staging2.mindshift.works Open in urlscan Pro
35.209.89.182 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://staging2.mindshift.works/
Submission: On December 28 via api (December 28th 2023, 11:07:50 pm UTC) from US — Scanned from DE

Summary HTTP 109 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 40 IPs in 6 countries across 36 domains to perform 109 HTTP transactions. The main IP is 35.209.89.182, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is staging2.mindshift.works.
TLS certificate: Issued by R3 on November 27th 2023. Valid for: 3 months.

This is the only time staging2.mindshift.works was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	35.209.89.182 35.209.89.182	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:8bce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2 2	2620:100:6022... 2620:100:6022:18::a27d:4212	19679 (DROPBOX) (DROPBOX)
2	2620:100:6022... 2620:100:6022:15::a27d:420f	19679 (DROPBOX) (DROPBOX)
2	2606:4700::68... 2606:4700::6811:eff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:9000:238... 2600:9000:238d:b200:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:218... 2600:9000:218e:8400:2:49a2:4500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:cff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f14:5db... 2600:1f14:5db:eb22:1b92:58e:a003:800b	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
2	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.65.116 65.9.65.116	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
19 25	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:25e... 2600:9000:25e8:6800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:58cc:8374:e56e:ee96	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.67.157.211 3.67.157.211	16509 (AMAZON-02) (AMAZON-02)
1 1	35.156.234.34 35.156.234.34	16509 (AMAZON-02) (AMAZON-02)
1	52.84.45.20 52.84.45.20	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	52.70.181.24 52.70.181.24	14618 (AMAZON-AES) (AMAZON-AES)
1	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.170.64.73 54.170.64.73	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1 2	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
109	40

36 35.209.89.182 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 182.89.209.35.bc.googleusercontent.com

staging2.mindshift.works	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:8bce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:6022:18::a27d:4212 (United States) 2 redirects

ASN19679 (DROPBOX, US)

www.dropbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:6022:15::a27d:420f (United States)

ASN19679 (DROPBOX, US)

uc5c46d93e05d9dfdb59c86632c0.dl.dropboxusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:eff9 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:238d:b200:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218e:8400:2:49a2:4500:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets9.lottiefiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cff9 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f14:5db:eb22:1b92:58e:a003:800b (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

10568435.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 35.204.158.49 (Groningen, Netherlands) 19 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25e8:6800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:58cc:8374:e56e:ee96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.157.211 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-157-211.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.234.34 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-234-34.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.45.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-20.mrs52.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.181.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-181-24.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.64.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-64-73.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.12 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	mindshift.works staging2.mindshift.works	2 MB
27	simpli.fi 19 redirects tag.simpli.fi — Cisco Umbrella Rank: 4333 i.simpli.fi — Cisco Umbrella Rank: 3745 um.simpli.fi — Cisco Umbrella Rank: 780	12 KB
13	userway.org cdn.userway.org — Cisco Umbrella Rank: 4271 api.userway.org — Cisco Umbrella Rank: 4071	99 KB
8	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1001	381 KB
7	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 10568435.fls.doubleclick.net pubads.g.doubleclick.net — Cisco Umbrella Rank: 414 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	3 KB
4	gstatic.com fonts.gstatic.com	78 KB
3	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4435 forms-na1.hsforms.com — Cisco Umbrella Rank: 7062	5 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6765 adservice.google.de — Cisco Umbrella Rank: 14215	1 KB
3	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 adservice.google.com — Cisco Umbrella Rank: 93 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 408	140 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2174	855 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 499 d.agkn.com — Cisco Umbrella Rank: 686	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 465	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 546	712 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1355 insight.adsrvr.org — Cisco Umbrella Rank: 557	3 KB
2	dropboxusercontent.com uc5c46d93e05d9dfdb59c86632c0.dl.dropboxusercontent.com	60 KB
2	dropbox.com 2 redirects www.dropbox.com — Cisco Umbrella Rank: 2721	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
2	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6767	307 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 491	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 339	239 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 138	546 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 835	311 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	264 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 848	445 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1556	421 B
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 1661	93 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 846
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6102	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 372	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	236 B
1	lottiefiles.com assets9.lottiefiles.com — Cisco Umbrella Rank: 236027	98 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	78 KB
109	36

	Domain	Requested by
36	staging2.mindshift.works	staging2.mindshift.works
25	um.simpli.fi	19 redirects staging2.mindshift.works
11	cdn.userway.org	staging2.mindshift.works cdn.userway.org
8	tags.tiqcdn.com	staging2.mindshift.works tags.tiqcdn.com
4	fonts.gstatic.com	staging2.mindshift.works
2	cm.g.doubleclick.net	2 redirects
2	ib.adnxs.com	1 redirects staging2.mindshift.works
2	idsync.rlcdn.com	staging2.mindshift.works
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects staging2.mindshift.works
2	sync.1rx.io	2 redirects
2	10568435.fls.doubleclick.net	1 redirects tags.tiqcdn.com
2	api.userway.org	cdn.userway.org
2	forms.hsforms.com	js.hsforms.net staging2.mindshift.works
2	uc5c46d93e05d9dfdb59c86632c0.dl.dropboxusercontent.com	staging2.mindshift.works
2	www.dropbox.com	2 redirects
2	connect.facebook.net	staging2.mindshift.works connect.facebook.net
2	www.google.de	staging2.mindshift.works
2	js.hsforms.net	staging2.mindshift.works js.hsforms.net
1	us-u.openx.net	staging2.mindshift.works
1	pixel.rubiconproject.com	staging2.mindshift.works
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	ce.lijit.com	staging2.mindshift.works
1	bcp.crwdcntrl.net	staging2.mindshift.works
1	stags.bluekai.com	staging2.mindshift.works
1	sync.bfmio.com	staging2.mindshift.works
1	loadm.exelator.com	staging2.mindshift.works
1	sync.intentiq.com	staging2.mindshift.works
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	staging2.mindshift.works
1	eb2.3lift.com	staging2.mindshift.works
1	sync.targeting.unrulymedia.com	staging2.mindshift.works
1	s.ad.smaato.net	staging2.mindshift.works
1	i.simpli.fi	tag.simpli.fi
1	insight.adsrvr.org	js.adsrvr.org
1	adservice.google.de	adservice.google.com
1	adservice.google.com	10568435.fls.doubleclick.net
1	pubads.g.doubleclick.net	tags.tiqcdn.com
1	js.adsrvr.org	tags.tiqcdn.com
1	tag.simpli.fi	tags.tiqcdn.com
1	forms-na1.hsforms.com	staging2.mindshift.works
1	assets9.lottiefiles.com	staging2.mindshift.works
1	www.facebook.com	staging2.mindshift.works
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	staging2.mindshift.works
109	49

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
app.givingheartsday.org
offthewalladvertising.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
staging2.mindshift.works R3	`2023-11-27` - `2024-02-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-07` - `2024-01-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
*.lottiefiles.com Amazon RSA 2048 M01	`2023-08-25` - `2024-09-22`	a year	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
dl.dropbox.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-14` - `2024-03-16`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://staging2.mindshift.works/
Frame ID: 12F70F35FCC65F519C58D0E146967365
Requests: 72 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/shell.js
Frame ID: 40E8D618E29435893C3734A443CACE48
Requests: 2 HTTP requests in this frame

Frame: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/mobile.html?parent_title=Mind%20Shift%20-%20ND%2C%20MN%2C%20%26%20WI%20-%20Autism%20Employment&parent_domain=staging2.mindshift.works&parent_pathname=%2F&parent_url=https%3A%2F%2Fstaging2.mindshift.works%2F&parent_referrer=
Frame ID: 6A537F81070319944173430820F6FB18
Requests: 34 HTTP requests in this frame

Frame: https://10568435.fls.doubleclick.net/activityi;dc_pre=CMWjyd2fs4MDFQBRHgIdLuQPnA;src=10568435;type=daily0;cat=daily0;qty=1;cost=;ord=1
Frame ID: 133004C1A729103836B0C7BE3492B65A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMWjyd2fs4MDFQBRHgIdLuQPnA;src=10568435;type=daily0;cat=daily0;qty=1;cost=;ord=1;~oref=https://tags.tiqcdn.com/
Frame ID: 1E41A7C209E51819A951ED59AF6FD6F1
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMWjyd2fs4MDFQBRHgIdLuQPnA;src=10568435;type=daily0;cat=daily0;qty=1;cost=;ord=1;~oref=https://tags.tiqcdn.com/
Frame ID: 24F28D54E3D1C17C0FFB923969FF71DC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.userway.org/widgetapp/bundles/metropolis/metropolis.css
Frame ID: CAB7EE045D66CBE9E5E888DC9E614116
Requests: 1 HTTP requests in this frame

Frame: https://cdn.userway.org/widgetapp/bundles/metropolis/metropolis.css
Frame ID: 9A0BE4AB3D90A12D6DF5E8DAD793FB05
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vpnbszd&ref=https%3A%2F%2Fstaging2.mindshift.works%2F&upid=hcat9pu&upv=1.1.0
Frame ID: 250D8DDE99E166748964ECC8ED8BEDC5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mind Shift - ND, MN, & WI - Autism Employment

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

109
Requests

80 %
HTTPS

51 %
IPv6

36
Domains

49
Subdomains

40
IPs

6
Countries

3478 kB
Transfer

10509 kB
Size

29
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/m_shift
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mindshift.works/
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mind-shift-works
Title: linkedin

Search URL Search Domain Scan URL

URL: https://app.givingheartsday.org/#/charity/399
Title: Donate

Search URL Search Domain Scan URL

URL: https://offthewalladvertising.com/
Title: Created by Off The Wall Advertising

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCF2MCT0YwMH8R6PB9qQsbzA
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mindshiftworks/
Title: instagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://www.dropbox.com/s/7bo860om4aksfnu/Mind%20Shift%20-%20It%27s%20True.mp4?raw=1 HTTP 302
https://www.dropbox.com/s/raw/7bo860om4aksfnu/Mind%20Shift%20-%20It%27s%20True.mp4 HTTP 302
https://uc5c46d93e05d9dfdb59c86632c0.dl.dropboxusercontent.com/cd/0/inline/CKRCczRc8a86OartnH-K0ERSu9vPhr6crRwXZ7uDP7u3LJNry6uQQ1sKWBNDle3iS-PoWDmddt6SNRBytKTC-r_dBktgWPduvpJIUPWa_G-NxPf2qGS-jQJWRwY4Aw1XnNbgQgZ9Gng1qpfIufz0pEzx/file

Request Chain 70

https://10568435.fls.doubleclick.net/activityi;src=10568435;type=daily0;cat=daily0;qty=1;cost=;ord=1 HTTP 302
https://10568435.fls.doubleclick.net/activityi;dc_pre=CMWjyd2fs4MDFQBRHgIdLuQPnA;src=10568435;type=daily0;cat=daily0;qty=1;cost=;ord=1

Request Chain 87

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=2EB6B470A48D45F79E9530E99576B326

Request Chain 88

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/2EB6B470A48D45F79E9530E99576B326 HTTP 302
https://sync.1rx.io/usersync/simplifi/2EB6B470A48D45F79E9530E99576B326?zcc=1&cb=1703804865391 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-7db15ba0-3b96-4287-832c-7c5392d4b93b-003

Request Chain 89

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=2EB6B470A48D45F79E9530E99576B326&dongle=yf3

