450
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Feb 2022 18:17:52 GMT
server: nginx
x-frame-options: sameorigin
etag: "621528d0-5aa"
x-download-options: noopen
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
cache-control: max-age=31536000, public
content-security-policy: frame-ancestors 'self' https://encompassloconnect.com https://*.encompassloconnect.com https://ellieservices.com https://*.ellieservices.com;
accept-ranges: bytes
content-security-policy-report-only: report-uri https://sentry.io/api/285406/security/?sentry_key=4838404aafea4aa3a71968579571e131 ; default-src 'self' data: https: wss: ; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: wss: ; style-src 'self' 'unsafe-inline' https: ; img-src 'self' data: blob: https: ; font-src 'self' data: https: ; connect-src 'self' https: wss: ; child-src 'self' blob: ; frame-src 'self' https: ; worker-src 'self' blob:
expires: Sat, 25 Feb 2023 15:57:38 GMT

GET
H2 200 verifier-type-bank.png
app.truework.com/assets/images/icons/ 4 KB
5 KB 109ms
108ms Image
image/png 3.20.210.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truework.com/assets/images/icons/verifier-type-bank.png

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/signup

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.20.210.95 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-210-95.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

90c8cf5fb5014c09a37468d89d43a17c41bb8a1992184649298ca65dcc0edcbc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://encompassloconnect.com https://.encompassloconnect.com https://ellieservices.com https://.ellieservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.truework.com/requester/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:38 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-length: 4293
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Feb 2022 18:17:52 GMT
server: nginx
x-frame-options: sameorigin
etag: "621528d0-10c5"
x-download-options: noopen
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=31536000, public
content-security-policy: frame-ancestors 'self' https://encompassloconnect.com https://*.encompassloconnect.com https://ellieservices.com https://*.ellieservices.com;
accept-ranges: bytes
content-security-policy-report-only: report-uri https://sentry.io/api/285406/security/?sentry_key=4838404aafea4aa3a71968579571e131 ; default-src 'self' data: https: wss: ; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: wss: ; style-src 'self' 'unsafe-inline' https: ; img-src 'self' data: blob: https: ; font-src 'self' data: https: ; connect-src 'self' https: wss: ; child-src 'self' blob: ; frame-src 'self' https: ; worker-src 'self' blob:
expires: Sat, 25 Feb 2023 15:57:38 GMT

GET
H2 200 verifier-type-background.png
app.truework.com/assets/images/icons/ 5 KB
5 KB 108ms
107ms Image
image/png 3.20.210.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truework.com/assets/images/icons/verifier-type-background.png

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/signup

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.20.210.95 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-210-95.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d0052ee4884b0a33f2f70ced5442bda5cbc5b51435c172681e2ccd36c0425904

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://encompassloconnect.com https://.encompassloconnect.com https://ellieservices.com https://.ellieservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.truework.com/requester/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:38 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-length: 4650
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Feb 2022 18:17:52 GMT
server: nginx
x-frame-options: sameorigin
etag: "621528d0-122a"
x-download-options: noopen
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=31536000, public
content-security-policy: frame-ancestors 'self' https://encompassloconnect.com https://*.encompassloconnect.com https://ellieservices.com https://*.ellieservices.com;
accept-ranges: bytes
content-security-policy-report-only: report-uri https://sentry.io/api/285406/security/?sentry_key=4838404aafea4aa3a71968579571e131 ; default-src 'self' data: https: wss: ; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: wss: ; style-src 'self' 'unsafe-inline' https: ; img-src 'self' data: blob: https: ; font-src 'self' data: https: ; connect-src 'self' https: wss: ; child-src 'self' blob: ; frame-src 'self' https: ; worker-src 'self' blob:
expires: Sat, 25 Feb 2023 15:57:38 GMT

GET
H2 200 verifier-type-tenant.png
app.truework.com/assets/images/icons/ 4 KB
5 KB 109ms
109ms Image
image/png 3.20.210.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truework.com/assets/images/icons/verifier-type-tenant.png

