true.org Open in urlscan Pro
160.153.0.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://public-usa.mkt.dynamics.com/api/orgs/810d5475-865d-4396-ba9b-ab92d37dbc10/r/lQZTSNUej0CooATjNsGvrAEAAAA?target=%7B%22TargetU...
Effective URL:
https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&...
Submission: On September 26 via manual (September 26th 2023, 4:53:59 pm UTC) from GB — Scanned from GB

Summary HTTP 80 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 16 domains to perform 80 HTTP transactions. The main IP is 160.153.0.50, located in Scottsdale, United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is true.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 12th 2022. Valid for: a year.

This is the only time true.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.146.76.30 52.146.76.30	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	160.153.0.50 160.153.0.50	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:58b::38f3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
4	52.146.74.72 52.146.74.72	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.159.151.194 52.159.151.194	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
6	20.50.73.11 20.50.73.11	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	40.71.0.179 40.71.0.179	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
80	21

1 52.146.76.30 (Washington, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

public-usa.mkt.dynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 160.153.0.50 (Scottsdale, United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: 50.0.153.160.host.secureserver.net

true.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

mktdplp102cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

web.powerva.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:58b::38f3 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

shellprod.msocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

content.powerapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.146.74.72 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

fae1dd635d1fefda87c9266b509b32.1a.environment.api.powerplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.159.151.194 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

8bc91f758c7141ce8bd80bb6f79532bf.svc.dynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 20.50.73.11 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eu-mobile.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 40.71.0.179 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

unitedstates.directline.botframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

bot-framework.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	powerapps.com content.powerapps.com — Cisco Umbrella Rank: 12168	1 MB
13	true.org true.org	767 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	216 KB
7	microsoft.com web.powerva.microsoft.com — Cisco Umbrella Rank: 633460 eu-mobile.events.data.microsoft.com — Cisco Umbrella Rank: 1626	5 KB
4	botframework.com unitedstates.directline.botframework.com — Cisco Umbrella Rank: 355151	2 KB
4	powerplatform.com fae1dd635d1fefda87c9266b509b32.1a.environment.api.powerplatform.com	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	21 KB
3	azureedge.net mktdplp102cdn.azureedge.net — Cisco Umbrella Rank: 87194 bot-framework.azureedge.net — Cisco Umbrella Rank: 78979	8 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	199 KB
3	dynamics.com 1 redirects public-usa.mkt.dynamics.com — Cisco Umbrella Rank: 274971 8bc91f758c7141ce8bd80bb6f79532bf.svc.dynamics.com	1 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	5 KB
2	gstatic.com fonts.gstatic.com	60 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 11	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368	601 B
1	msocdn.com shellprod.msocdn.com — Cisco Umbrella Rank: 30479	39 KB
80	16

	Domain	Requested by
18	content.powerapps.com	web.powerva.microsoft.com content.powerapps.com
13	true.org	true.org
8	pagead2.googlesyndication.com	true.org pagead2.googlesyndication.com tpc.googlesyndication.com
6	eu-mobile.events.data.microsoft.com	content.powerapps.com
4	unitedstates.directline.botframework.com	content.powerapps.com
4	fae1dd635d1fefda87c9266b509b32.1a.environment.api.powerplatform.com	content.powerapps.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.googletagmanager.com	true.org www.googletagmanager.com
2	8bc91f758c7141ce8bd80bb6f79532bf.svc.dynamics.com	true.org
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	mktdplp102cdn.azureedge.net	true.org
2	fonts.googleapis.com	true.org
1	bot-framework.azureedge.net
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	shellprod.msocdn.com	web.powerva.microsoft.com
1	web.powerva.microsoft.com	true.org
1	public-usa.mkt.dynamics.com	1 redirects
80	21

This site contains links to these domains. Also see Links.

Domain
shop.true.org
www.linkedin.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
true.org Cloudflare Inc ECC CA-3	`2022-12-12` - `2023-12-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
web.powerva.microsoft.com Microsoft Azure TLS Issuing CA 06	`2023-07-16` - `2024-06-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.msocdn.com Microsoft Azure ECC TLS Issuing CA 05	`2023-05-03` - `2024-04-27`	a year	crt.sh
content.powerapps.com Microsoft Azure TLS Issuing CA 05	`2023-09-01` - `2024-06-27`	10 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
10.environment.api.powerplatform.com Microsoft Azure TLS Issuing CA 06	`2023-09-02` - `2024-06-27`	10 months	crt.sh
*.svc.dynamics.com Microsoft Azure TLS Issuing CA 05	`2023-07-10` - `2024-06-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-09-12` - `2024-06-27`	10 months	crt.sh
ssl.roles.botframework.com DigiCert SHA2 Secure Server CA	`2023-07-16` - `2024-07-16`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email
Frame ID: D580BC339CAC53221B950AA0790BDCFD
Requests: 36 HTTP requests in this frame

Frame: https://web.powerva.microsoft.com/environments/fae1dd63-5d1f-efda-87c9-266b509b321a/bots/cr76f_True/webchat?__version__=2
Frame ID: E27995A51DA03F65A7AE9479AB6795E1
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230921/r20190131/zrt_lookup.html
Frame ID: 7E17A84E3FFF56C599A844C07B486F8A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5392809461646691&output=html&adk=1812271804&adf=3025194257&lmt=1695645789&plat=1%3A16777216%2C2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l&format=0x0&url=https%3A%2F%2Ftrue.org%2F%3Futm_source%3DDynamics%2520365%2520Customer%2520Insights%2520-%2520Journeys%26utm_medium%3Demail%26utm_term%3DN%252FA%26utm_campaign%3Dinitial%2520email%26utm_content%3Dnew%2520intro%2520email%23msdynmkt_trackingcontext%3D48530695-1ed5-408f-a8a0-04e336c1afac&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695747233270&bpp=3&bdt=455&idt=533&shv=r20230921&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6431411501210&frm=20&pv=2&ga_vid=977298695.1695747233&ga_sid=1695747234&ga_hid=884679062&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078145%2C31076996%2C31078134&oid=2&pvsid=4202964151701411&tmod=1296019725&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=557
Frame ID: AD2E3296A237251DE5FA7BBCFC568023
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2EF07FCF6042D9A5A206D9FF7C6E2634
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 88C77EFA2851D261711447A93FB7EFFC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