Request Chain 90

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=2EB6B470A48D45F79E9530E99576B326

Request Chain 91

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=2EB6B470A48D45F79E9530E99576B326 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=2EB6B470A48D45F79E9530E99576B326

Request Chain 92

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=2EB6B470A48D45F79E9530E99576B326 HTTP 302
https://d.agkn.com/pixel/10751/?che=1703804865292&ip=193.32.248.233&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216663104744005301606 HTTP 302
https://um.simpli.fi/aa_px?sk=216663104744005301606 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 93

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=2EB6B470A48D45F79E9530E99576B326

Request Chain 96

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=2EB6B470A48D45F79E9530E99576B326;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=2EB6B470A48D45F79E9530E99576B326;mimetype=img;sr HTTP 302
https://idsync.rlcdn.com/400646.gif?partner_uid=8217540167323763594

Request Chain 97

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=2EB6B470A48D45F79E9530E99576B326&j=0

Request Chain 99

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=2EB6B470A48D45F79E9530E99576B326

Request Chain 100

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=2EB6B470A48D45F79E9530E99576B326

Request Chain 101

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=2EB6B470A48D45F79E9530E99576B326

Request Chain 102

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=2EB6B470A48D45F79E9530E99576B326

Request Chain 103

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=2EB6B470A48D45F79E9530E99576B326

Request Chain 104

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1703804865044&cv=7&fst=1703804865044&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1905226863&cv=7&fst=1703804865044&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=wf-NZavTDIqV9u8Pno6DiAg&sscte=1&crd=&pscrd=IhMI67eH3p-zgwMVior9Bx0exwCB HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1905226863&cv=7&fst=1703804865044&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI67eH3p-zgwMVior9Bx0exwCB&is_vtc=1&ocp_id=wf-NZavTDIqV9u8Pno6DiAg&cid=CAQSKQAvHhf_Lrw7VbHnczwx53PLVwyJvfpFjZCjyHlHXk4YGA-oDgWsgqfb&random=3223377265 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1905226863&cv=7&fst=1703804865044&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI67eH3p-zgwMVior9Bx0exwCB&is_vtc=1&ocp_id=wf-NZavTDIqV9u8Pno6DiAg&cid=CAQSKQAvHhf_Lrw7VbHnczwx53PLVwyJvfpFjZCjyHlHXk4YGA-oDgWsgqfb&random=3223377265&ipr=y

Request Chain 106

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=2EB6B470A48D45F79E9530E99576B326 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D2EB6B470A48D45F79E9530E99576B326

Request Chain 107

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=2EB6B470A48D45F79E9530E99576B326&expires=365

Request Chain 108

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=2EB6B470A48D45F79E9530E99576B326

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEK9nLSblPz-ohJiMaHqaMIk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2EB6B470A48D45F79E9530E99576B326 HTTP 302
https://um.simpli.fi/g_match?id=

109 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
staging2.mindshift.works/ 70 KB
13 KB 766ms
264ms Document
text/html 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: db3d5db13dbfc1cf66f231ba462b834fcd6b862f34b0b5040bfa0cc28c74a8a2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 23:07:42 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
last-modified: Thu, 28 Dec 2023 14:12:30 GMT
server: nginx
vary: Accept-Encoding
wpo-cache-status: cached
x-httpd: 1
x-proxy-cache: MISS
x-proxy-cache-info: d NC:000000 UP:

GET
H2 200 siteground-optimizer-combined-css-675fc195872daa46f522c7a0f338abb7.css
staging2.mindshift.works/wp-content/uploads/siteground-optimizer-assets/ 833 KB
114 KB 157ms
156ms Stylesheet
text/css 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://staging2.mindshift.works/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-675fc195872daa46f522c7a0f338abb7.css
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6ac127e741f127405daf84fde3b9203dfe51c091983a79077b911d4018ec8e54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:42 GMT
content-encoding: br
last-modified: Wed, 06 Dec 2023 19:04:55 GMT
server: nginx
etag: W/"6570c5d7-d05e7"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Dec 2024 23:07:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
78 KB 238ms
86ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YYJCCLC9NJ

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

345c78b09ad4fee5533cfcccc2145604a5c6b7eeb0698e848d6491689466c293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79183
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Dec 2023 23:07:42 GMT

GET
H2 200 jquery.min.js Show response
staging2.mindshift.works/wp-includes/js/jquery/ 86 KB
29 KB 290ms
289ms Script
application/javascript 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://staging2.mindshift.works/wp-includes/js/jquery/jquery.min.js
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:42 GMT
content-encoding: br
last-modified: Mon, 20 Nov 2023 15:17:33 GMT
server: nginx
etag: W/"655b788d-15601"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Dec 2024 23:07:42 GMT

GET
H2 200 MindShift-WORKS-12-e1687383169709.png
staging2.mindshift.works/wp-content/uploads/2023/06/ 41 KB
41 KB 291ms
290ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2023/06/MindShift-WORKS-12-e1687383169709.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a950acaf36a992ca746cce6b055dfa1c96ae49a37b0c3e9d00fce2dfba2adaaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:42 GMT
last-modified: Tue, 28 Nov 2023 15:38:40 GMT
server: nginx
etag: "65660980-a36e"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 41838
expires: Fri, 27 Dec 2024 23:07:42 GMT

GET
H2 200 Screen-Shot-2022-11-17-at-1.46.16-PM.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 31 KB
31 KB 291ms
290ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/Screen-Shot-2022-11-17-at-1.46.16-PM.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a4827fccd3ff0c13397818f4e01f0cdfc2b746d56a1ef7210cea2f82e27d8e51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:42 GMT
last-modified: Tue, 28 Nov 2023 15:38:47 GMT
server: nginx
etag: "65660987-7ae2"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 31458
expires: Fri, 27 Dec 2024 23:07:42 GMT

GET
H2 200 kisspng-logo-target-corporation-retail-brand-business-target-5abf39135dc022.061294851522481427384.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 18 KB
18 KB 290ms
290ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/kisspng-logo-target-corporation-retail-brand-business-target-5abf39135dc022.061294851522481427384.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3f1959624654bbc33c6a20dd4217b883576e81b9ec0cbb729dea0a89f95753f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:42 GMT
last-modified: Tue, 28 Nov 2023 15:38:50 GMT
server: nginx
etag: "6566098a-4772"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 18290
expires: Fri, 27 Dec 2024 23:07:42 GMT

GET
H2 200 Beverage-Wholesalers-logo.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 34 KB
34 KB 139ms
135ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/Beverage-Wholesalers-logo.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b131ca65767778e4dbc1da8eb39c1ceebb9df40b3e67d38c1a8c2e8d6d672649

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:50 GMT
server: nginx
etag: "6566098a-86c2"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 34498
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 bellbank.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 6 KB
6 KB 140ms
137ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/bellbank.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 76ad329c7eb1653bc989f9bce788b52fb907e95c2aa1771f6227b4f0d5d9f1ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:49 GMT
server: nginx
etag: "65660989-1904"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 6404
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 appareo.png
staging2.mindshift.works/wp-content/uploads/2019/09/ 30 KB
30 KB 142ms
139ms Image
image/png 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2019/09/appareo.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 862bece869ba31d680b34178ee7b73879e8c108c73db52632d2c5708061c9044

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 03 Sep 2019 19:12:51 GMT
server: nginx
etag: "5d6ebb33-781b"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 30747
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 comdel.png
staging2.mindshift.works/wp-content/uploads/2019/09/ 103 KB
103 KB 230ms
227ms Image
image/png 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2019/09/comdel.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2a2a028c4a8cdb87a9f48383cddb72f3cc5009c8f5d5c74e4da9e34ce68b97cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 03 Sep 2019 19:12:42 GMT
server: nginx
etag: "5d6ebb2a-19bb6"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 105398
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 image-asset.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 15 KB
15 KB 232ms
229ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/image-asset.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e865878a19ebe3e0b5c40598fad90b5e9696323ff98de316ff416143856a3af7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:49 GMT
server: nginx
etag: "65660989-3a6e"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 14958
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 anthem.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 11 KB
11 KB 232ms
229ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/anthem.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c0ef3fa56f0681e394dab2c2f4799bcdbdfb10d328627e0876a37fa02ef7a8b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:49 GMT
server: nginx
etag: "65660989-2bb0"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 11184
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 accent.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 18 KB
18 KB 232ms
229ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/accent.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9ee3700f1259f173fab8ebc32ded5d9148d99eda18ec626763391dc0eb12f470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:49 GMT
server: nginx
etag: "65660989-48ba"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 18618
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 myriad.png
staging2.mindshift.works/wp-content/uploads/2019/09/ 43 KB
43 KB 232ms
230ms Image
image/png 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2019/09/myriad.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9252f19485343309d8fe54b27f50761edd22ef1f279e0378f3862eef5aa8999b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 03 Sep 2019 19:12:59 GMT
server: nginx
etag: "5d6ebb3b-ac99"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 44185
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 aldevron.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 11 KB
11 KB 233ms
230ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/aldevron.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 87f4a77fead96866c029b5aee349ccc3651a8c6abb4e4b8a16af79b99a26b624

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:48 GMT
server: nginx
etag: "65660988-2cb4"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 11444
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 eide.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 23 KB
24 KB 233ms
230ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/eide.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9ef1f71258f99d7fc0182fddb9bd1b9b5190e790a85b03b6bc7a9a049ab023b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:48 GMT
server: nginx
etag: "65660988-5d2c"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 23852
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 404 access-point-logo.webp
staging2.mindshift.works/wp-content/uploads/2022/11/ 57 KB
57 KB 405ms
403ms Image
text/html 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/access-point-logo.webp
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 886e418366e8278b483a671d924865cd52b18c371b5d5d024f40705106519775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
x-proxy-cache-info: 0 NC:000000 UP:
content-type: text/html
x-httpd: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS

GET
H2 200 be-more-colorful.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 46 KB
46 KB 272ms
269ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/be-more-colorful.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d9cc81f349157260d5a361f4f1b7a2f1195549f923d5ec53888b8496c988b159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:52 GMT
server: nginx
etag: "6566098c-b776"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 46966
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 HeaderLogoFinal.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 4 KB
4 KB 274ms
272ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/HeaderLogoFinal.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3bec07f247361ab0e35c7c16292addb16d076a0718d9bd6c31ef6a6a7162ac4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:51 GMT
server: nginx
etag: "6566098b-10da"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 4314
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 eaton.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 2 KB
2 KB 275ms
273ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/eaton.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 48036a7905f6ca739c6036dca93b47a71de7e5c18f0bb11cb87fe16520fcb896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:51 GMT
server: nginx
etag: "6566098b-794"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 1940
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 essentia.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 3 KB
3 KB 276ms
274ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/essentia.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4db7aa8722a5eae983e7cf05c8b3b3b9ee266c60c8ff1f0f9082e2e2fd6ccda5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:50 GMT
server: nginx
etag: "6566098a-bf8"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 3064
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 korn-ferry-1.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 3 KB
3 KB 278ms
276ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/korn-ferry-1.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fc907532d511c6d1d5a1ce92aaa3ef48fa7b75729b6d32afe3e3b415717d95e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:50 GMT
server: nginx
etag: "6566098a-c0e"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 3086
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 plymouth-industries.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 2 KB
3 KB 279ms
278ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/plymouth-industries.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5e5c845f6882c5d5d3c47486991c060c21c8d6a62d4ce457f90034398e0adc46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:51 GMT
server: nginx
etag: "6566098b-99e"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 2462
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 razor.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 8 KB
8 KB 281ms
279ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/razor.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 45c36cbaeb661765a9da4f571691138f84f9025ccaf343bd4a4443688f8814dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:51 GMT
server: nginx
etag: "6566098b-2084"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 8324
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 trimble.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 5 KB
5 KB 282ms
281ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/trimble.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3ff554c47d941e0994b9f8f3a0555c20e63efa7a26ec590fade28b448fc9c1d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:50 GMT
server: nginx
etag: "6566098a-1322"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 4898
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 twin-cities-die-casting.png
staging2.mindshift.works/wp-content/uploads/2022/11/ 5 KB
5 KB 284ms
282ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/twin-cities-die-casting.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: deb237760717c3e2bf7cc6d9b04962f2c597c02eafd5df6e3e51884fd82491dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:51 GMT
server: nginx
etag: "6566098b-13d8"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 5080
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 Untitled-2.png
staging2.mindshift.works/wp-content/uploads/2019/08/ 4 KB
4 KB 285ms
284ms Image
image/png 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2019/08/Untitled-2.png
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c373a66e764a9e277eb544a0615b9136f65b5d33919f7ed50cb8c2edbe97c348