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/signup

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.20.210.95 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-210-95.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

fddf1f617bae640396d44eb944ad4557934174b4b3a5e4cffe9b9fb75a80bc71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://encompassloconnect.com https://.encompassloconnect.com https://ellieservices.com https://.ellieservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.truework.com/requester/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:38 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-length: 4481
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Feb 2022 18:17:52 GMT
server: nginx
x-frame-options: sameorigin
etag: "621528d0-1181"
x-download-options: noopen
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=31536000, public
content-security-policy: frame-ancestors 'self' https://encompassloconnect.com https://*.encompassloconnect.com https://ellieservices.com https://*.ellieservices.com;
accept-ranges: bytes
content-security-policy-report-only: report-uri https://sentry.io/api/285406/security/?sentry_key=4838404aafea4aa3a71968579571e131 ; default-src 'self' data: https: wss: ; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: wss: ; style-src 'self' 'unsafe-inline' https: ; img-src 'self' data: blob: https: ; font-src 'self' data: https: ; connect-src 'self' https: wss: ; child-src 'self' blob: ; frame-src 'self' https: ; worker-src 'self' blob:
expires: Sat, 25 Feb 2023 15:57:38 GMT

GET
H2 200 controller-2ec31373c3f7d381bab1052895baf659.html Show response
js.stripe.com/v3/ Frame 1DB3 349 B
643 B 6ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-2ec31373c3f7d381bab1052895baf659.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bf0bcaeb1a927cb0e258cf372c69276012ffe6415debc9b3400d54cf6b4708e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Thu, 24 Feb 2022 21:06:44 GMT
etag: "2ec31373c3f7d381bab1052895baf659"
cache-control: max-age=60
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Fri, 25 Feb 2022 15:57:38 GMT
via: 1.1 varnish
age: 42
x-request-id: fe6fa567-2d84-4ed4-b159-ecbec06ba5f6
x-served-by: cache-hhn4062-HHN
x-cache: HIT
x-cache-hits: 19
vary: Accept-Encoding
timing-allow-origin: *
content-length: 166

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 176ms
94ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono:400,700|Roboto:400,400i,500,700,700i,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.truework.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 12:42:18 GMT
x-content-type-options: nosniff
age: 530120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 19 Feb 2023 12:42:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 131ms
50ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono:400,700|Roboto:400,400i,500,700,700i,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.truework.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 210260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 05:33:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 163ms
82ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono:400,700|Roboto:400,400i,500,700,700i,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.truework.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 244183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 20:07:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 120ms
39ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono:400,700|Roboto:400,400i,500,700,700i,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.truework.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 248269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 18:59:49 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 1DB3 0
356 B 173ms
172ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: app.truework.com
URL: https://app.truework.com/requester/new
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 25 Feb 2022 15:57:38 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 embeddable_blip Show response
truework-contact.zendesk.com/ Frame FB30 0
507 B 125ms
125ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://truework-contact.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTguMC40NzU4LjgwIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiIwZTFhZDdkNDZmYTc0MzU4YTc2NzMwMjUzZDZiMWYyYyIsInN1aWQiOiI4ZGM1NjIzMzVmMzg0NzMyYWNiYmI4ZTQ3YTJhY2E4NiIsInZlcnNpb24iOiIyYWRkOTkyIiwidGltZXN0YW1wIjoiMjAyMi0wMi0yNVQxNTo1NzozOC4yMzZaIiwidXJsIjoiaHR0cHM6Ly9hcHAudHJ1ZXdvcmsuY29tL3JlcXVlc3Rlci9zaWdudXAifQ%3D%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-997966966c6c84622001.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: 73290743e3b6ed4bae8c6123826205a1
last-modified: Fri, 25 Feb 2022 15:57:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZaaacd%2BO8StMFz99Qj508J09dDdFR%2Fb6HUgHZ8e%2FmA%2BT9uEp0%2FctARHDvS%2BQTW6GKu7Rar0PXmg8xEItdRnP2A4%2FSn2%2BX916nnrohypfheKz2KaeTfPbZzgv%2BxNerynJ3yaI5Hoo4QWe1XSnbo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.truework.com
accept-ranges: bytes
cf-ray: 6e32216a0ffe9164-FRA