True.Org – Empowering Organizations to Achieve More

Page URL History Show full URLs

https://public-usa.mkt.dynamics.com/api/orgs/810d5475-865d-4396-ba9b-ab92d37dbc10/r/lQZTSNUej0CooATjNsGvrAEAAAA?... HTTP 302
https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=e... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

80
Requests

96 %
HTTPS

67 %
IPv6

16
Domains

21
Subdomains

21
IPs

3
Countries

2778 kB
Transfer

14550 kB
Size

13
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.true.org/
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/trueclouds
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/true.org
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Trueorgcloud
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://public-usa.mkt.dynamics.com/api/orgs/810d5475-865d-4396-ba9b-ab92d37dbc10/r/lQZTSNUej0CooATjNsGvrAEAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Ftrue.org%252F%22%2C%22RedirectOptions%22%3A%7B%221%22%3Anull%2C%222%22%3A%7B%22utm_source%22%3A%22Dynamics%20365%20Customer%20Insights%20-%20Journeys%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_term%22%3A%22N%2FA%22%2C%22utm_campaign%22%3A%22initial%20email%22%2C%22utm_content%22%3A%22new%20intro%20email%22%7D%7D%7D&digest=K1MlWSXjl%2BxFvolD2gxi3sM4eq5tHvtQxcrbSQQ7TH8%3D&secretVersion=a587597bbd2d4ba3bb4334f6d8be15ee HTTP 302
https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
true.org/
Redirect Chain

https://public-usa.mkt.dynamics.com/api/orgs/810d5475-865d-4396-ba9b-ab92d37dbc10/r/lQZTSNUej0CooATjNsGvrAEAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Ftrue.org%252F%22%2C%22RedirectOpti...
https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email

107 KB
16 KB

687ms
570ms

Document
text/html

160.153.0.50
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.50 Scottsdale, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

50.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

16ba305de1b88fcef60d25b31581298fa48cb4d2062e74a38c040bf73d7d4d38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=2678400
cf-cache-status: MISS
cf-ray: 80cd06899a03360d-MAN
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 26 Sep 2023 16:53:52 GMT
expires: Fri, 27 Oct 2023 16:53:52 GMT
last-modified: Mon, 25 Sep 2023 13:43:09 GMT
server: cloudflare
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
vary: Accept-Encoding, User-Agent
x-backend: varnish_ssl
x-cache: uncached
x-cache-hit: MISS
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,0,24
x-php-version: 8.1
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Tue, 26 Sep 2023 16:53:52 GMT
Location: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email#msdynmkt_trackingcontext=48530695-1ed5-408f-a8a0-04e336c1afac
Server: nginx/1.25.1
Strict-Transport-Security: max-age=2592000; preload
x-content-type-options: nosniff
x-ms-trace-id: d95d80f66e508efbab62c69eb65364ce

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 147ms
52ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700&display=swap&ver=6.3

Requested by

Host: true.org
URL: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8adb8b0c5e7880cf2c66137533bfeea4e96040bb2c7edcb9e5c6373d78a5d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 26 Sep 2023 16:53:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 26 Sep 2023 16:11:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Sep 2023 16:53:52 GMT

GET
H2 200 js_composer.min.css
true.org/wp-content/plugins/js_composer/assets/css/ 454 KB
45 KB 70ms
68ms Stylesheet
text/css 160.153.0.50
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://true.org/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.50 Scottsdale, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

50.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

b477e6b51f8b95b103fb6b1fcc72c2420c760b629f62f5b3730af7fb501c94c5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:52 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Sep 2023 13:02:03 GMT
x-php-version: 8.1
server: cloudflare
etag: W/"71752-60551484c29dc-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 80cd068d39b0360d-MAN
expires: Fri, 27 Oct 2023 16:53:52 GMT

GET
H2 200 style.min.css
true.org/wp-content/themes/Zephyr/css/ 344 KB
62 KB 77ms
75ms Stylesheet
text/css 160.153.0.50
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://true.org/wp-content/themes/Zephyr/css/style.min.css?ver=8.18.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.50 Scottsdale, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

50.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

c8a90528681fa2e93e292db0968db37d87d82f6af3a3cecfb09899746fc8bd0f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:52 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Sep 2023 15:06:47 GMT
x-php-version: 8.1
server: cloudflare
etag: W/"55eb8-605b79b8b5a78-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 80cd068d39b3360d-MAN
expires: Fri, 27 Oct 2023 16:53:52 GMT

GET
H2 200 jquery.min.js Show response
true.org/wp-includes/js/jquery/ 85 KB
31 KB 102ms
101ms Script
application/javascript 160.153.0.50
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://true.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.50 Scottsdale, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

50.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:52 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Sep 2023 09:56:20 GMT
x-php-version: 8.1
server: cloudflare
etag: W/"155ba-60640162eb33e-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 80cd068d39b7360d-MAN
expires: Fri, 27 Oct 2023 16:53:52 GMT

GET
H2 200 jquery-migrate.min.js Show response
true.org/wp-includes/js/jquery/ 13 KB
5 KB 64ms
64ms Script
application/javascript 160.153.0.50
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://true.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.50 Scottsdale, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