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 20 Aug 2019 20:15:18 GMT
server: nginx
etag: "5d5c54d6-1084"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 4228
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 shell.js Show response
js.hsforms.net/forms/ 485 KB
154 KB 99ms
44ms Script
application/javascript 2606:4700::6810:8bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/shell.js

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8bce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc2e1c7db0ffa63e5333bc3771c96bf5c5d704332d79dfcfbff8bc16187b1abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4371/bundles/project-v2.js&cfRay=83873f3b688effc0-WAW
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"982d8d22d576c26eb044b0e746926bef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4371/bundles/project-v2.js
date: Thu, 28 Dec 2023 23:07:43 GMT
x-amz-version-id: wkCPEW5SoVMi9CoHH5BglhAxVEpTVVPC
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 52a39081-6ad2-4473-b2ed-75f879fe538d
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 52a39081-6ad2-4473-b2ed-75f879fe538d
last-modified: Wed, 20 Dec 2023 09:57:15 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obtyKB9g9imS1VS%2FOqZ0ymxqJIg3A9G07jI%2FEIx44cwxf%2FDL0kjYNMfWZJJAdP%2FVaq6L20bMeXna16tTLZgm02SpU95Xvrf2pYRkg4ynpYyPwwMNswGsZ28c3tlDPyaQTyH4H05aGwNNBcdS"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-798df77cc5-j6gsk
cf-ray: 83cd760acc5a6a76-TXL
x-amz-cf-id: Jz4E18Ro9NhyjMp_fK-bR9_7uPIt6l8RHmejiynb5N4TPU3ZnuIOEg==

GET
H2 200 siteground-optimizer-combined-js-7059b586ccae8652bd671e0b3cf64f51.js Show response
staging2.mindshift.works/wp-content/uploads/siteground-optimizer-assets/ 981 KB
230 KB 325ms
324ms Script
application/javascript 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://staging2.mindshift.works/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-7059b586ccae8652bd671e0b3cf64f51.js
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7f9b3c2ae11649bad156211a333dee771f626e5a307a5cd2ba5d22aa98576b38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
content-encoding: br
last-modified: Mon, 04 Dec 2023 18:59:25 GMT
server: nginx
etag: W/"656e218d-f5546"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Dec 2024 23:07:43 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 168ms
57ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YYJCCLC9NJ&gtm=45je3bt0v9164336370&_p=1703804863084&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZGIzZG&cid=168573003.1703804863&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703804863&sct=1&seg=0&dl=https%3A%2F%2Fstaging2.mindshift.works%2F&dt=Mind%20Shift%20-%20ND%2C%20MN%2C%20%26%20WI%20-%20Autism%20Employment&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1213
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YYJCCLC9NJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 23:07:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://staging2.mindshift.works
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 226ms
76ms Ping
text/plain 2a00:1450:400c:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YYJCCLC9NJ&cid=168573003.1703804863&gtm=45je3bt0v9164336370&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YYJCCLC9NJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 23:07:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://staging2.mindshift.works
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 235ms
82ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YYJCCLC9NJ&cid=168573003.1703804863&gtm=45je3bt0v9164336370&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1366833175

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 23:07:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 86ms
29ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 28 Dec 2023 23:07:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: VcECx1FiFlEH/zpl+ywSPp5YzcDof/CDtO6xbC/KrPPV1bdnaDcsMPzZZKBWUDKUAInT45Pm60xC9JnpQHDn+A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iStock-966435598.jpg
staging2.mindshift.works/wp-content/uploads/2022/10/ 129 KB
130 KB 357ms
357ms Image
image/webp 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/10/iStock-966435598.jpg
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94c120ebf5e3ce95eb7b3ead399e4f91266c08a740ce222001a4378726afb8e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 28 Nov 2023 15:38:53 GMT
server: nginx
etag: "6566098d-205c8"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 132552
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mindshiftbac7k4.jpg
staging2.mindshift.works/wp-content/uploads/2019/08/ 238 KB
239 KB 388ms
388ms Image
image/jpeg 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2019/08/mindshiftbac7k4.jpg
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: aff9a4042a6cc2563343d385c1fd97c621382ab3faee61757deb169a2239cf57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Wed, 03 Jun 2020 19:55:01 GMT
server: nginx
etag: "5ed80015-3b8f9"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 243961
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 mindshiftback5.jpg
staging2.mindshift.works/wp-content/uploads/2019/08/ 689 KB
690 KB 393ms
393ms Image
image/jpeg 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2019/08/mindshiftback5.jpg
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 507703c835472c0e9214a9febc59ec226b34e29215efef235f44dc69bb8d385c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 20 Aug 2019 21:35:42 GMT
server: nginx
etag: "5d5c67ae-ac524"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 705828
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 mindshiftbackground5-01.jpg
staging2.mindshift.works/wp-content/uploads/2019/08/ 95 KB
96 KB 393ms
393ms Image
image/jpeg 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2019/08/mindshiftbackground5-01.jpg
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b29113ac1e892e34a8b8b3b2fbcfd8b2acad7bc6e7511558382386745c5f9da7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Wed, 03 Jun 2020 19:54:44 GMT
server: nginx
etag: "5ed80004-17d41"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 97601
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 242ms
90ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-675fc195872daa46f522c7a0f338abb7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://staging2.mindshift.works/
Origin: https://staging2.mindshift.works
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:16:33 GMT
x-content-type-options: nosniff
age: 280270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2024 17:16:33 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ 14 KB
14 KB 225ms
73ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-675fc195872daa46f522c7a0f338abb7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://staging2.mindshift.works/
Origin: https://staging2.mindshift.works
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:20:53 GMT
x-content-type-options: nosniff
age: 276410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14168
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:29:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2024 18:20:53 GMT

GET
H2 200 icomoon.woff
staging2.mindshift.works/wp-content/themes/salient/css/fonts/ 21 KB
22 KB 392ms
392ms Font
font/woff 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://staging2.mindshift.works/wp-content/themes/salient/css/fonts/icomoon.woff
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-675fc195872daa46f522c7a0f338abb7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 253da3174fd517b8b572319807f488b09d2d8c73f0a654361b493fd6b72cc3b1

Request headers

Referer: https://staging2.mindshift.works/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-675fc195872daa46f522c7a0f338abb7.css
Origin: https://staging2.mindshift.works
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 21 Nov 2023 20:17:06 GMT
server: nginx
etag: "655d1042-5598"
x-proxy-cache-info: DT:1
content-type: font/woff
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 21912
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 fontawesome-webfont.woff
staging2.mindshift.works/wp-content/themes/salient/css/fonts/ 96 KB
96 KB 392ms
392ms Font
font/woff 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://staging2.mindshift.works/wp-content/themes/salient/css/fonts/fontawesome-webfont.woff
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-675fc195872daa46f522c7a0f338abb7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://staging2.mindshift.works/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-675fc195872daa46f522c7a0f338abb7.css
Origin: https://staging2.mindshift.works
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
last-modified: Tue, 21 Nov 2023 20:17:06 GMT
server: nginx
etag: "655d1042-17ee8"
x-proxy-cache-info: DT:1
content-type: font/woff
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 98024
expires: Fri, 27 Dec 2024 23:07:43 GMT

GET
H2 200 c4mv1nF8G8_swA3J0R9rkoc.woff2
fonts.gstatic.com/s/aleo/v14/ 36 KB
36 KB 325ms
173ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/aleo/v14/c4mv1nF8G8_swA3J0R9rkoc.woff2

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-675fc195872daa46f522c7a0f338abb7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a429971385f1ff7abaae61ef0d6c35322b919bc8305b169c127c8d64e66b91b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://staging2.mindshift.works/
Origin: https://staging2.mindshift.works
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 09:02:25 GMT
x-content-type-options: nosniff
age: 223518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36908
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 09:02:25 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVQUwaEQbjA.woff
fonts.gstatic.com/s/opensans/v36/ 16 KB
16 KB 300ms
148ms Font
font/woff 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVQUwaEQbjA.woff

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-675fc195872daa46f522c7a0f338abb7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

456151b41203e3ae310ad73b9f4034f21436f22b045f1896c7baf652f16d7883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://staging2.mindshift.works/
Origin: https://staging2.mindshift.works
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:49:18 GMT
x-content-type-options: nosniff
age: 235105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16572
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:03:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 05:49:18 GMT

GET
H2

206

file
uc5c46d93e05d9dfdb59c86632c0.dl.dropboxusercontent.com/cd/0/inline/CKRCczRc8a86OartnH-K0ERSu9vPhr6crRwXZ7uDP7u3LJNry6uQQ1sKWBNDle3iS-PoWDmddt6SNRBytKTC-r_dBktgWPduvpJIUPWa_G-NxPf2qGS-jQJWRwY4Aw1XnN...
Redirect Chain

https://www.dropbox.com/s/7bo860om4aksfnu/Mind%20Shift%20-%20It%27s%20True.mp4?raw=1
https://www.dropbox.com/s/raw/7bo860om4aksfnu/Mind%20Shift%20-%20It%27s%20True.mp4
https://uc5c46d93e05d9dfdb59c86632c0.dl.dropboxusercontent.com/cd/0/inline/CKRCczRc8a86OartnH-K0ERSu9vPhr6crRwXZ7uDP7u3LJNry6uQQ1sKWBNDle3iS-PoWDmddt6SNRBytKTC-r_dBktgWPduvpJIUPWa_G-NxPf2qGS-jQJWRw...