GET
H2 200 embeddable_blip Show response
truework-contact.zendesk.com/ Frame FB30 0
291 B 142ms
141ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://truework-contact.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiYXV0aGVudGljYXRlIjp7ImhlbHBDZW50ZXIiOmZhbHNlLCJjaGF0Ijp0cnVlfX19LCJidWlkIjoiMGUxYWQ3ZDQ2ZmE3NDM1OGE3NjczMDI1M2Q2YjFmMmMiLCJzdWlkIjoiOGRjNTYyMzM1ZjM4NDczMmFjYmJiOGU0N2EyYWNhODYiLCJ2ZXJzaW9uIjoiMmFkZDk5MiIsInRpbWVzdGFtcCI6IjIwMjItMDItMjVUMTU6NTc6MzguMjQ1WiIsInVybCI6Imh0dHBzOi8vYXBwLnRydWV3b3JrLmNvbS9yZXF1ZXN0ZXIvc2lnbnVwIn0%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-997966966c6c84622001.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: 8f40f5467b6fb4eb90ab78786c280ea3
last-modified: Fri, 25 Feb 2022 15:57:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLoqQFksjHTPySv0nVDJRxTtLzDsqg7boLxLcKIQXeORs4skXimoeLTjMwdZz0jMxPgM3hfSLeuLEnHzg2X8gx7%2BtCVla1wMN4Gkaido1w6XN%2FwyFBHQ3wS5TcFPMiCvd4F0eDA2kVaZkhWfDN8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.truework.com
accept-ranges: bytes
cf-ray: 6e32216a184d9164-FRA

GET
H2 200 de-de-json-bcd322e9e665e87b10c7.js Show response
static.zdassets.com/web_widget/latest/web-widget-locales/classic/ Frame FB30 28 KB
7 KB 68ms
68ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-locales/classic/de-de-json-bcd322e9e665e87b10c7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-997966966c6c84622001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9dfd1406f8ccc1b99462a6ca3bb04ea703bb0a1a283edfb82f6d42495f93950

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 396570
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: QD3A4P6SF4NYCHST
x-amz-id-2: esnxHpb/eV1O6o7rtueFgw5j/rpPMqFWUllVWZyM0W2cMqos1AxPMQ6/MfgYw++1wJTxW9OkTls=
last-modified: Fri, 18 Feb 2022 03:08:02 GMT
server: cloudflare
etag: W/"97bae500fd09e3cf0e2729e82e00d61b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxYakKiK4oBjlsC8gLBtbPUMxiYWr4QB4yfhJ%2FF4o345f5IT%2FzEwXlQM4PO%2BkegOB%2F6xdDU2vbyvwPODQH7x8nKNm%2F9rR33VE7keFiq%2BUnwwWqug%2Bh%2F4kvXHwCpDgK74wBk%2B9dM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: FZo3Sl.U._he75fQGzrQrNdMBLfdjU1W
cf-ray: 6e32216a0e8b9969-FRA
expires: Sat, 18 Feb 2023 03:08:01 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/ 5 KB
2 KB 30ms
11ms XHR
application/json 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/settings
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74fdfd076ef04c06fdd06c93a64a8f82db0eea1d8477ec4f4ff6d47142437e71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: Rf9wTNZNgdD5O9oD1NyE50VWb.cfgziE
content-encoding: gzip
etag: W/"682f1965d28d865c63e71c03bd744e36"
age: 7871
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 23 Feb 2022 02:59:06 GMT
server: AmazonS3
date: Fri, 25 Feb 2022 13:46:28 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: public, max-age=10800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tCdjv5M8Wt8jqqPhrxuf38TWwfsgLa4oqQ0K_3Bj0-shk22QmxRyfA==

GET
H2 200 shared-250240f2df10b972468b40af0fabbed6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1DB3 205 KB
50 KB 8ms
7ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-250240f2df10b972468b40af0fabbed6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-2ec31373c3f7d381bab1052895baf659.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8cd3910cc7c7fffe8bb707fdcbd953805d60b094a5341b8285ae90f27369d36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-2ec31373c3f7d381bab1052895baf659.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 59
x-cache: HIT
content-length: 51411
etag: "a49d873f84376372729901547e0f3cde"
x-request-id: 39a37a4e-f2e2-43ca-a358-3a9cd0256fc2
x-served-by: cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Thu, 24 Feb 2022 21:06:28 GMT
server: Fastly
date: Fri, 25 Feb 2022 15:57:38 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23

GET
H2 200 controller-3a7a135c11df1c5b2d0f33c24c5189bf.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1DB3 326 KB
82 KB 10ms
10ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-3a7a135c11df1c5b2d0f33c24c5189bf.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-2ec31373c3f7d381bab1052895baf659.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