50.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:52 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Sep 2023 09:56:20 GMT
x-php-version: 8.1
server: cloudflare
etag: W/"3509-60640162e9fb6-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 80cd068d39b9360d-MAN
expires: Fri, 27 Oct 2023 16:53:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
64 KB 149ms
57ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-246817973-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ae98455fbf939d8886bb7e9efbac315ee9671b03ddf7573fdda16ee20dd4ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64904
x-xss-protection: 0
last-modified: Tue, 26 Sep 2023 16:18:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Sep 2023 16:53:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 198ms
104ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5392809461646691&host=ca-host-pub-2644536267352236

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63748e0b4ed02a57b105e0de3bf25520333e1dd3759cc20efdf8d844edf015ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://true.org/
Origin: https://true.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50647
x-xss-protection: 0
server: cafe
etag: 17039875939107347135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 16:53:53 GMT

GET
H2 200 microsoft-solution-partner-300x276.png
true.org/wp-content/uploads/2023/08/ 13 KB
13 KB 101ms
101ms Image
image/png 160.153.0.50
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://true.org/wp-content/uploads/2023/08/microsoft-solution-partner-300x276.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.50 Scottsdale, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

50.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

060ec570ce237792d9ac427adadd152cc1d2fe7124694c7d12567c73895d2f09

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:52 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
cf-polished: origSize=19750
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 13616
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 02 Aug 2023 15:53:10 GMT
server: cloudflare
x-php-version: 8.1
etag: "4d26-601f2a910d3d8"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 80cd068d39ba360d-MAN
expires: Fri, 27 Oct 2023 16:53:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
688 B 52ms
51ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C900&ver=7.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff28026a6566ea7c86b4240f5be5f4a0213733b741d392c99de0644540fbbecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 26 Sep 2023 16:53:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 26 Sep 2023 16:43:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Sep 2023 16:53:52 GMT

GET
H3 200 magnific-popup.js Show response
true.org/wp-content/themes/Zephyr/common/js/vendor/ 20 KB
8 KB 63ms
63ms Script
application/javascript 160.153.0.50
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://true.org/wp-content/themes/Zephyr/common/js/vendor/magnific-popup.js?ver=8.18.2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.50 Scottsdale, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

50.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Sep 2023 15:06:46 GMT
x-php-version: 8.1
server: cloudflare
etag: W/"4efb-605b79b8ad5a8-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 80cd068e1d7835e3-MAN
expires: Fri, 27 Oct 2023 16:53:53 GMT

GET
H3 200 us.core.min.js Show response
true.org/wp-content/themes/Zephyr/js/ 190 KB
49 KB 77ms
76ms Script
application/javascript 160.153.0.50
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://true.org/wp-content/themes/Zephyr/js/us.core.min.js?ver=8.18.2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.50 Scottsdale, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

50.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

279f2c9014094c01425eec011581664626b78b9bcaff54413dbcd1e4c98781bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Sep 2023 15:06:47 GMT
x-php-version: 8.1
server: cloudflare
etag: W/"2f9af-605b79b8ba4b0-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 80cd068e2db835e3-MAN
expires: Fri, 27 Oct 2023 16:53:53 GMT

GET
H3 200 js_composer_front.min.js Show response
true.org/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
6 KB 74ms
73ms Script
application/javascript 160.153.0.50
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://true.org/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.50 Scottsdale, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

50.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

4781128a4f8574281770df7600b3713ee3ddaa28abea3e11b9a7affbb5dfc251

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Sep 2023 13:02:03 GMT
x-php-version: 8.1
server: cloudflare
etag: W/"5122-605514846e24a-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 80cd068e2dc135e3-MAN
expires: Fri, 27 Oct 2023 16:53:53 GMT

GET
H2 200 ws-tracking.js Show response
mktdplp102cdn.azureedge.net/public/latest/js/ 5 KB
3 KB 214ms
50ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mktdplp102cdn.azureedge.net/public/latest/js/ws-tracking.js?v=1.84.2007
Requested by: Host: true.org
URL: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48C2) /
Resource Hash: 6f1c07a738cbcde2320c75ce8b9e2f52898cc362fbb1e1eae82c71ab48aabeef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: gzip
content-md5: FjqakIjSeEkZwkM9tXKB2Q==
age: 3407
x-cache: HIT
content-length: 2325
x-ms-lease-status: unlocked
last-modified: Tue, 14 Feb 2023 10:25:54 GMT
server: ECAcc (ama/48C2)
etag: 0x8DB0E75DA74C34C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 168f959f-401e-0063-3692-f0ce58000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 ws-tracking.js Show response
mktdplp102cdn.azureedge.net/public/latest/js/ 5 KB
2 KB 217ms
52ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mktdplp102cdn.azureedge.net/public/latest/js/ws-tracking.js?v=1.70.1097.0
Requested by: Host: true.org
URL: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48C2) /
Resource Hash: 6f1c07a738cbcde2320c75ce8b9e2f52898cc362fbb1e1eae82c71ab48aabeef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: gzip
content-md5: FjqakIjSeEkZwkM9tXKB2Q==
age: 3407
x-cache: HIT
content-length: 2325
x-ms-lease-status: unlocked
last-modified: Tue, 14 Feb 2023 10:25:54 GMT
server: ECAcc (ama/48C2)
etag: 0x8DB0E75DA74C34C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 168f959f-401e-0063-3692-f0ce58000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
BLOB 200
OK 20037c4e-6489-4764-a732-97fc0fc986cd
https://true.org/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://true.org/20037c4e-6489-4764-a732-97fc0fc986cd
Requested by: Host: true.org
URL: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
44 KB 159ms
67ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P5X5FVX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e851171dba16a3e76f5102a738dcb28f9ff3527ed63e0572e9cf611313efc36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44499
x-xss-protection: 0
last-modified: Tue, 26 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Sep 2023 16:53:53 GMT