48 KB
0

698ms
448ms

Media
video/mp4

2620:100:6022:15::a27d:420f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://uc5c46d93e05d9dfdb59c86632c0.dl.dropboxusercontent.com/cd/0/inline/CKRCczRc8a86OartnH-K0ERSu9vPhr6crRwXZ7uDP7u3LJNry6uQQ1sKWBNDle3iS-PoWDmddt6SNRBytKTC-r_dBktgWPduvpJIUPWa_G-NxPf2qGS-jQJWRwY4Aw1XnNbgQgZ9Gng1qpfIufz0pEzx/file

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Server

2620:100:6022:15::a27d:420f , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date: Thu, 28 Dec 2023 23:07:44 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dropbox-request-id: c62c5bfae702431c9092078d9d290542
Content-Range: bytes 0-7237876/7237877
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="Mind Shift - It's True.mp4"; filename*=UTF-8''Mind%20Shift%20-%20It%27s%20True.mp4
Content-Length: 7237877
pragma: public
referrer-policy: no-referrer
server: envoy
etag: 1683205073562142d
vary: Origin
content-type: video/mp4
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noimageindex

Redirect headers

content-security-policy: sandbox
date: Thu, 28 Dec 2023 23:07:43 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-dropbox-request-id: b473cf0c7191406485b6b4a25a2881de
x-dropbox-response-origin: far_remote
content-length: 318
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: envoy
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/html; charset=utf-8
location: https://uc5c46d93e05d9dfdb59c86632c0.dl.dropboxusercontent.com/cd/0/inline/CKRCczRc8a86OartnH-K0ERSu9vPhr6crRwXZ7uDP7u3LJNry6uQQ1sKWBNDle3iS-PoWDmddt6SNRBytKTC-r_dBktgWPduvpJIUPWa_G-NxPf2qGS-jQJWRwY4Aw1XnNbgQgZ9Gng1qpfIufz0pEzx/file#
cache-control: no-cache, no-store

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1166723727407167 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 207ms
207ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1166723727407167?v=2.9.138&r=stable&domain=staging2.mindshift.works

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c89db97d2ec907778e2eafe1ff19d795741383cdbd60a28a48423ed9f003b220

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 28 Dec 2023 23:07:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 2R3LTcxhNDoR1yPAVA98ShG+xy5NaoAvC9vQxjMDMJskaaWtobT4V9d/O4rB0Wxy6W0Tyv7jah2Sy2N0TGSGJQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/5427049/f5e4ae77-5e91-4508-9d06-5ee7ed47fb38/ 9 KB
4 KB 258ms
201ms XHR
application/json 2606:4700::6811:eff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/5427049/f5e4ae77-5e91-4508-9d06-5ee7ed47fb38/json?hs_static_app=forms-embed&hs_static_app_version=1.4371&X-HubSpot-Static-App-Info=forms-embed-1.4371

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

275b4d326624f5b222e49f156ac207b74aa332522c12132b87b06bcecfe14972

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://staging2.mindshift.works/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Origin-Hublet: na1
Date: Thu, 28 Dec 2023 23:07:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: b45d825e-d95d-4956-b69f-029647586ee7
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 34
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b45d825e-d95d-4956-b69f-029647586ee7
Server: cloudflare
X-Trace: 2B32A70E4E6CA0C5D050563ACD5958524A283A413A000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://staging2.mindshift.works
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 83cd760beb4d44f2-TXL
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-795b47fdff-bhrjw

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/ 2 MB
186 KB 120ms
38ms Script
application/javascript 2600:9000:238d:b200:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/utag.js
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-7059b586ccae8652bd671e0b3cf64f51.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d869c3bb009030e447478546bba8475c8fe6f07b36a993759fc2515f0017d276

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 4GvZo3YgVCMfLcY68heraH8eIyFjrOTg
content-encoding: br
via: 1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
date: Thu, 28 Dec 2023 23:05:34 GMT
last-modified: Wed, 06 Dec 2023 22:08:34 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 262
x-amz-server-side-encryption: AES256
etag: W/"680f7d3b5c086dbe437b0fc5f487f441"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: ukgrKdltfjpIPd03MBP1RWAQUF_zGLEcNxQjpL45Yr-2Uq-QEXsZrg==

POST
H2 200 /
staging2.mindshift.works/ 0
0 2013ms
1605ms Fetch
text/html 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://staging2.mindshift.works/
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-7059b586ccae8652bd671e0b3cf64f51.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://staging2.mindshift.works/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryzwEkyQvHYARYu7Pn

Response headers

date: Thu, 28 Dec 2023 23:07:45 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/html; charset=UTF-8
x-httpd: 1
cache-control: public, max-age=0, s-maxage=3600
host-header: 8441280b0c35cbc1147f8ba998a563a7

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 112ms
28ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-7059b586ccae8652bd671e0b3cf64f51.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: eb6398a0114471edabc6249e08a1bee85f0df4c7176b379912020b2cda9ad577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 28 Dec 2023 23:07:43 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 2404
x-amz-cf-pop: FRA60-P3
age: 492
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703802459
x-77-nzt: EgwBnJIhiwH3ZAkAAAwBJRPCLgH3DQAAAA
x-accel-expires: @1703806059
x-77-age: 2417
x-cache-lb: HIT
last-modified: Wed, 27 Dec 2023 13:17:39 GMT
server: CDN77-Turbo
etag: W/"b9c3898b29dc13b93eb75f9925d043ea"
x-77-nzt-ray: cf878727a67fdafebfff8d65d447df23
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: WvVI8t2ga6qK14w2w1nRup7W2ykZSF4v61DRCZ6lyPk3Riswn7UvFQ==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 94ms
28ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1166723727407167&ev=PageView&dl=https%3A%2F%2Fstaging2.mindshift.works%2F&rl=&if=false&ts=1703804863576&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703804863576.356118167&ler=empty&it=1703804863267&coo=false&rqm=GET

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 28 Dec 2023 23:07:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 shell.js Show response
js.hsforms.net/forms/ Frame 40E8 485 KB
153 KB 29ms
28ms Script
application/javascript 2606:4700::6810:8bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/shell.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8bce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc2e1c7db0ffa63e5333bc3771c96bf5c5d704332d79dfcfbff8bc16187b1abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
age: 0
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4371/bundles/project-v2.js&cfRay=83873f3b688effc0-WAW
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"982d8d22d576c26eb044b0e746926bef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4371/bundles/project-v2.js
date: Thu, 28 Dec 2023 23:07:43 GMT
x-amz-version-id: wkCPEW5SoVMi9CoHH5BglhAxVEpTVVPC
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 52a39081-6ad2-4473-b2ed-75f879fe538d
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 52a39081-6ad2-4473-b2ed-75f879fe538d
last-modified: Wed, 20 Dec 2023 09:57:15 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4V0J8K44aUaaVr7ObxAwM66yK5LirK4YQpf6k7eyBtX9dzhBSumkJABKvolyKqFMUtsEvkdY9iYxLAXw6lTNnhjhM5Fm%2BrCZj34Zo4TNkh%2BMLA79QaJ0yHXFL8fGHpmfEMbpt9Jov14X5MoO"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-798df77cc5-j6gsk
cf-ray: 83cd760d7b3e6a76-TXL
x-amz-cf-id: Jz4E18Ro9NhyjMp_fK-bR9_7uPIt6l8RHmejiynb5N4TPU3ZnuIOEg==

GET
H2 404 access-point-logo.webp
staging2.mindshift.works/wp-content/uploads/2022/11/ 82 KB
82 KB 139ms
139ms Image
text/html 35.209.89.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/access-point-logo.webp
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.89.182 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 182.89.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b39bdadd90378180927c19f1343682602e430b54f3fc7523c5ac4f46ffd67bc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/html
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 lf20_4oca5qxf.json Show response
assets9.lottiefiles.com/packages/ 764 KB
98 KB 795ms
682ms XHR
application/json 2600:9000:218e:8400:2:49a2:4500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets9.lottiefiles.com/packages/lf20_4oca5qxf.json
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-7059b586ccae8652bd671e0b3cf64f51.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:8400:2:49a2:4500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa47f9dc415d312fc59a2e3e42059c0735ac38811c406eb107c3c12638c7e843

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:45 GMT
x-amz-version-id: cuwIzcezlXORKQZpCXguOUOUt0VIBNlI
content-encoding: br
via: 1.1 b3c499d6bb51c2f743813fea28eaaf30.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
x-cache: Miss from cloudfront
last-modified: Fri, 20 Aug 2021 04:48:14 GMT
server: AmazonS3
etag: W/"11d4cc2bbc78e17613f6882b9c04af67"
access-control-max-age: 1800
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding,Origin
x-amz-cf-id: s9gBQKpZVAENXz-6cpFvqdpVDWHMMeY3oYRcPaWby5SXfuOwxpQlmQ==

GET
H2 200 widget_app_base_1703682904009.js Show response
cdn.userway.org/widgetapp/2023-12-27-13-15-04/ 137 KB
41 KB 85ms
28ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fef48719eaa745024d0b801254bd0fc8907d2eae226fb77b8550bce864ebd33b

Request headers

Referer: https://staging2.mindshift.works/
Origin: https://staging2.mindshift.works
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 28 Dec 2023 23:07:43 GMT
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 121223
x-amz-cf-pop: FRA60-P3
age: 490
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703683640
x-77-nzt: EgwBnJIhiwHXh9kBAAwBJRPCKAH3DwAAAA
x-accel-expires: @1729603625
x-77-age: 121238
x-cache-lb: HIT
last-modified: Wed, 27 Dec 2023 13:17:34 GMT
server: CDN77-Turbo
etag: W/"eb0a361513cfc3cde5aea3a3fe34989f"
x-77-nzt-ray: cf87872740748a00bfff8d6582958229
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: PcHnDQhh0EHFRu14yTbQGzTkgxJmvsSV78MWi7WXTShhHtDfo4TfgQ==

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
625 B 195ms
161ms Image
image/gif 2606:4700::6811:eff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2cc7b82d-dd60-4e81-9e2f-a1a6c71e52a6
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2cc7b82d-dd60-4e81-9e2f-a1a6c71e52a6
server: cloudflare
x-trace: 2B3B14F5E481C2C4E7B97E8C363E070679E3BD00D1000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-795b47fdff-b9wb8
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 83cd760e584634eb-WAW

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
1016 B 196ms
140ms Image
image/gif 2606:4700::6811:cff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 23:07:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: f3f4091f-308a-4e88-aeed-b7c929a2099b
x-envoy-upstream-service-time: 3
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f3f4091f-308a-4e88-aeed-b7c929a2099b
Server: cloudflare
X-Trace: 2B3066F6B170FFD4A5019D256472A935B10251476B000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-795b47fdff-n6wg8
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 83cd760e98af44f2-TXL

GET
H2 200 mobile.html Show response
tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/ Frame 6A53 404 B
837 B 31ms
31ms Document
text/html 2600:9000:238d:b200:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/mobile.html?parent_title=Mind%20Shift%20-%20ND%2C%20MN%2C%20%26%20WI%20-%20Autism%20Employment&parent_domain=staging2.mindshift.works&parent_pathname=%2F&parent_url=https%3A%2F%2Fstaging2.mindshift.works%2F&parent_referrer=
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ff6ff476715793188251c400a8fb21cc7a9849db6d51d43a3ed0192f23f9647

Request headers

Referer: https://staging2.mindshift.works/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3101
cache-control: max-age=3600
content-length: 404
content-type: text/html
date: Thu, 28 Dec 2023 22:16:07 GMT
etag: "f1b4eb6d0055c5e80bd36c3415b5c346"
last-modified: Tue, 07 Mar 2023 02:06:17 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
x-amz-cf-id: 9vmxySUZGThjLRCG8_YPqpQvjD70bER4cYxZ8r_W1orkgm-JmdcgAQ==
x-amz-cf-pop: AMS1-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: 2XAtI2NykP6_9i4RIzxfij62uLHFbEWP
x-cache: Hit from cloudfront