733d51672ac7128565cd558dbf7e2032dce7974b2e1a6ce49eb48c9536422b23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-2ec31373c3f7d381bab1052895baf659.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 27
x-cache: HIT
content-length: 84150
etag: "1c35edab7b8558e90648b3ccb786f46e"
x-request-id: 6fbf22e3-8e61-4f4a-bff3-2b38f14b5a13
x-served-by: cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Thu, 24 Feb 2022 21:06:26 GMT
server: Fastly
date: Fri, 25 Feb 2022 15:57:38 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DB3 0
127 B 178ms
173ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-250240f2df10b972468b40af0fabbed6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 25 Feb 2022 15:57:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 130.bundle.55742ac9337d9e12bdd6.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
4 KB 7ms
7ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/130.bundle.55742ac9337d9e12bdd6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98cfbc4941d976520dde0a548b87b499e1c0454f9bc38aeb581b9e13b1e219a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 09:02:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 197726
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 27 Jan 2022 02:16:23 GMT
server: AmazonS3
etag: W/"c32e07e36ae390e42c9cea85fcb9bb33"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: VKVsKzNc1NO8D.MHUcd6CKijl4NZylbH
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: RoZIO1AzdqSyV7dArEJDvrELxglGSQ4rQmWpKMGitTRixAiEPqKx3Q==

GET
H2 200 ajs-destination.bundle.36b90a11867ae217be52.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
3 KB 8ms
8ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.36b90a11867ae217be52.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4397a57f8357b3b0371c6df32a62b87eaa43218c42fa538fb34980bfb0b20a78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 09:02:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 197726
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 27 Jan 2022 02:16:23 GMT
server: AmazonS3
etag: W/"605f393e8c3fbadf09528d469743232e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: RMT_ovk8rkQR6jUV0N9OhWvf_tqBgrUv
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: tHzgbWp_GfNAOWEG5rFvcxWltjT5NwnOgaXXNkYjRwY7_w_YgtU8FA==

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DB3 0
127 B 195ms
195ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-250240f2df10b972468b40af0fabbed6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 25 Feb 2022 15:57:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DB3 0
127 B 171ms
171ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-250240f2df10b972468b40af0fabbed6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 25 Feb 2022 15:57:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DB3 0
127 B 171ms
171ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-250240f2df10b972468b40af0fabbed6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 25 Feb 2022 15:57:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DB3 0
127 B 194ms
194ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-250240f2df10b972468b40af0fabbed6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 25 Feb 2022 15:57:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DB3 0
127 B 198ms
198ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-250240f2df10b972468b40af0fabbed6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 25 Feb 2022 15:57:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DB3 0
127 B 197ms
197ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-250240f2df10b972468b40af0fabbed6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 25 Feb 2022 15:57:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DB3 0
127 B 197ms
197ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-250240f2df10b972468b40af0fabbed6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 25 Feb 2022 15:57:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DB3 0
127 B 197ms
197ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-250240f2df10b972468b40af0fabbed6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 25 Feb 2022 15:57:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 embeddable_blip Show response
truework-contact.zendesk.com/ Frame FB30 0
437 B 2018ms
2018ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://truework-contact.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9hcHAudHJ1ZXdvcmsuY29tL3JlcXVlc3Rlci9uZXciLCJ0aW1lIjoxMjAsImxvYWRUaW1lIjozNy4xMDAwMDAzODE0Njk3MywibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IlRydWV3b3JrIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk4LjAuNDc1OC44MCBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOnRydWUsInZpZXdwb3J0TWV0YSI6IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZX0sImJ1aWQiOiIwZTFhZDdkNDZmYTc0MzU4YTc2NzMwMjUzZDZiMWYyYyIsInN1aWQiOiI4ZGM1NjIzMzVmMzg0NzMyYWNiYmI4ZTQ3YTJhY2E4NiIsInZlcnNpb24iOiIyYWRkOTkyIiwidGltZXN0YW1wIjoiMjAyMi0wMi0yNVQxNTo1NzozOC4zNTdaIiwidXJsIjoiaHR0cHM6Ly9hcHAudHJ1ZXdvcmsuY29tL3JlcXVlc3Rlci9zaWdudXAifQ%3D%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-997966966c6c84622001.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:40 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: b85086fa2ca363c2d0dea9948dd98101
last-modified: Fri, 25 Feb 2022 15:57:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0UcgHlOvJTc12S5XvU89BPBIWSlo3rYc5PyPIkqxYcnfTh5rKyIC9oNt9QcdL8fnVfCK0KB0uzPKOjWzuVI1u01N17WPosJNxmjvVa0qAi7E5jSNtJe%2BRPG8R5eZVkYpIhx7bDj18FqYcFgjl8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.truework.com
accept-ranges: bytes
cf-ray: 6e32216ac9f59164-FRA