GET
H2 200 webchat Show response
web.powerva.microsoft.com/environments/fae1dd63-5d1f-efda-87c9-266b509b321a/bots/cr76f_True/ Frame E279 7 KB
3 KB 205ms
83ms Document
text/html 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://web.powerva.microsoft.com/environments/fae1dd63-5d1f-efda-87c9-266b509b321a/bots/cr76f_True/webchat?__version__=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1fc16d52df0447658e7059fb909916be892f9ad9630d778c2da1aef160c7ec96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://true.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, must-revalidate, no-cache
content-encoding: gzip
content-type: text/html
date: Tue, 26 Sep 2023 16:53:53 GMT
expires: 0
link: <https://content.powerapps.com>; rel="preconnect"
pragma: no-cache
referrer-policy: origin
server-timing: x-ms-igw-upstream-headers;dur=1.8,x-ms-igw-req-overhead;dur=0.2
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-mbs2m9e5n95bv4a10bfe7aqpmc00000000dg00000000gske
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-ms-activity-vector: 00.00.00.00
x-ms-correlation-id: 6eab65dc-7e69-43d2-aa63-3e4d07ced5cb
x-ms-islandgateway: GA0000001
x-ms-service-request-id: 45f86582-8647-41de-84fb-e8d55b2a79d5

GET
H3 200 RE4qR3Q.png
true.org/wp-content/uploads/2020/05/ 324 KB
325 KB 111ms
111ms Image
image/png 160.153.0.50
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://true.org/wp-content/uploads/2020/05/RE4qR3Q.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.50 Scottsdale, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

50.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

5ccef0ae7493b8d68cff0be6d4e93a4873d2616a54885b2043ea8213e79ce1be

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
cf-polished: origSize=332416
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 331915
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 22 Dec 2021 00:11:19 GMT
server: cloudflare
x-php-version: 8.1
etag: "51280-5d3b0f61066da"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 80cd068e4e1135e3-MAN
expires: Fri, 27 Oct 2023 16:53:53 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 146ms
52ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700&display=swap&ver=6.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://true.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 18:17:53 GMT
x-content-type-options: nosniff
age: 426960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 18:17:53 GMT

GET
H3 200 material-icons.woff2
true.org/wp-content/themes/Zephyr/fonts/ 125 KB
126 KB 166ms
165ms Font
font/woff2 160.153.0.50
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://true.org/wp-content/themes/Zephyr/fonts/material-icons.woff2?ver=8.18.2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.50 Scottsdale, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

50.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email
Origin: https://true.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 128352
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Sep 2023 15:06:47 GMT
x-php-version: 8.1
server: cloudflare
etag: "1f560-605b79b8b75d0"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 80cd068e4e1b35e3-MAN
expires: Fri, 27 Oct 2023 16:53:53 GMT

GET
H3 200 fa-brands-400.woff2
true.org/wp-content/themes/Zephyr/fonts/ 75 KB
75 KB 181ms
180ms Font
font/woff2 160.153.0.50
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://true.org/wp-content/themes/Zephyr/fonts/fa-brands-400.woff2?ver=8.18.2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.50 Scottsdale, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

50.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email
Origin: https://true.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 76736
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Sep 2023 15:06:47 GMT
x-php-version: 8.1
server: cloudflare
etag: "12bc0-605b79b8b6e00"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 80cd068e4e2235e3-MAN
expires: Fri, 27 Oct 2023 16:53:53 GMT

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 12 KB
13 KB 113ms
46ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v17/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C900&ver=7.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://true.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:37:55 GMT
x-content-type-options: nosniff
age: 350158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12372
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:30:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 15:37:55 GMT

GET
H2 200 oneshell Show response
shellprod.msocdn.com/api/shellbootstrapper/business/ Frame E279 146 KB
39 KB 156ms
47ms Script
application/javascript 2a02:26f0:3500:58b::38f3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://shellprod.msocdn.com/api/shellbootstrapper/business/oneshell

Requested by

Host: web.powerva.microsoft.com
URL: https://web.powerva.microsoft.com/environments/fae1dd63-5d1f-efda-87c9-266b509b321a/bots/cr76f_True/webchat?__version__=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58b::38f3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

2ff12d4f804c8080ad2d000a975bacedb4ec970a649f82c30654f53bfa17985d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.powerva.microsoft.com/
Origin: https://web.powerva.microsoft.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 16:53:53 GMT
server: Kestrel
x-cdn: 207
content-type: application/javascript
access-control-allow-origin: *
x-cache-start: 1695747026, 1695747026
cache-control: max-age=300
timing-allow-origin: *
x-o365suiteuxshell-correlationid: d83f20c4-f67f-4128-91b2-b062fa6ba1c6
content-length: 39157

GET
H2 200 main.82b9e33d.js Show response
content.powerapps.com/resource/makerx/static/js/module/ Frame E279 3 MB
550 KB 192ms
69ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Requested by

Host: web.powerva.microsoft.com
URL: https://web.powerva.microsoft.com/environments/fae1dd63-5d1f-efda-87c9-266b509b321a/bots/cr76f_True/webchat?__version__=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7f5522b8ff93530a2f77f5ee1d84d9378f58a1428e91f21ca528b1d2dd15c183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.powerva.microsoft.com/
Origin: https://web.powerva.microsoft.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=1037.0,x-ms-igw-req-overhead;dur=0.2
content-length: 562150
x-ms-islandgateway: ga00000NZ
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001fexw
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: bc145dc5-71c3-4aff-be72-a044e257a4c7
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: d2d9defd-1244-4470-a699-22d0adad4e34
accept-ranges: bytes
x-ms-static-content: ZA000000F
timing-allow-origin: *