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/ Frame 6A53 2 MB
186 KB 32ms
32ms Script
application/javascript 2600:9000:238d:b200:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/utag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/mobile.html?parent_title=Mind%20Shift%20-%20ND%2C%20MN%2C%20%26%20WI%20-%20Autism%20Employment&parent_domain=staging2.mindshift.works&parent_pathname=%2F&parent_url=https%3A%2F%2Fstaging2.mindshift.works%2F&parent_referrer=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d869c3bb009030e447478546bba8475c8fe6f07b36a993759fc2515f0017d276

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/mobile.html?parent_title=Mind%20Shift%20-%20ND%2C%20MN%2C%20%26%20WI%20-%20Autism%20Employment&parent_domain=staging2.mindshift.works&parent_pathname=%2F&parent_url=https%3A%2F%2Fstaging2.mindshift.works%2F&parent_referrer=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 4GvZo3YgVCMfLcY68heraH8eIyFjrOTg
content-encoding: br
via: 1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
date: Thu, 28 Dec 2023 23:05:34 GMT
last-modified: Wed, 06 Dec 2023 22:08:34 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 262
x-amz-server-side-encryption: AES256
etag: W/"680f7d3b5c086dbe437b0fc5f487f441"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: EimAvxBOJav9ee4PvagFdF6mdsEZ_tD9TPXOn5j9vBDb009vZG26ew==

POST
H2 200 Fn83tmZkZq Show response
api.userway.org/api/tunings/ 281 B
666 B 615ms
201ms XHR
application/json 2600:1f14:5db:eb22:1b92:58e:a003:800b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/Fn83tmZkZq
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:1b92:58e:a003:800b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 627b4a58932c8d34a3ebfa28c902c053418d3d73084d4f1a2f2bfefe3e754305

Request headers

Referer: https://staging2.mindshift.works/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 28 Dec 2023 23:07:44 GMT
etag: W/"119-1ZnFUbjfVTvtJ1GF3kKs9ssRa3c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr8f839e62bb9c43c
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 281
x-service-version: uw-pr

GET
H2 200 utag.35.js Show response
tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/ Frame 6A53 5 KB
2 KB 32ms
31ms Script
application/javascript 2600:9000:238d:b200:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/utag.35.js?utv=ut4.44.201902062249
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 276662e110fad855454153d5fde5a3296b10aab94f455b342dbd5bd920460bed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/mobile.html?parent_title=Mind%20Shift%20-%20ND%2C%20MN%2C%20%26%20WI%20-%20Autism%20Employment&parent_domain=staging2.mindshift.works&parent_pathname=%2F&parent_url=https%3A%2F%2Fstaging2.mindshift.works%2F&parent_referrer=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: HPEMFxF7Bl2Q3JB0ARgp0uXL9RKHKTHB
content-encoding: gzip
via: 1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
date: Thu, 28 Dec 2023 23:05:34 GMT
last-modified: Wed, 06 Dec 2023 22:08:32 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 255
x-amz-server-side-encryption: AES256
etag: W/"579c9677e7cfc85c495bcb001b8aa2c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Me8pOrteu3tNQDEAFAvzCpxLLDK7a7plhdg9pzEBSno6XhqinbtKKA==

GET
H2 200 utag.14.js Show response
tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/ Frame 6A53 2 KB
2 KB 33ms
32ms Script
application/javascript 2600:9000:238d:b200:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/utag.14.js?utv=ut4.44.201807131554
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6a1d776cf96e2276e9a972b16ded0120885439bb531724c7ed4d73842de9591

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/mobile.html?parent_title=Mind%20Shift%20-%20ND%2C%20MN%2C%20%26%20WI%20-%20Autism%20Employment&parent_domain=staging2.mindshift.works&parent_pathname=%2F&parent_url=https%3A%2F%2Fstaging2.mindshift.works%2F&parent_referrer=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: pwnjGbR9fxHM60kjOXzPbFaaLRgpCj6F
content-encoding: gzip
via: 1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
date: Thu, 28 Dec 2023 23:05:34 GMT
last-modified: Wed, 06 Dec 2023 22:08:32 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 255
x-amz-server-side-encryption: AES256
etag: W/"88c32e0d4d5d2b187e78fea545d9bd26"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: StF4zAn9z7mao_LnzrBBJ8W1MJAmcD4cSTP94gQf-uwTpa7QsLNmbA==

GET
H2 200 utag.54.js Show response
tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/ Frame 6A53 4 KB
2 KB 34ms
34ms Script
application/javascript 2600:9000:238d:b200:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/utag.54.js?utv=ut4.44.201903292223
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50e5c7497c8a6bf4c9627595860dabc36cddbe19c834b8bf21a0a3810b262913

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/mobile.html?parent_title=Mind%20Shift%20-%20ND%2C%20MN%2C%20%26%20WI%20-%20Autism%20Employment&parent_domain=staging2.mindshift.works&parent_pathname=%2F&parent_url=https%3A%2F%2Fstaging2.mindshift.works%2F&parent_referrer=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: kwqN6DQSQ0w74zFtkskSW2Qx5VwRIlAv
content-encoding: gzip
via: 1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
date: Thu, 28 Dec 2023 23:05:34 GMT
last-modified: Wed, 06 Dec 2023 22:08:34 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 255
x-amz-server-side-encryption: AES256
etag: W/"527708c90ccff600ca6b863641a0b712"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: uKJlaci_xI366NuG_5LIY587OW6qqDAEymKlhUEt8FOyFNZQ7T8jVQ==

GET
H2 200 utag.71.js Show response
tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/ Frame 6A53 3 KB
2 KB 35ms
35ms Script
application/javascript 2600:9000:238d:b200:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/utag.71.js?utv=ut4.44.201908222035
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3eecfa0e64d677630d9d2368ae5c901788d6d513fc70995c17043d04a9fc12a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/mobile.html?parent_title=Mind%20Shift%20-%20ND%2C%20MN%2C%20%26%20WI%20-%20Autism%20Employment&parent_domain=staging2.mindshift.works&parent_pathname=%2F&parent_url=https%3A%2F%2Fstaging2.mindshift.works%2F&parent_referrer=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: LX4ZbH4DTl_H0TUOTlH5zM2S8YaezkKh
content-encoding: br
via: 1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
date: Thu, 28 Dec 2023 23:07:16 GMT
last-modified: Wed, 06 Dec 2023 22:08:33 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 48
x-amz-server-side-encryption: AES256
etag: W/"9428acee498ac676ca3332bd75722b10"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: oTOaHxQ7moP9ScEm23_TdEbE0ZD4vBpTyUxz-ELYZa4tVk9XDvD2TA==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ Frame 6A53 2 B
438 B 32ms
31ms Script
application/javascript 2600:9000:238d:b200:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=advantagepublisherservices/aps/202312062204&cb=1703804863991
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/mobile.html?parent_title=Mind%20Shift%20-%20ND%2C%20MN%2C%20%26%20WI%20-%20Autism%20Employment&parent_domain=staging2.mindshift.works&parent_pathname=%2F&parent_url=https%3A%2F%2Fstaging2.mindshift.works%2F&parent_referrer=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Thu, 28 Dec 2023 23:04:11 GMT
via: 1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: tIvBgc1JgikqPueVFofHfKUfTu5eeG6c3vakbvre_8ImFYQ8x0hLQA==

GET
H2

200

activityi;dc_pre=CMWjyd2fs4MDFQBRHgIdLuQPnA;src=10568435;type=daily0;cat=daily0;qty=1;cost=;ord=1 Show response
10568435.fls.doubleclick.net/ Frame 1330
Redirect Chain

https://10568435.fls.doubleclick.net/activityi;src=10568435;type=daily0;cat=daily0;qty=1;cost=;ord=1?
https://10568435.fls.doubleclick.net/activityi;dc_pre=CMWjyd2fs4MDFQBRHgIdLuQPnA;src=10568435;type=daily0;cat=daily0;qty=1;cost=;ord=1?

433 B
393 B

95ms
94ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10568435.fls.doubleclick.net/activityi;dc_pre=CMWjyd2fs4MDFQBRHgIdLuQPnA;src=10568435;type=daily0;cat=daily0;qty=1;cost=;ord=1?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

2b77f73a165daca0d690e42c3a92db9915003d2d9b69b2136a97a2abb4accc9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tags.tiqcdn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 23:07:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 23:07:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10568435.fls.doubleclick.net/activityi;dc_pre=CMWjyd2fs4MDFQBRHgIdLuQPnA;src=10568435;type=daily0;cat=daily0;qty=1;cost=;ord=1?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 8403d900-38c1-0139-84b7-06b4c2516bae Show response
tag.simpli.fi/sifitag/ Frame 6A53 3 KB
2 KB 124ms
36ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/8403d900-38c1-0139-84b7-06b4c2516bae
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: c605bc5c91e280fc8f46ac58596d56e343bd235389c1418ed479cff7c3224042

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 23:07:44 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F6UhfyvGLnS4KYi6wUsB
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 6A53 5 KB
3 KB 97ms
28ms Script
application/x-javascript 65.9.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-65-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 01:34:58 GMT
Content-Encoding: gzip
Via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
Last-Modified: Wed, 20 Dec 2023 01:34:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C1
Age: 77567
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: O3L4NX_xQ_eIfzizXykq_7frN9KRp0kePtjt_TdardoDs5ObDiJrBA==

GET
H2 200 activity;xsp=4742932;ord=1
pubads.g.doubleclick.net/ Frame 6A53 42 B
542 B 277ms
111ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4742932;ord=1?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/aps/prod/mobile.html?parent_title=Mind%20Shift%20-%20ND%2C%20MN%2C%20%26%20WI%20-%20Autism%20Employment&parent_domain=staging2.mindshift.works&parent_pathname=%2F&parent_url=https%3A%2F%2Fstaging2.mindshift.works%2F&parent_referrer=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 23:07:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CMWjyd2fs4MDFQBRHgIdLuQPnA;src=10568435;type=daily0;cat=daily0;qty=1;cost=;ord=1;~oref=https://tags.tiqcdn.com/ Frame 1E41 432 B
594 B 265ms
111ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMWjyd2fs4MDFQBRHgIdLuQPnA;src=10568435;type=daily0;cat=daily0;qty=1;cost=;ord=1;~oref=https://tags.tiqcdn.com/

Requested by

Host: 10568435.fls.doubleclick.net
URL: https://10568435.fls.doubleclick.net/activityi;dc_pre=CMWjyd2fs4MDFQBRHgIdLuQPnA;src=10568435;type=daily0;cat=daily0;qty=1;cost=;ord=1?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d82adacff4fe623028c5452a3ae0e5dbaf1fc6c14c3659890f30ad05ce7e6120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10568435.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 220
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 23:07:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2023-12-27-13-15-04/locales/ 500 B
959 B 28ms
28ms XHR
application/json 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 28 Dec 2023 23:07:44 GMT
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 121222
x-amz-cf-pop: FRA60-P3
age: 487
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703683642
x-77-nzt: EgwBnJIhiwH3htkBAAwB1GY4nAH3EAAAAA
x-accel-expires: @1729603626
x-77-age: 121238
x-cache-lb: HIT
last-modified: Wed, 27 Dec 2023 13:17:33 GMT
server: CDN77-Turbo
etag: W/"6c501e56c0883817da65e6df9f4417ee"
x-77-nzt-ray: cf87872740748a00c0ff8d65a8a75018
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: BwRWek_memvl-WuyC_WpTPqfRRLEwG46_Ddem12vDUhlkB3lG8Anvw==