GET
H2 200 zendesk-chat-jwt Show response
app.truework.com/api/user/ 26 B
346 B 116ms
116ms Fetch
application/json 3.20.210.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truework.com/api/user/zendesk-chat-jwt

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.20.210.95 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-210-95.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5815bb3d751f593285071793f3fd335a082ba6b82b3ceae2b6f8cc912c5846d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.truework.com/requester/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 15:57:38 GMT
vary: Origin, Cookie
server: nginx
x-api-version: 4f49c624b4db165641daa36e2092eee6242ac329
x-frame-options: DENY
allow: OPTIONS, GET, HEAD
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
referrer-policy: same-origin
content-length: 26
x-content-type-options: nosniff
truework-trace-id: 2PZ0RevGdcNydpbilEWJcE
expires: 0

GET
H2 200 schemaFilter.bundle.b2bf2b63b07c356b1232.js Show response
cdn.segment.com/analytics-next/bundles/ 1 KB
1 KB 7ms
7ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.b2bf2b63b07c356b1232.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 661b70adb190f9cb3a093173d2e9663a186c2ab4a89c565a4e5fa286db881fab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 09:02:14 GMT
content-encoding: br
vary: Accept-Encoding
age: 197724
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 18:41:08 GMT
server: AmazonS3
etag: W/"6072fc38e45abaf1a789df4a46438bf9"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: tLX2JDgjNNfXuothhLGfdaHV4R4f6kRm
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: LAoyUvNOJ7G3HiMHsVxuGINlFZwQ3qeV01Sh-jQpTaGKoQtZeW9tVw==

GET
H2 200 google-adwords-new.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-adwords-new/1.2.1/ 4 KB
2 KB 7ms
7ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-adwords-new/1.2.1/google-adwords-new.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c861edac7f4f16c26218d1901867f8d51a57d66c4bdf98a2328e6aa064c3ba8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:23:49 GMT
content-encoding: gzip
age: 1460030
x-cache: Hit from cloudfront
content-length: 1637
access-control-allow-origin: *
last-modified: Thu, 27 Jan 2022 00:21:28 GMT
server: AmazonS3
etag: "42d5be27ccbd8a0a8aafd8ba7a7470c7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: c2aKrcyKLSnIp96mX5K1OzrLZKHc.IN8
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 8B-apfJu3Hni-d7RfueMvHuywyI1xp0vFh0yMdz9yBhAFSOrmrsogw==

GET
H2 200 google-tag-manager.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 3 KB
2 KB 8ms
8ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61e30021b4f5466e1a6c9d4599b100c1e72f4c6162dc3d656bc3ed7dae00bb89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 12:09:49 GMT
content-encoding: gzip
age: 186470
x-cache: Hit from cloudfront
content-length: 1344
access-control-allow-origin: *
last-modified: Wed, 09 Feb 2022 22:20:43 GMT
server: AmazonS3
etag: "e0f5b8ec276a05ac7b57aac9ddb79cdc"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: rSui9syxDLnx4z1L1GHW72lzqpWTcWve
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: Vcga3ROij9uUKbww-dGF5sxNlAZQ7fxOyhBJvpp6_Dm307J9TX4oQg==

GET
H2 200 optimizely.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/optimizely/3.5.1/ 7 KB
3 KB 8ms
8ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/optimizely/3.5.1/optimizely.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06c1b912a045ceecc0306bca9f850b1f84da7055b23f600f676380ca5c65f5af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 01:01:37 GMT
content-encoding: gzip
age: 7311362
x-cache: Hit from cloudfront
content-length: 2589
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 18:20:55 GMT
server: AmazonS3
etag: "bce66c5cef339016953be37205d6146b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: PU4f2r_IxXyzmKjhHp9a7FuIMwEAT6Ht
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: _ZWxmhemf5J9CRSnMWuh2tGuP6mmiaaurkIarQWKBE3hJhuRRHazvQ==