GET
H3 200 wp-emoji-release.min.js Show response
true.org/wp-includes/js/ 18 KB
5 KB 65ms
65ms Script
application/javascript 160.153.0.50
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://true.org/wp-includes/js/wp-emoji-release.min.js?ver=6.3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.50 Scottsdale, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

50.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/?utm_source=Dynamics%20365%20Customer%20Insights%20-%20Journeys&utm_medium=email&utm_term=N%2FA&utm_campaign=initial%20email&utm_content=new%20intro%20email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Sep 2023 09:56:20 GMT
x-php-version: 8.1
server: cloudflare
etag: W/"4904-60640162f72a6-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 80cd068fea4f35e3-MAN
expires: Fri, 27 Oct 2023 16:53:53 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ 378 KB
128 KB 204ms
116ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5392809461646691&plah=true.org&bust=31078134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5392809461646691&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

181016c6e6dc38e12ad63a3ffa2e6b0543f7fb47a7754c1fd1b344ee8accff44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131252
x-xss-protection: 0
server: cafe
etag: 13127625044134762686
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 16:53:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230921/r20190131/ Frame 7E17 10 KB
5 KB 136ms
42ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230921/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5392809461646691&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://true.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 35988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Sep 2023 06:54:05 GMT
etag: 2603938475786422795
expires: Tue, 10 Oct 2023 06:54:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 65ms
64ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZXY6PQD0EZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5X5FVX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34ef9626d67f5f66b8491056fcc48fa9f3ca7fbfd5aba5c93ca36fb865366b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93684
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Sep 2023 16:53:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 140ms
44ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-246817973-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 15:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3850
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 26 Sep 2023 17:49:43 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 117ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZXY6PQD0EZ&gtm=45je39p0&_p=884679062&gdid=dZTNiMT&cid=977298695.1695747233&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695747233&sct=1&seg=0&dl=https%3A%2F%2Ftrue.org%2F%3Futm_source%3DDynamics%2520365%2520Customer%2520Insights%2520-%2520Journeys%26utm_medium%3Demail%26utm_term%3DN%252FA%26utm_campaign%3Dinitial%2520email%26utm_content%3Dnew%2520intro%2520email&dt=True.Org%20%E2%80%93%20Empowering%20Organizations%20to%20Achieve%20More&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZXY6PQD0EZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 16:53:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://true.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
201 B 52ms
51ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=884679062&t=pageview&_s=1&dl=https%3A%2F%2Ftrue.org%2F%3Futm_source%3DDynamics%2520365%2520Customer%2520Insights%2520-%2520Journeys%26utm_medium%3Demail%26utm_term%3DN%252FA%26utm_campaign%3Dinitial%2520email%26utm_content%3Dnew%2520intro%2520email&ul=en-us&de=UTF-8&dt=True.Org%20%E2%80%93%20Empowering%20Organizations%20to%20Achieve%20More&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1550295736&gjid=254309838&cid=977298695.1695747233&tid=UA-246817973-1&_gid=940939994.1695747233&_r=1&gtm=457e39p0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=336203359

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://true.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 16:53:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://true.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 unAuthenticatedApp.989ae826.chunk.js Show response
content.powerapps.com/resource/makerx/static/js/module/ Frame E279 6 KB
3 KB 39ms
39ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/js/module/unAuthenticatedApp.989ae826.chunk.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

84ee5b7232d5bf426dcdeba176ce8b1d821cd4eb3c91e941abaf11d72f2f418d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.powerva.microsoft.com/
Origin: https://web.powerva.microsoft.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=111.8,x-ms-igw-req-overhead;dur=0.2
content-length: 1910
x-ms-islandgateway: ga00000NH
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff0s
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: f690207e-1e39-409f-9544-aaa9446a86b7
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: 380ddcdf-1ee0-4570-8b8f-904eedcfbb69
accept-ranges: bytes
x-ms-static-content: ZA0000033
timing-allow-origin: *

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
601 B 152ms
56ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=true.org&callback=_gfp_s_&client=ca-pub-5392809461646691

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5392809461646691&plah=true.org&bust=31078134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2647929dfeae4985ab93982d31be22a4a93efdbcfc52c6a695372682e78fc1bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AD2E 603 B
245 B 220ms
219ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5392809461646691&output=html&adk=1812271804&adf=3025194257&lmt=1695645789&plat=1%3A16777216%2C2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l&format=0x0&url=https%3A%2F%2Ftrue.org%2F%3Futm_source%3DDynamics%2520365%2520Customer%2520Insights%2520-%2520Journeys%26utm_medium%3Demail%26utm_term%3DN%252FA%26utm_campaign%3Dinitial%2520email%26utm_content%3Dnew%2520intro%2520email%23msdynmkt_trackingcontext%3D48530695-1ed5-408f-a8a0-04e336c1afac&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695747233270&bpp=3&bdt=455&idt=533&shv=r20230921&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6431411501210&frm=20&pv=2&ga_vid=977298695.1695747233&ga_sid=1695747234&ga_hid=884679062&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078145%2C31076996%2C31078134&oid=2&pvsid=4202964151701411&tmod=1296019725&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=557

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://true.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Sep 2023 16:53:54 GMT
expires: Tue, 26 Sep 2023 16:53:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 147ms
146ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=myForm&cls=chat-popup&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 16:53:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 147ms
145ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=page-header&cls=l-header%20id_804%20pos_fixed%20bg_solid%20shadow_thin&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 16:53:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 262.2be2638f.chunk.js Show response
content.powerapps.com/resource/makerx/static/js/module/ Frame E279 2 MB
259 KB 34ms
34ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/js/module/262.2be2638f.chunk.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eff264416c56fcacc9d0f4b17a970055003c169bb3ad99c64498319682d540f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.powerva.microsoft.com/
Origin: https://web.powerva.microsoft.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=148.6,x-ms-igw-req-overhead;dur=0.1
content-length: 264030
x-ms-islandgateway: ga0000004
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff29
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: b67ed729-e7fb-443d-9aed-4d5cb30a8e99
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: 64b50e58-483f-4fa9-a36a-5e69235d7798
accept-ranges: bytes
x-ms-static-content: ZA0000007
timing-allow-origin: *