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CMWjyd2fs4MDFQBRHgIdLuQPnA;src=10568435;type=daily0;cat=daily0;qty=1;cost=;ord=1;~oref=https://tags.tiqcdn.com/ Frame 24F2 194 B
515 B 316ms
111ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CMWjyd2fs4MDFQBRHgIdLuQPnA;src=10568435;type=daily0;cat=daily0;qty=1;cost=;ord=1;~oref=https://tags.tiqcdn.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMWjyd2fs4MDFQBRHgIdLuQPnA;src=10568435;type=daily0;cat=daily0;qty=1;cost=;ord=1;~oref=https://tags.tiqcdn.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 23:07:44 GMT
expires: Thu, 28 Dec 2023 23:07:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 206 file
uc5c46d93e05d9dfdb59c86632c0.dl.dropboxusercontent.com/cd/0/inline/CKRCczRc8a86OartnH-K0ERSu9vPhr6crRwXZ7uDP7u3LJNry6uQQ1sKWBNDle3iS-PoWDmddt6SNRBytKTC-r_dBktgWPduvpJIUPWa_G-NxPf2qGS-jQJWRwY4Aw1XnN... 60 KB
60 KB 368ms
367ms Media
video/mp4 2620:100:6022:15::a27d:420f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:100:6022:15::a27d:420f , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

85362e227df44f2bde4c5121142fe13ba32df27e94ad47621d09919dd35f1957

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://staging2.mindshift.works/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=7176192-

Response headers

content-security-policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date: Thu, 28 Dec 2023 23:07:44 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dropbox-request-id: 18d020b718fb47ebbfa56caf088567ed
Content-Range: bytes 7176192-7237876/7237877
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="Mind Shift - It's True.mp4"; filename*=UTF-8''Mind%20Shift%20-%20It%27s%20True.mp4
Content-Length: 61685
pragma: public
referrer-policy: no-referrer
server: envoy
etag: 1683205073562142d
vary: Origin
content-type: video/mp4
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noimageindex

GET
H2 200 remediation-tool-free.js Show response
cdn.userway.org/remediation/free/ 27 KB
11 KB 33ms
33ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1703682904009
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e4412b67eb8c67e19774da629f747a1cca29d89af2d93b30ca50dc7e3106437b

Request headers

Referer: https://staging2.mindshift.works/
Origin: https://staging2.mindshift.works
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 28 Dec 2023 23:07:44 GMT
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 121222
x-amz-cf-pop: FRA60-P3
age: 488
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703683642
x-77-nzt: EgwBnJIhiwH3htkBAAwBJRPCKAH3EQAAAA
x-accel-expires: @1729603625
x-77-age: 121239
x-cache-lb: HIT
last-modified: Wed, 27 Dec 2023 13:17:38 GMT
server: CDN77-Turbo
etag: W/"29cb57a634f3d6ed3e17dfdec2e09c32"
x-77-nzt-ray: cf87872740748a00c0ff8d6552933e36
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: ka4ll7FxuM4Iy-igtlK4m2xCuND3Z8tTfNDq8HzVOfObv6k2dJ2vvg==

GET
H2 200 metropolis.css
cdn.userway.org/widgetapp/bundles/metropolis/ 3 KB
1 KB 123ms
122ms Stylesheet
text/css 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/bundles/metropolis/metropolis.css
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3c9b2546474b23e9b9fb6eaaee23fff3a1464ea07c5553b7c288a99c14a090bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 28 Dec 2023 23:07:45 GMT
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 120981
x-amz-cf-pop: FRA60-P3
age: 4
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703683884
x-77-nzt: EgwBnJIhiwH3ldgBAAwBJRPCLgH3/gAAAA
x-accel-expires: @1729603630
x-77-age: 121235
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"a9fd0851d40346bf1a0b55329b2b745c"
x-77-nzt-ray: cf878727a67fdafec1ff8d65443be700
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: text/css
x-amz-cf-id: ok-1Vh426Xy1ADbDFA7_DNKGhph98xr50SvqXUqSOoxuixpL5VTsRQ==

GET
H2 200 metropolis.css
cdn.userway.org/widgetapp/bundles/metropolis/ Frame CAB7 3 KB
1 KB 124ms
123ms Stylesheet
text/css 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/bundles/metropolis/metropolis.css
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3c9b2546474b23e9b9fb6eaaee23fff3a1464ea07c5553b7c288a99c14a090bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 28 Dec 2023 23:07:45 GMT
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 120981
x-amz-cf-pop: FRA60-P3
age: 4
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703683884
x-77-nzt: EgwBnJIhiwH3ldgBAAwBJRPCLgH3/gAAAA
x-accel-expires: @1729603630
x-77-age: 121235
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"a9fd0851d40346bf1a0b55329b2b745c"
x-77-nzt-ray: cf878727a67fdafec1ff8d65215dec00
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: text/css
x-amz-cf-id: ok-1Vh426Xy1ADbDFA7_DNKGhph98xr50SvqXUqSOoxuixpL5VTsRQ==

GET
H2 200 metropolis.css
cdn.userway.org/widgetapp/bundles/metropolis/ Frame 40E8 3 KB
1 KB 124ms
124ms Stylesheet
text/css 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/bundles/metropolis/metropolis.css
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3c9b2546474b23e9b9fb6eaaee23fff3a1464ea07c5553b7c288a99c14a090bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 28 Dec 2023 23:07:45 GMT
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 120981
x-amz-cf-pop: FRA60-P3
age: 4
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703683884
x-77-nzt: EgwBnJIhiwH3ldgBAAwBJRPCLgH3/gAAAA
x-accel-expires: @1729603630
x-77-age: 121235
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"a9fd0851d40346bf1a0b55329b2b745c"
x-77-nzt-ray: cf878727a67fdafec1ff8d65e8f0f000
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: text/css
x-amz-cf-id: ok-1Vh426Xy1ADbDFA7_DNKGhph98xr50SvqXUqSOoxuixpL5VTsRQ==

GET
H2 200 metropolis.css
cdn.userway.org/widgetapp/bundles/metropolis/ Frame 9A0B 3 KB
1 KB 125ms
125ms Stylesheet
text/css 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/bundles/metropolis/metropolis.css
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3c9b2546474b23e9b9fb6eaaee23fff3a1464ea07c5553b7c288a99c14a090bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 28 Dec 2023 23:07:45 GMT
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 120981
x-amz-cf-pop: FRA60-P3
age: 4
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703683884
x-77-nzt: EgwBnJIhiwH3ldgBAAwBJRPCLgH3/gAAAA
x-accel-expires: @1729603630
x-77-age: 121235
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"a9fd0851d40346bf1a0b55329b2b745c"
x-77-nzt-ray: cf878727a67fdafec1ff8d654c4af600
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: text/css
x-amz-cf-id: ok-1Vh426Xy1ADbDFA7_DNKGhph98xr50SvqXUqSOoxuixpL5VTsRQ==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 126ms
126ms Image
image/svg+xml 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 28 Dec 2023 23:07:45 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 121225
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703683640
x-77-nzt: EgwBnJIhiwH3idkBAAwB1GY4AQH3DQAAAA
x-accel-expires: @1729603627
x-77-age: 121238
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: cf878727a67fdafec1ff8d650efdfa00
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: ZL649E0QdMZlWAfOdRosRzRiYkEQKybpSpRIowAqFvlFF-sdpCd_wQ==

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 250D 0
60 B 140ms
46ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vpnbszd&ref=https%3A%2F%2Fstaging2.mindshift.works%2F&upid=hcat9pu&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tags.tiqcdn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Thu, 28 Dec 2023 23:07:45 GMT
server: Kestrel

GET
H2 200 p Show response
i.simpli.fi/ Frame 6A53 800 B
763 B 55ms
34ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=300080&cb=sifi_att_1366588._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/8403d900-38c1-0139-84b7-06b4c2516bae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 56478be5e210d56e090da41b42063d7227cab3bb2be7054e01391ef015aa2aae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 23:07:45 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Metropolis-Medium.otf
cdn.userway.org/widgetapp/bundles/metropolis/ 23 KB
23 KB 35ms
34ms Font
font/otf 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/bundles/metropolis/Metropolis-Medium.otf
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/bundles/metropolis/metropolis.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9110dda4baca06a6615fe50c473de0945a557dc53476e39efbf5b53c97f7a6d1

Request headers

Referer: https://cdn.userway.org/widgetapp/bundles/metropolis/metropolis.css
Origin: https://staging2.mindshift.works
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 28 Dec 2023 23:07:45 GMT
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-age-lb: 120962
x-amz-cf-pop: FRA60-P3
age: 3
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703683903
content-length: 23240
x-77-nzt: EgwBnJIhiwH3gtgBAAwB1GY4mQH3EQEAAA
x-accel-expires: @1729603630
x-77-age: 121235
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: "f4bca87fd0d19e61c27dc96299c75f8c"
x-77-nzt-ray: cf87872740748a00c1ff8d6588498903
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: font/otf
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: Do5STLHJTxT4_Qvt4Q8-9EU2kBWOV6E9hys2-YAYU12HG9DEVcEwpw==

GET
H2

204

/
s.ad.smaato.net/c/ Frame 6A53
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=2EB6B470A48D45F79E9530E99576B326

0
236 B

123ms
51ms

Image
text/plain

2600:9000:25e8:6800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=2EB6B470A48D45F79E9530E99576B326
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Server: 2600:9000:25e8:6800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:45 GMT
cache-control: no-cache, must-revalidate
via: 1.1 72aa637991c46f23f831d2a4b7cb6c9a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-P3
x-amz-cf-id: bwPMwmS34IN8GkI1SBB19qgy6ouh-QjqNoAA1Kywp45y0y0tIV2VhA==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=2EB6B470A48D45F79E9530E99576B326
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 27 Dec 2023 23:07:45 GMT

GET
H2

200

RX-7db15ba0-3b96-4287-832c-7c5392d4b93b-003
sync.targeting.unrulymedia.com/csync/ Frame 6A53
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/2EB6B470A48D45F79E9530E99576B326
https://sync.1rx.io/usersync/simplifi/2EB6B470A48D45F79E9530E99576B326?zcc=1&cb=1703804865391
https://sync.targeting.unrulymedia.com/csync/RX-7db15ba0-3b96-4287-832c-7c5392d4b93b-003

43 B
378 B

107ms
32ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-7db15ba0-3b96-4287-832c-7c5392d4b93b-003
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:45 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-7db15ba0-3b96-4287-832c-7c5392d4b93b-003
pragma: no-cache
date: Thu, 28 Dec 2023 23:07:45 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/ Frame 6A53
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=2EB6B470A48D45F79E9530E99576B326&dongle=yf3

37 B
140 B

94ms
29ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=2EB6B470A48D45F79E9530E99576B326&dongle=yf3
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=2EB6B470A48D45F79E9530E99576B326&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 27 Dec 2023 23:07:45 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/ Frame 6A53
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=2EB6B470A48D45F79E9530E99576B326

43 B
175 B

398ms
127ms

Image
image/gif

2600:1f18:612b:4232:58cc:8374:e56e:ee96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=2EB6B470A48D45F79E9530E99576B326
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Server: 2600:1f18:612b:4232:58cc:8374:e56e:ee96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 28 Dec 2023 23:07:45 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=2EB6B470A48D45F79E9530E99576B326
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 27 Dec 2023 23:07:45 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 6A53
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=2EB6B470A48D45F79E9530E99576B326
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=2EB6B470A48D45F79E9530E99576B326