GET
H2 200 commons.54701049fd6fb8497e9e.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 8ms
7ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 23:33:35 GMT
content-encoding: gzip
age: 145444
x-cache: Hit from cloudfront
content-length: 22174
access-control-allow-origin: *
last-modified: Wed, 23 Feb 2022 17:32:03 GMT
server: AmazonS3
etag: "7741fd16ad2418cd17ab981f8207b106"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: Pj3X8Fbrv40NLXjm_E2ztjgrgv8.adrA
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 4L0P-GcHNNymRDr81BUPW-nfJwsIAtr6jgc8lVaPHeCKXu5gXPZRkA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 201ms
116ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-823916003

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

929265d1809e7ea1bb8484af2317828c9bd46d165d67fe6c2a559e90473402d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40914
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Feb 2022 15:57:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 119 KB
45 KB 149ms
64ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-58NTJP3&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c4dfff7d520cf2078831d24177b87c370c8c1848f5a386e06fedbf23899ea82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45425
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Feb 2022 15:57:38 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
142 B 514ms
169ms Fetch
application/json 44.235.139.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.235.139.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-139-224.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://app.truework.com
date: Fri, 25 Feb 2022 15:57:38 GMT
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
143 B 511ms
168ms Fetch
application/json 44.235.139.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.235.139.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-139-224.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://app.truework.com
date: Fri, 25 Feb 2022 15:57:38 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 158ms
58ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-823916003

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 15:57:38 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/823916003/ 2 KB
2 KB 135ms
49ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/823916003/?random=1645804658850&cv=9&fst=1645804658850&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2n0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp.truework.com%2Frequester%2Fsignup&tiba=Truework&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a54114068598bbb6d117116118d92651582b230c4a7b6e69df64146feb65cfbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 15:57:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1028
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/823916003/ 42 B
548 B 136ms
51ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/823916003/?random=1645804658850&cv=9&fst=1645801200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2n0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp.truework.com%2Frequester%2Fsignup&tiba=Truework&async=1&fmt=3&is_vtc=1&random=3869605635&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 15:57:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/823916003/ 42 B
548 B 141ms
53ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/823916003/?random=1645804658850&cv=9&fst=1645801200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2n0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp.truework.com%2Frequester%2Fsignup&tiba=Truework&async=1&fmt=3&is_vtc=1&random=3869605635&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: app.truework.com
URL: https://app.truework.com/requester/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 15:57:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DB3 0
127 B 173ms
172ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-250240f2df10b972468b40af0fabbed6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 25 Feb 2022 15:57:39 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 201 i Show response
r.lr-in.com/ 17 KB
17 KB 688ms
433ms XHR
application/json 104.198.23.205
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-in.com/i?a=mb6w3n%2Ftruework&r=5-fa173fe1-351d-4279-9731-845e31af59b7&t=ac2bac1d-edd2-4e0f-8dcc-96f7e9445c38&s=0&rs=0%2Cu

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.cace8ac81c7d28c6283e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

nginx/1.17.8 / Express

Resource Hash

4680cacffd82cea5bd9fde921e3849f82624671d4714d3049379b58ac5e4ec7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 15:57:41 GMT
etag: W/"4206-rSWkBWGcV890C1gKCFcRs2EbHMQ"
server: nginx/1.17.8
x-powered-by: Express
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret
content-length: 16902