GET
H2 200 DataPVA.json Show response
content.powerapps.com/resource/makerx/static/ZbGVX3eTk922/locales/en-US/ Frame E279 2 KB
1 KB 37ms
36ms XHR
application/json 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/ZbGVX3eTk922/locales/en-US/DataPVA.json

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2beb85048a926ed482eb1abe117407805965e26510937df579d50b0f92f509dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://web.powerva.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=104.8,x-ms-igw-req-overhead;dur=0.2
content-length: 701
x-ms-islandgateway: ga0000004
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff2a
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: bcf3c31f-8aea-4fb1-a61d-290afc6ec9a1
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: ca500d58-37ab-41f4-9d04-6a5d2c2a2e31
accept-ranges: bytes
x-ms-static-content: ZA0000007
timing-allow-origin: *

GET
H2 200 vendors~AppHomePage~C~4eb05616.280f30c0.chunk.js Show response
content.powerapps.com/resource/makerx/static/js/module/ Frame E279 464 KB
78 KB 41ms
35ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/js/module/vendors~AppHomePage~C~4eb05616.280f30c0.chunk.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fb826ca0311d95b08c693e4cd01b3cb132566f7efd3a376d198b405695b13022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.powerva.microsoft.com/
Origin: https://web.powerva.microsoft.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=306.0,x-ms-igw-req-overhead;dur=0.2
content-length: 78854
x-ms-islandgateway: ga0000000
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff2m
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: 1f2ebc08-8ab8-411f-8579-a3216c57eb30
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: 3a5c8ba9-1895-482d-b0bd-5d5e00597b70
accept-ranges: bytes
x-ms-static-content: ZA0000000
timing-allow-origin: *

GET
H2 200 vendors~AppHomePage~C~499b7069.4fb77c42.chunk.js Show response
content.powerapps.com/resource/makerx/static/js/module/ Frame E279 23 KB
7 KB 41ms
36ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/js/module/vendors~AppHomePage~C~499b7069.4fb77c42.chunk.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

29d12c96f60b98e18a097845e41f4599c06454a02a79b35f2a4a877be2fe09b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.powerva.microsoft.com/
Origin: https://web.powerva.microsoft.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=416.2,x-ms-igw-req-overhead;dur=0.2
content-length: 6552
x-ms-islandgateway: GA0000003
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff2n
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: 0cdb0cd9-a1ab-4067-9c8c-dddc5f933987
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: baf156fa-a4ae-42cd-bc9e-c17572226b4b
accept-ranges: bytes
x-ms-static-content: ZA0000006
timing-allow-origin: *

GET
H2 200 vendors~AppHomePage~S~6b993bf7.e25f219d.chunk.js Show response
content.powerapps.com/resource/makerx/static/js/module/ Frame E279 3 MB
501 KB 41ms
36ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/js/module/vendors~AppHomePage~S~6b993bf7.e25f219d.chunk.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

256e4eb21ef59631543ed1bed34521ffd8c965d19f5b9d07cdc3c62df5c447bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.powerva.microsoft.com/
Origin: https://web.powerva.microsoft.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=508.0,x-ms-igw-req-overhead;dur=0.1
content-length: 512289
x-ms-islandgateway: ga00000O1
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff2p
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: 23db94fb-1084-4f35-aa7b-77b73ec368bf
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: 4301aa94-bbb3-436c-a7b3-18984bd503b3
accept-ranges: bytes
x-ms-static-content: ZA0000004
timing-allow-origin: *

GET
H2 200 vendors~AppHomePage~C~609ce615.984a7883.chunk.js Show response
content.powerapps.com/resource/makerx/static/js/module/ Frame E279 7 KB
3 KB 41ms
36ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/js/module/vendors~AppHomePage~C~609ce615.984a7883.chunk.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0ebadc083adae4622f0605131ef40bf46716cd4bffd6bf146c70f9fd28316546

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.powerva.microsoft.com/
Origin: https://web.powerva.microsoft.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=112.4,x-ms-igw-req-overhead;dur=0.1
content-length: 2174
x-ms-islandgateway: GA0000001
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff2q
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: 9d18e96d-2a4b-460c-9b8e-5e004845a87c
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: ff0ad6d5-037d-494b-befd-cf30a9981354
accept-ranges: bytes
x-ms-static-content: ZA0000003
timing-allow-origin: *

GET
H2 200 vendors~AppHomePage~C~a88f943d.1cdc662b.chunk.js Show response
content.powerapps.com/resource/makerx/static/js/module/ Frame E279 7 KB
3 KB 41ms
36ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/js/module/vendors~AppHomePage~C~a88f943d.1cdc662b.chunk.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8315df14d297e4957ec5f7e08d74fce1b69f3a078ff1f9e5d7479969d9919848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.powerva.microsoft.com/
Origin: https://web.powerva.microsoft.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=103.7,x-ms-igw-req-overhead;dur=0.3
content-length: 2139
x-ms-islandgateway: ga0000002
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff2r
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: 5a484988-4fb7-4a10-99f4-8ae94af49cfb
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: 5a85336f-8678-4704-b6e6-6b1fda84e407
accept-ranges: bytes
x-ms-static-content: ZA0000009
timing-allow-origin: *