95 B
428 B

39ms
38ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=2EB6B470A48D45F79E9530E99576B326

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=2EB6B470A48D45F79E9530E99576B326
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/ Frame 6A53
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=2EB6B470A48D45F79E9530E99576B326
https://d.agkn.com/pixel/10751/?che=1703804865292&ip=193.32.248.233&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216663104744005301606
https://um.simpli.fi/aa_px?sk=216663104744005301606
https://um.simpli.fi/empty.gif

43 B
361 B

33ms
33ms

Image
image/gif

35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 6A53
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=2EB6B470A48D45F79E9530E99576B326

0
0

168ms
48ms

Image
text/html

52.84.45.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=2EB6B470A48D45F79E9530E99576B326
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Server: 52.84.45.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-45-20.mrs52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=2EB6B470A48D45F79E9530E99576B326
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 27 Dec 2023 23:07:45 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 6A53 43 B
409 B 34ms
33ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 27 Dec 2023 23:07:45 GMT

GET
H2 200 freewheel
um.simpli.fi/ Frame 6A53 43 B
409 B 35ms
34ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 27 Dec 2023 23:07:45 GMT

GET
H2

451

400646.gif
idsync.rlcdn.com/ Frame 6A53
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=2EB6B470A48D45F79E9530E99576B326;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=2EB6B470A48D45F79E9530E99576B326;mimetype=img;sr
https://idsync.rlcdn.com/400646.gif?partner_uid=8217540167323763594

0
42 B

37ms
36ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400646.gif?partner_uid=8217540167323763594
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:45 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 23:07:44 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://idsync.rlcdn.com/400646.gif?partner_uid=8217540167323763594
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/ Frame 6A53
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=2EB6B470A48D45F79E9530E99576B326&j=0

0
93 B

1175ms
1046ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=2EB6B470A48D45F79E9530E99576B326&j=0
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:46 GMT
server: nginx
server-timing: total;dur=1.000
etag: "60ec6d76-0"

Redirect headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=2EB6B470A48D45F79E9530E99576B326&j=0
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 27 Dec 2023 23:07:45 GMT

GET
H2 200 yahoo
um.simpli.fi/ Frame 6A53 43 B
409 B 35ms
35ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 27 Dec 2023 23:07:45 GMT

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 6A53
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=2EB6B470A48D45F79E9530E99576B326

0
421 B

536ms
119ms

Image
text/plain

52.70.181.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=2EB6B470A48D45F79E9530E99576B326
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: HTTP/1.1
Server: 52.70.181.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-181-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 28 Dec 2023 23:07:45 GMT

Redirect headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=2EB6B470A48D45F79E9530E99576B326
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 27 Dec 2023 23:07:45 GMT

GET
H2

200

29931
stags.bluekai.com/site/ Frame 6A53
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=2EB6B470A48D45F79E9530E99576B326

62 B
445 B

272ms
184ms

Image
image/gif

2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=2EB6B470A48D45F79E9530E99576B326
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 28 Dec 2023 23:07:45 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=2EB6B470A48D45F79E9530E99576B326
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 27 Dec 2023 23:07:45 GMT

GET
H2

404

tpid=2EB6B470A48D45F79E9530E99576B326
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Frame 6A53
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=2EB6B470A48D45F79E9530E99576B326

49 B
264 B

156ms
46ms

Image
image/gif

54.170.64.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=2EB6B470A48D45F79E9530E99576B326
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Server: 54.170.64.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-64-73.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 23:07:45 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.4.1
content-length: 49
expires: 0

Redirect headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=2EB6B470A48D45F79E9530E99576B326
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 27 Dec 2023 23:07:45 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 6A53
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=2EB6B470A48D45F79E9530E99576B326

0
311 B

108ms
33ms

Image
text/plain

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=2EB6B470A48D45F79E9530E99576B326
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: HTTP/1.1
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Thu, 28 Dec 2023 23:07:45 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=2EB6B470A48D45F79E9530E99576B326
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 27 Dec 2023 23:07:45 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/ Frame 6A53
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=2EB6B470A48D45F79E9530E99576B326

0
98 B

118ms
38ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=2EB6B470A48D45F79E9530E99576B326
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:45 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=2EB6B470A48D45F79E9530E99576B326
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 27 Dec 2023 23:07:45 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/ Frame 6A53
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1703804865044&cv=7&fst=1703804865044&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1905226863&cv=7&fst=1703804865044&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1905226863&cv=7&fst=1703804865044&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI67eH3...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1905226863&cv=7&fst=1703804865044&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI67eH3p...

42 B
154 B

87ms
86ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1905226863&cv=7&fst=1703804865044&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI67eH3p-zgwMVior9Bx0exwCB&is_vtc=1&ocp_id=wf-NZavTDIqV9u8Pno6DiAg&cid=CAQSKQAvHhf_Lrw7VbHnczwx53PLVwyJvfpFjZCjyHlHXk4YGA-oDgWsgqfb&random=3223377265&ipr=y

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 23:07:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 23:07:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1905226863&cv=7&fst=1703804865044&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI67eH3p-zgwMVior9Bx0exwCB&is_vtc=1&ocp_id=wf-NZavTDIqV9u8Pno6DiAg&cid=CAQSKQAvHhf_Lrw7VbHnczwx53PLVwyJvfpFjZCjyHlHXk4YGA-oDgWsgqfb&random=3223377265&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ Frame 6A53 0
272 B 36ms
36ms Image
text/plain 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/ Frame 6A53
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=2EB6B470A48D45F79E9530E99576B326
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D2EB6B470A48D45F79E9530E99576B326

43 B
902 B

34ms
33ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D2EB6B470A48D45F79E9530E99576B326

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 23:07:45 GMT
an-x-request-uuid: 5d7f6c04-fe9d-4b09-95e3-4af662647849
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.233; 193.32.248.233; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 23:07:45 GMT
an-x-request-uuid: 9664ae1f-6ba3-4514-8379-d654320a80d4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D2EB6B470A48D45F79E9530E99576B326
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.233; 193.32.248.233; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 6A53
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=2EB6B470A48D45F79E9530E99576B326&expires=365

0
239 B

123ms
30ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=2EB6B470A48D45F79E9530E99576B326&expires=365
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5e091a4bda7cb1b96cf60040ae4e8596
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=2EB6B470A48D45F79E9530E99576B326&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 27 Dec 2023 23:07:45 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6A53
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=2EB6B470A48D45F79E9530E99576B326

43 B
264 B

117ms
37ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=2EB6B470A48D45F79E9530E99576B326
Requested by: Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 23:07:45 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=2EB6B470A48D45F79E9530E99576B326
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 27 Dec 2023 23:07:45 GMT

GET
H2

204

g_match
um.simpli.fi/ Frame 6A53
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEK9nLSblPz-ohJiMaHqaMIk&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2EB6B470A48D45F79E9530E99576B326
https://um.simpli.fi/g_match?id=

0
320 B

33ms
33ms

Image
text/plain

35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Host: staging2.mindshift.works
URL: https://staging2.mindshift.works/

Protocol

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 27 Dec 2023 23:07:45 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 23:07:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 status Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fstaging2.mindshift.works%2F/DESKTOP/WIDGET_OFF/ 77 B
454 B 226ms
226ms Fetch
application/json 2600:1f14:5db:eb22:1b92:58e:a003:800b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fstaging2.mindshift.works%2F/DESKTOP/WIDGET_OFF/status
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:1b92:58e:a003:800b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 55bdb1700149e5204204c06b154ee3d44990039e1227e75da7193378d160de01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging2.mindshift.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:07:50 GMT
etag: W/"4d-LFMdxGwYZe/xj6Qk5mJ4pvoM+ew"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 77
x-service-version: seo-w-809f5266

GET
H2 200 scan_1703682904009.js Show response
cdn.userway.org/widgetapp/2023-12-27-13-15-04/scan/ 53 KB
14 KB 34ms
33ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/scan/scan_1703682904009.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 771b265798b85ee594754f3c9ff0fc845c2e287b6742181a4855d891b3ef1ac4

Request headers

Referer: https://staging2.mindshift.works/
Origin: https://staging2.mindshift.works
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 28 Dec 2023 23:07:50 GMT
via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 121161
x-amz-cf-pop: FRA60-P3
age: 485
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703683709
x-77-nzt: EgwBnJIhiwH3SdkBAAwB1GY4AQH3TAAAAA
x-accel-expires: @1729603633
x-77-age: 121237
x-cache-lb: HIT
last-modified: Wed, 27 Dec 2023 13:17:33 GMT
server: CDN77-Turbo
etag: W/"5f3ef1d42a27c5de1d1c341f70d833e7"
x-77-nzt-ray: cf87872740748a00c6ff8d65baffeb08
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: ZnRmNABtBQHad9xQ5SwLff9FuBeRfvcaYTanU4o3zzyEFVUxEwj8Bg==

OPTIONS contrib
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fstaging2.mindshift.works%2F/DESKTOP/ Frame 0
0

PUT contrib
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fstaging2.mindshift.works%2F/DESKTOP/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.userway.org
URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fstaging2.mindshift.works%2F/DESKTOP/contrib

Domain: api.userway.org
URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fstaging2.mindshift.works%2F/DESKTOP/contrib