POST
H2 200 6 Show response
m.stripe.com/ Frame D62F 156 B
522 B 173ms
173ms XHR
application/json 54.184.201.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.184.201.63 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-184-201-63.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3ee1379b657a57d905579318011aa3e66b4268469b76b67c193e6d1078057f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 25 Feb 2022 15:57:42 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.truework.com/	1970-01-20 01:10:05	Name: _dd_s Value: logs=1&id=473ad503-ea01-40bd-9dfb-f2e13fe0f64e&created=1645804657379&expire=1645805557379
app.truework.com/	1970-01-20 01:11:31	Name: _lr_tabs_-mb6w3n%2Ftruework Value: {%22sessionID%22:0%2C%22recordingID%22:%225-fa173fe1-351d-4279-9731-845e31af59b7%22%2C%22lastActivity%22:1645804657478}
app.truework.com/	1970-01-20 01:11:31	Name: _lr_hb_-mb6w3n%2Ftruework Value: {%22heartbeat%22:1645804657479}
app.truework.com/	1969-12-31 23:59:59	Name: _lr_uf_-mb6w3n Value: 3093ef47-1e0f-49e3-9b43-5029c044378b
.truework.com/	1970-01-20 09:54:14	Name: csrf_token Value: OiIypeb3VXIfNfLMjp5V2tjsHwZWfzOLKMdUJq1j4RSvJH8pTnr5DWoDjBWvGBUU
.truework.com/	1970-02-13 21:41:28	Name: tw_device_id Value: 2d90ef4c-7dbf-426b-b3e5-2f5d15a09eee
m.stripe.com/	1970-01-20 18:41:16	Name: m Value: 15c42d68-f0ab-42ab-aa95-6ffb39eec1ad11f8fb
.app.truework.com/	1970-01-20 09:55:40	Name: __stripe_mid Value: b564dc50-ab4e-41a8-851e-96d21c9304827b2edf
.app.truework.com/	1970-01-20 01:10:06	Name: __stripe_sid Value: 4c4079c7-f7a5-4691-94ce-f07b6e01a19469f661
.truework.com/	1970-01-20 03:19:40	Name: _gcl_au Value: 1.1.1198658863.1645804659
.truework.com/	1970-01-20 09:55:40	Name: ajs_anonymous_id Value: 2d90ef4c-7dbf-426b-b3e5-2f5d15a09eee
.doubleclick.net/	1970-01-20 01:10:05	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://encompassloconnect.com https://.encompassloconnect.com https://ellieservices.com https://.ellieservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
app.truework.com
cdn.lr-in.com
cdn.optimizely.com
cdn.segment.com
d2yyd1h5u9mauk.cloudfront.net
dgoidxrjgsomp.cloudfront.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
r.lr-in.com
r.stripe.com
sentry.io
static.zdassets.com
truework-contact.zendesk.com
unpkg.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.16.51.111
104.18.70.113
104.18.72.113
104.198.23.205
143.204.101.83
143.204.103.41
151.101.192.176
172.217.23.98
2600:9000:2156:ac00:6:12a5:ec40:93a1
2606:4700:3034::ac43:cefe
2606:4700::6810:7eaf
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:830::200a
2a02:26f0:1700:793::13b8
3.20.210.95
35.188.42.15
44.235.139.224
54.184.201.63
54.187.159.182
06c1b912a045ceecc0306bca9f850b1f84da7055b23f600f676380ca5c65f5af
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0856cdfe1d24352790c2d47ad667bcba8fef5736ccfee6aa779d36d25d08b8bc
09abcca3dd1c39b64715e9897d8a3045e519f470bb38ef7f81153431a81f6060
0c861edac7f4f16c26218d1901867f8d51a57d66c4bdf98a2328e6aa064c3ba8
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1975fedf293595384e480101ccd39e28c5319c51ee1a0d1431d7609c12a31d29
1e28771832b71bbe80674b23765364b9d6b5b3e77815b68fa0ea131ffe0ec674
20935a9dab57510e776ae8b8621076f7f8c98d6fb6d513cb8aa471585c78ffb0
2baaf7df1a827fe821a061a4c51902f4e92296c92f91b8ed1b94298457c103bf
2bfc7a47ee64561d31ebfb4738836853a3d4613c9814003781b79d29efab47bb
39389c70e26d248ec7c287a1505c1be49616cb62664f19d2ffea9982b901a7be
3ee1379b657a57d905579318011aa3e66b4268469b76b67c193e6d1078057f91
402efb545aa98ac51065adbf0216c28821313f7f9fba11915ad981805672071a