GET
H2 200 vendors~demoClientV1~~a05d2af4.a146380e.chunk.js Show response
content.powerapps.com/resource/makerx/static/js/module/ Frame E279 9 KB
4 KB 41ms
37ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/js/module/vendors~demoClientV1~~a05d2af4.a146380e.chunk.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

772b5ab0b9e17d7dc3f58f4881e800510452f75d6a60cca3a6cff08828709a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.powerva.microsoft.com/
Origin: https://web.powerva.microsoft.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 713
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=1.9,x-ms-igw-req-overhead;dur=0.2
content-length: 2985
x-ms-islandgateway: ga0000002
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff2s
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: 6d563236-c2c9-44f5-bd0d-99d734ba4375
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: 8a8bb973-0b6c-4ae9-9806-470be70977fe
accept-ranges: bytes
x-ms-static-content: ZA0000001
timing-allow-origin: *

GET
H2 200 AppHomePage~Collabora~410a91db.1ff6eff6.chunk.js Show response
content.powerapps.com/resource/makerx/static/js/module/ Frame E279 84 KB
17 KB 41ms
37ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/js/module/AppHomePage~Collabora~410a91db.1ff6eff6.chunk.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7dc5b6bd0dcd02da6e93867c9c4ef4185de09604e1f9dc594960881af2c65d9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.powerva.microsoft.com/
Origin: https://web.powerva.microsoft.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=103.4,x-ms-igw-req-overhead;dur=0.1
content-length: 16823
x-ms-islandgateway: GA0000001
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff2t
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: a3869c7d-0776-4f46-9c47-041ff8c07a23
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: ab9fc1fd-b7e0-4a8a-943d-c193c14b30da
accept-ranges: bytes
x-ms-static-content: ZA000000B
timing-allow-origin: *

GET
H2 200 AppHomePage~Collabora~4d838e06.12eb3377.chunk.js Show response
content.powerapps.com/resource/makerx/static/js/module/ Frame E279 12 KB
4 KB 42ms
37ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/js/module/AppHomePage~Collabora~4d838e06.12eb3377.chunk.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a6fa552f38b8b4e37bf75d808a8906d2fa801d0b2f01d493ad4f5161aa0f7543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.powerva.microsoft.com/
Origin: https://web.powerva.microsoft.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=109.5,x-ms-igw-req-overhead;dur=0.1
content-length: 3564
x-ms-islandgateway: ga00000NY
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff2v
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: 00f92e69-f71c-4027-bcf6-ea10a1460b95
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: 74bb334d-6d20-45ea-a5a0-2da3cd5e3383
accept-ranges: bytes
x-ms-static-content: ZA000000F
timing-allow-origin: *

GET
H2 200 AppHomePage~SchemaDem~c32cf5c8.7c87b1df.chunk.js Show response
content.powerapps.com/resource/makerx/static/js/module/ Frame E279 9 KB
3 KB 45ms
42ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/js/module/AppHomePage~SchemaDem~c32cf5c8.7c87b1df.chunk.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

19c87f2cd612b3c621ad067b780931f28775db1feafc5ffe8179d6f7ce3465ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.powerva.microsoft.com/
Origin: https://web.powerva.microsoft.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=103.5,x-ms-igw-req-overhead;dur=0.2
content-length: 2821
x-ms-islandgateway: GA0000001
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff2w
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: 15e4f1d1-bf75-4605-8411-ab86c34c28ec
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: 29f0b91d-6bb7-421c-8b7c-3defd2b70d7b
accept-ranges: bytes
x-ms-static-content: ZA000000J
timing-allow-origin: *

GET
H2 200 demoClientV1~demoClie~6e1d04f2.a16fedd9.chunk.js Show response
content.powerapps.com/resource/makerx/static/js/module/ Frame E279 8 KB
3 KB 73ms
70ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/js/module/demoClientV1~demoClie~6e1d04f2.a16fedd9.chunk.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

68e6aa3bcaa37fcb34a6cca5e7f987b46b873468d983ebfeb60cdb873be636c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.powerva.microsoft.com/
Origin: https://web.powerva.microsoft.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=105.8,x-ms-igw-req-overhead;dur=0.1
content-length: 2681
x-ms-islandgateway: ga0000002
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff3e
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: 5ad9d1af-20fa-4601-90f7-25a2560d0131
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: cadc28db-7157-4238-b5d4-2f116b609ef4
accept-ranges: bytes
x-ms-static-content: ZA000000B
timing-allow-origin: *

GET
H2 200 demoClientV1~demoClie~a2f34956.f59acbb5.chunk.js Show response
content.powerapps.com/resource/makerx/static/js/module/ Frame E279 20 KB
6 KB 74ms
71ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/js/module/demoClientV1~demoClie~a2f34956.f59acbb5.chunk.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3dde60b5ce8775d77daf8d8d2be7af64b2688554697f0edc7bed3d50989a8b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.powerva.microsoft.com/
Origin: https://web.powerva.microsoft.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=113.2,x-ms-igw-req-overhead;dur=0.1
content-length: 5001
x-ms-islandgateway: ga0000002
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff3f
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: 1e405605-eed8-420c-914c-d87595403813
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: 700a5c7e-06d6-4be9-bf52-d5e089446e16
accept-ranges: bytes
x-ms-static-content: ZA0000009
timing-allow-origin: *

GET
H2 200 fullscreenChatV1.8fb17773.chunk.js Show response
content.powerapps.com/resource/makerx/static/js/module/ Frame E279 7 KB
3 KB 75ms
73ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/js/module/fullscreenChatV1.8fb17773.chunk.js

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d9ad0fc5c272d19bb37b2b4ee2be610754e4842c713de3a6e8ed6009d06277a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.powerva.microsoft.com/
Origin: https://web.powerva.microsoft.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=437.5,x-ms-igw-req-overhead;dur=0.3
content-length: 2470
x-ms-islandgateway: ga0000000
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff3g
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: 46d9c431-460a-44c4-83fb-df6b8372aea3
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: 3603fb25-3341-4c0c-987e-ded7d0a4538e
accept-ranges: bytes
x-ms-static-content: ze000003C
timing-allow-origin: *