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mindshift.works/	1970-01-21 02:52:44	Name: _ga_YYJCCLC9NJ Value: GS1.1.1703804863.1.0.1703804863.60.0.0
.mindshift.works/	1970-01-21 02:52:44	Name: _ga Value: GA1.1.168573003.1703804863
www.dropbox.com/	1970-01-21 02:52:44	Name: gvc Value: MjI4MzQ3NjgzMTg3NTYzNzc5MDQ3ODM2NzExNjY3MjE1NDkzODQy
.dropbox.com/	1970-01-21 02:52:44	Name: t Value: tU1xQW_vU64faEJSCx9t8z5t
www.dropbox.com/	1970-01-21 02:52:44	Name: __Host-js_csrf Value: tU1xQW_vU64faEJSCx9t8z5t
staging2.mindshift.works/	1969-12-31 23:59:59	Name: nitroCachedPage Value: 0
.mindshift.works/	1970-01-20 19:26:20	Name: _fbp Value: fb.1.1703804863576.356118167
.mindshift.works/	1970-01-21 02:02:20	Name: a_ps_main Value: v_id:018cb2af04fb005d908a035c9a3403074002106c00b08$_sn:1$_ss:1$_st:1703806663740$ses_id:1703804863740%3Bexp-session$_pn:1%3Bexp-session
www.dropbox.com/	1969-12-31 23:59:59	Name: __Host-logged-out-session Value: ChA5s5%2FWXUq9gxl2YxntjVZkEL%2F%2Ft6wGGi5BSW5hdnV1ZXVFblVSYkZTMEZ2WndLTkJvVkg2X2IzMW1teFB0NGV1ckxIbm13
.dropbox.com/	1970-01-21 02:52:44	Name: locale Value: de
.simpli.fi/	1970-01-21 02:03:47	Name: suid Value: 2EB6B470A48D45F79E9530E99576B326
.dropboxusercontent.com/	1969-12-31 23:59:59	Name: uc_session Value: D0GMoH86asXnwk0gVDHkSmCuS2oohBRdQHqBPajUL8YUD86s6rGN7tghouMiv9fc
.simpli.fi/	1970-01-20 17:26:49	Name: uid_syncd_secure Value: true
.agkn.com/	1970-01-21 02:02:20	Name: ab Value: 0001%3ApxO3sXuERpgOwLzeNo4THAmP5m3IFpx2
.tapad.com/	1970-01-20 18:43:08	Name: TapAd_TS Value: 1703804865291
.tapad.com/	1970-01-20 18:43:08	Name: TapAd_DID Value: 0291a0a4-5cef-48db-a8db-a9c31d969442
.tapad.com/	1970-01-20 18:43:08	Name: TapAd_3WAY_SYNCS Value:
.1rx.io/	1970-01-21 02:02:20	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-7db15ba0-3b96-4287-832c-7c5392d4b93b-003%22%7D
.adnxs.com/	1970-01-20 19:26:20	Name: uuid2 Value: 8908465301430940890
.agkn.com/	1970-01-21 02:02:20	Name: u Value: C\|0AAAAAAAALSC8QQAAAAAA
.adnxs.com/	1970-01-20 19:26:20	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2Hc#x<@FN!@wnfH8KW.dG5<#Z0wFPEIMI6H[$5?nJ9=bEtCoNFpmNFG5'FxH[^NKE3z=gx:W@i(j#iP(Md+>)fy*i7w'_3
.doubleclick.net/	1970-01-21 02:38:20	Name: IDE Value: AHWqTUl6TtProxOhwNkgzhvQmO_d_XJqVT12XWDUauaoEof2r5xCvm5LZdoD9XbB
.targeting.unrulymedia.com/	1970-01-21 02:02:20	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-7db15ba0-3b96-4287-832c-7c5392d4b93b-003%22%7D
.pro-market.net/	1970-01-20 21:35:56	Name: anProfile Value: "1qfl6vh7kwuq2+1+1f=1+1g=1+1j=41+rs=s+rt=2A031B20000BF011000000000000003E+s2=(s6eg8x)+vm=24-2EB6B470A48D45F79E9530E99576B326"
.pro-market.net/	1970-01-20 17:59:56	Name: anHistory Value: "1qfl6vh7kwuq2+2+!#7%/&(#f~B"
.bluekai.com/	1970-01-20 21:40:16	Name: bku Value: blx991cdMVPAWAQs
.bluekai.com/	1970-01-20 21:40:16	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEJaxMjYBezyxExTHexNHMz8HEAN1pOamEANBpjY1p/t9y9GFyrB
.bfmio.com/	1970-01-21 02:02:20	Name: __141_cid Value: 2EB6B470A48D45F79E9530E99576B326
.bfmio.com/	1970-01-21 02:02:20	Name: __io_cid Value: 088b0f951da9c618d2e1de9727707679a5ed6aa0

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/access-point-logo.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://staging2.mindshift.works/wp-content/uploads/2022/11/access-point-logo.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=2EB6B470A48D45F79E9530E99576B326 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=2EB6B470A48D45F79E9530E99576B326 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=2EB6B470A48D45F79E9530E99576B326 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/400646.gif?partner_uid=8217540167323763594 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10568435.fls.doubleclick.net
aa.agkn.com
adservice.google.com
adservice.google.de
api.userway.org
assets9.lottiefiles.com
bcp.crwdcntrl.net
cdn.userway.org
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
js.hsforms.net
loadm.exelator.com
pixel.rubiconproject.com
pixel.tapad.com
pubads.g.doubleclick.net
region1.analytics.google.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
staging2.mindshift.works
stags.bluekai.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.simpli.fi
tags.tiqcdn.com
uc5c46d93e05d9dfdb59c86632c0.dl.dropboxusercontent.com
um.simpli.fi
us-u.openx.net
www.dropbox.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
api.userway.org
13.248.245.213
142.250.185.130
142.250.185.98
142.250.74.198
185.89.211.12
2.23.197.190
2001:4860:4802:32::36
216.52.2.39
2600:1901:0:8eee::
2600:1f14:5db:eb22:1b92:58e:a003:800b
2600:1f18:612b:4232:58cc:8374:e56e:ee96
2600:9000:218e:8400:2:49a2:4500:93a1
2600:9000:238d:b200:7:2bfb:7c00:93a1
2600:9000:25e8:6800:1b:5138:8a40:93a1
2606:4700::6810:8bce
2606:4700::6811:cff9
2606:4700::6811:eff9
2620:100:6022:15::a27d:420f
2620:100:6022:18::a27d:4212
2a00:1450:4001:801::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:400c:c02::9a
2a02:6ea0:c700::18
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.67.157.211
34.111.113.62
34.98.64.218
35.156.234.34
35.204.158.49
35.204.89.238
35.209.89.182
35.244.174.68
35.71.131.137
46.228.174.117
52.70.181.24
52.84.45.20
54.170.64.73
54.78.254.47
65.9.65.116
69.173.144.138
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
253da3174fd517b8b572319807f488b09d2d8c73f0a654361b493fd6b72cc3b1
275b4d326624f5b222e49f156ac207b74aa332522c12132b87b06bcecfe14972
276662e110fad855454153d5fde5a3296b10aab94f455b342dbd5bd920460bed
2a2a028c4a8cdb87a9f48383cddb72f3cc5009c8f5d5c74e4da9e34ce68b97cc
2b77f73a165daca0d690e42c3a92db9915003d2d9b69b2136a97a2abb4accc9c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
345c78b09ad4fee5533cfcccc2145604a5c6b7eeb0698e848d6491689466c293
3c9b2546474b23e9b9fb6eaaee23fff3a1464ea07c5553b7c288a99c14a090bd
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f1959624654bbc33c6a20dd4217b883576e81b9ec0cbb729dea0a89f95753f2
3ff554c47d941e0994b9f8f3a0555c20e63efa7a26ec590fade28b448fc9c1d8
456151b41203e3ae310ad73b9f4034f21436f22b045f1896c7baf652f16d7883
45c36cbaeb661765a9da4f571691138f84f9025ccaf343bd4a4443688f8814dc
48036a7905f6ca739c6036dca93b47a71de7e5c18f0bb11cb87fe16520fcb896
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4db7aa8722a5eae983e7cf05c8b3b3b9ee266c60c8ff1f0f9082e2e2fd6ccda5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
507703c835472c0e9214a9febc59ec226b34e29215efef235f44dc69bb8d385c
50e5c7497c8a6bf4c9627595860dabc36cddbe19c834b8bf21a0a3810b262913
55bdb1700149e5204204c06b154ee3d44990039e1227e75da7193378d160de01
56478be5e210d56e090da41b42063d7227cab3bb2be7054e01391ef015aa2aae
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56
5e5c845f6882c5d5d3c47486991c060c21c8d6a62d4ce457f90034398e0adc46
627b4a58932c8d34a3ebfa28c902c053418d3d73084d4f1a2f2bfefe3e754305
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6ac127e741f127405daf84fde3b9203dfe51c091983a79077b911d4018ec8e54
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
76ad329c7eb1653bc989f9bce788b52fb907e95c2aa1771f6227b4f0d5d9f1ee
771b265798b85ee594754f3c9ff0fc845c2e287b6742181a4855d891b3ef1ac4
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5
7f9b3c2ae11649bad156211a333dee771f626e5a307a5cd2ba5d22aa98576b38
85362e227df44f2bde4c5121142fe13ba32df27e94ad47621d09919dd35f1957
862bece869ba31d680b34178ee7b73879e8c108c73db52632d2c5708061c9044
87f4a77fead96866c029b5aee349ccc3651a8c6abb4e4b8a16af79b99a26b624
886e418366e8278b483a671d924865cd52b18c371b5d5d024f40705106519775
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
9110dda4baca06a6615fe50c473de0945a557dc53476e39efbf5b53c97f7a6d1
9252f19485343309d8fe54b27f50761edd22ef1f279e0378f3862eef5aa8999b
94c120ebf5e3ce95eb7b3ead399e4f91266c08a740ce222001a4378726afb8e0
9ee3700f1259f173fab8ebc32ded5d9148d99eda18ec626763391dc0eb12f470
9ef1f71258f99d7fc0182fddb9bd1b9b5190e790a85b03b6bc7a9a049ab023b0
9ff6ff476715793188251c400a8fb21cc7a9849db6d51d43a3ed0192f23f9647
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a429971385f1ff7abaae61ef0d6c35322b919bc8305b169c127c8d64e66b91b3
a4827fccd3ff0c13397818f4e01f0cdfc2b746d56a1ef7210cea2f82e27d8e51
a950acaf36a992ca746cce6b055dfa1c96ae49a37b0c3e9d00fce2dfba2adaaf
aa47f9dc415d312fc59a2e3e42059c0735ac38811c406eb107c3c12638c7e843
aff9a4042a6cc2563343d385c1fd97c621382ab3faee61757deb169a2239cf57
b131ca65767778e4dbc1da8eb39c1ceebb9df40b3e67d38c1a8c2e8d6d672649
b29113ac1e892e34a8b8b3b2fbcfd8b2acad7bc6e7511558382386745c5f9da7
b39bdadd90378180927c19f1343682602e430b54f3fc7523c5ac4f46ffd67bc7
b6a1d776cf96e2276e9a972b16ded0120885439bb531724c7ed4d73842de9591
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc2e1c7db0ffa63e5333bc3771c96bf5c5d704332d79dfcfbff8bc16187b1abf
c0ef3fa56f0681e394dab2c2f4799bcdbdfb10d328627e0876a37fa02ef7a8b6
c373a66e764a9e277eb544a0615b9136f65b5d33919f7ed50cb8c2edbe97c348
c3eecfa0e64d677630d9d2368ae5c901788d6d513fc70995c17043d04a9fc12a
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c605bc5c91e280fc8f46ac58596d56e343bd235389c1418ed479cff7c3224042
c89db97d2ec907778e2eafe1ff19d795741383cdbd60a28a48423ed9f003b220
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d82adacff4fe623028c5452a3ae0e5dbaf1fc6c14c3659890f30ad05ce7e6120
d869c3bb009030e447478546bba8475c8fe6f07b36a993759fc2515f0017d276
d9cc81f349157260d5a361f4f1b7a2f1195549f923d5ec53888b8496c988b159
db3d5db13dbfc1cf66f231ba462b834fcd6b862f34b0b5040bfa0cc28c74a8a2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
deb237760717c3e2bf7cc6d9b04962f2c597c02eafd5df6e3e51884fd82491dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bec07f247361ab0e35c7c16292addb16d076a0718d9bd6c31ef6a6a7162ac4
e4412b67eb8c67e19774da629f747a1cca29d89af2d93b30ca50dc7e3106437b
e865878a19ebe3e0b5c40598fad90b5e9696323ff98de316ff416143856a3af7
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb6398a0114471edabc6249e08a1bee85f0df4c7176b379912020b2cda9ad577
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc907532d511c6d1d5a1ce92aaa3ef48fa7b75729b6d32afe3e3b415717d95e1
fef48719eaa745024d0b801254bd0fc8907d2eae226fb77b8550bce864ebd33b

staging2.mindshift.works Open in urlscan Pro 35.209.89.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

80 %HTTPS

51 %IPv6

36 Domains

49 Subdomains

40 IPs

6 Countries

3478 kBTransfer

10509 kBSize

29 Cookies

7 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

staging2.mindshift.works Open in urlscan Pro
35.209.89.182 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

80 %
HTTPS

51 %
IPv6

36
Domains

49
Subdomains

40
IPs

6
Countries

3478 kB
Transfer

10509 kB
Size

29
Cookies

109 HTTP transactions
6 data transactions