4397a57f8357b3b0371c6df32a62b87eaa43218c42fa538fb34980bfb0b20a78
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4680cacffd82cea5bd9fde921e3849f82624671d4714d3049379b58ac5e4ec7f
4cb129a2bde6e8b12a010ccf32163e3d99eb370c1a5d0ce41d3449020bdadb95
4d8a159b47d1f254ea6e4a392d3eee330ca0b0c1c5230ca3390bd46f5cb34dca
4eb3d539dd1a33f6b36a83cebe63c9bae149933824859089389bd8b24865768c
550604f0d5d63a2581ef677ea43a1d0b7f094ad8dc0a5291f7d8af0a05e566c3
5815bb3d751f593285071793f3fd335a082ba6b82b3ceae2b6f8cc912c5846d0
6021e97510e50b449f87b2399ffcdc1dfb5852a1f267c3a30e021b49015fabef
61e30021b4f5466e1a6c9d4599b100c1e72f4c6162dc3d656bc3ed7dae00bb89
661b70adb190f9cb3a093173d2e9663a186c2ab4a89c565a4e5fa286db881fab
66a5e6a1f28b7a52a74a0921575607b60061d4511954d8ffb6f728673f94c854
733d51672ac7128565cd558dbf7e2032dce7974b2e1a6ce49eb48c9536422b23
74fdfd076ef04c06fdd06c93a64a8f82db0eea1d8477ec4f4ff6d47142437e71
7c4dfff7d520cf2078831d24177b87c370c8c1848f5a386e06fedbf23899ea82
80d700a6af899a494af96e28edbeec8dda901b224d0903fedae40b4ab445c6a0
866267b9a429f1cd04b39e7a0172593be6f6b7a53531dd5ccdce240c98532514
86716e4ccd373cdb104f2bd4752292a1b1cde162b3d7bc057166851cda58e140
8a4f785d62a155af5d5663e799162c761b322ab778fb6678123875f7c0caa624
8cd3910cc7c7fffe8bb707fdcbd953805d60b094a5341b8285ae90f27369d36c
90c8cf5fb5014c09a37468d89d43a17c41bb8a1992184649298ca65dcc0edcbc
918ddc1a0b089413203bc4fb6164ea0ef6844276cda2f56a1d9692a517feebec
929265d1809e7ea1bb8484af2317828c9bd46d165d67fe6c2a559e90473402d9
934b265c36a554e34c2ad890d922f7a6f5f33900f835ba2db4cc5ac0944331a5
96591385347da42e5d589f3b5c307dbdca2da4cd12a78b46d01126526258ac81
98cfbc4941d976520dde0a548b87b499e1c0454f9bc38aeb581b9e13b1e219a7
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
9a0c4301b6e804a7a808eb69694ed08567605811ae9bef1d3f19c88e20bdec92
9a280ca12a2d4400a93d3a9faf5e18bb2f65091a76e4cfe41b78621baab826f2
9aa5d0fafc8d220bbed312ca0f014e52e720f8b51ce6dc49d50b37b62966d79b
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a54114068598bbb6d117116118d92651582b230c4a7b6e69df64146feb65cfbe
a6cd361fc4dd2ddf8db6c3ea7d3e8e62d38832bd9336e595aafa4abcd024b1ce
a80319212460370537c57e56631f448aff106ecf74ee7a92f15391fcd48def00
b3d8ae1923e49a72eaf5fff0c8d11f74fa77114e29882c8e703295d9e1eb9799
b4adf4d6ac73d474c6a49c40a8989a9174524af20e8e578204dc27df6af764e6
b9dfd1406f8ccc1b99462a6ca3bb04ea703bb0a1a283edfb82f6d42495f93950
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bf0bcaeb1a927cb0e258cf372c69276012ffe6415debc9b3400d54cf6b4708e4
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0052ee4884b0a33f2f70ced5442bda5cbc5b51435c172681e2ccd36c0425904
d34404eb0e1624fed1385aae12e1d52d23b2e1570e7ebc43e72f6c523018799c
d64a3c39af16fe4249968d11d5e5a8d4af492a23acc5ad31c3ac3b7b4cd69823
d66a9e827146c7cffff75212032752172352dc9eca81efe3ff413eb9e008f73a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7e17d5ea847427d555e88a83ff56745fea1d5a6a0dd8d43270d2840fa816ad7
fddf1f617bae640396d44eb944ad4557934174b4b3a5e4cffe9b9fb75a80bc71

app.truework.com Open in urlscan Pro 3.20.210.95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

99 %HTTPS

43 %IPv6

19 Domains

25 Subdomains

24 IPs

3 Countries

1915 kBTransfer

7749 kBSize

12 Cookies

3 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app.truework.com Open in urlscan Pro
3.20.210.95 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

99 %
HTTPS

43 %
IPv6

19
Domains

25
Subdomains

24
IPs

3
Countries

1915 kB
Transfer

7749 kB
Size

12
Cookies

85 HTTP transactions
0 data transactions