GET
H2 200 DemoClient.json Show response
content.powerapps.com/resource/makerx/static/ZbGVX3eTk922/locales/en-US/ Frame E279 2 KB
1 KB 39ms
37ms XHR
application/json 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/ZbGVX3eTk922/locales/en-US/DemoClient.json

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b6df5874139282d1a253b6a3b09249d5a1507aaf4e7de558e222eaf6c7b56dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://web.powerva.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=373.3,x-ms-igw-req-overhead;dur=0.1
content-length: 855
x-ms-islandgateway: ga0000004
vary: Accept-Encoding
x-azure-ref: 20230926T165353Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff2u
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: 663e2045-7a64-44fe-86a5-d98eb261ef52
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: 46235488-452f-476e-b30a-535fb665adf7
accept-ranges: bytes
x-ms-static-content: ZA000000C
timing-allow-origin: *

GET
BLOB 200
OK 503b06dd-fc00-46ce-9428-48b47bd9042d
https://web.powerva.microsoft.com/ Frame E279 2 MB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://web.powerva.microsoft.com/503b06dd-fc00-46ce-9428-48b47bd9042d
Requested by: Host: web.powerva.microsoft.com
URL: https://web.powerva.microsoft.com/environments/fae1dd63-5d1f-efda-87c9-266b509b321a/bots/cr76f_True/webchat?__version__=2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17b66c40779e8eb2ccc481d16107cbbdb5ae23a5bdc87c7fa3d0c104e3177efc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://web.powerva.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Length: 2123701
Content-Type: application/javascript

GET
H2 200 CommonPagesPVA.json Show response
content.powerapps.com/resource/makerx/static/ZbGVX3eTk922/locales/en-US/ Frame E279 9 KB
3 KB 36ms
36ms XHR
application/json 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/makerx/static/ZbGVX3eTk922/locales/en-US/CommonPagesPVA.json

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4c2b93a239b1baa342d3344b73311cea9816c24b01caae1a2b6a60ea35a8ecb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://web.powerva.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:54 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=416.1,x-ms-igw-req-overhead;dur=0.3
content-length: 2310
x-ms-islandgateway: ga0000003
vary: Accept-Encoding
x-azure-ref: 20230926T165354Z-puqttgmek520xe9fzmyps4m97g00000001v000000001ff9p
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control: public, max-age=31536000
x-ms-correlation-id: 591d75ae-0d90-499c-a740-c9c2cc776adc
x-ms-activity-vector: 00.00.00.00
x-ms-service-request-id: 7c998066-996e-4a0f-9f93-e54f9ba67ad2
accept-ranges: bytes
x-ms-static-content: ZA0000007
timing-allow-origin: *

GET
H2 200 webchatsettings Show response
fae1dd635d1fefda87c9266b509b32.1a.environment.api.powerplatform.com/powervirtualagents/botsbyschema/cr76f_True/ Frame E279 174 B
1 KB 460ms
115ms XHR
application/json 52.146.74.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fae1dd635d1fefda87c9266b509b32.1a.environment.api.powerplatform.com/powervirtualagents/botsbyschema/cr76f_True/webchatsettings?api-version=2022-03-01-preview

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.146.74.72 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5934c2ebe1d7fcb80bd54fbd1bec802017d28275d531893275086096a54e2e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://web.powerva.microsoft.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-servicefabric: NoRetry
x-ms-gateway-clusters: prdil108eus
x-cci-diagnostics-traceid: 0HMTR397IVDC4:00014007
server-timing: x-ms-igw-upstream-headers;dur=4.2,x-ms-igw-req-overhead;dur=0.2
x-ms-pva-engine-routing: prd-prod-mt-us-108-eus
content-length: 174
x-xss-protection: 1; mode=block
x-ms-islandgateway: GA000003K
x-ms-activity-vector: 00.00.00.00
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Date,Server,Access-Control-Allow-Origin,Access-Control-Expose-Headers,Content-Length,x-ms-gateway-clusters,Strict-Transport-Security,X-XSS-Protection,X-Content-Type-Options,x-cci-diagnostics-traceid,x-ms-pva-engine-routing,x-servicefabric,x-ms-service-request-id,x-ms-correlation-id,x-ms-activity-vector
cache-control: no-cache, no-store
x-ms-correlation-id: 717cb6b3-f772-4457-81f3-92edb73e4e78
x-ms-service-request-id: 8a18d842-1178-4cad-bfa2-6e84c748738e

GET
H2 200 ACblea-r
8bc91f758c7141ce8bd80bb6f79532bf.svc.dynamics.com/t/v/he-h6ZqBJ8CG0Dx_7js_RDGf4x63EDnoVP988Ge8zq8/5j_OCBXFRhdC6sIwG0llxxQNHtXlzzr1S15odlzE/ 49 B
589 B 1197ms
821ms Image
image/jpeg 52.159.151.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8bc91f758c7141ce8bd80bb6f79532bf.svc.dynamics.com/t/v/he-h6ZqBJ8CG0Dx_7js_RDGf4x63EDnoVP988Ge8zq8/5j_OCBXFRhdC6sIwG0llxxQNHtXlzzr1S15odlzE/ACblea-r?ad=https%3A%2F%2Ftrue.org%2F%3Futm_source%3DDynamics%2520365%2520Customer%2520Insights%2520-%2520Journeys%26utm_medium%3Demail%26utm_term%3DN%252FA%26utm_campaign%3Dinitial%2520email%26utm_content%3Dnew%2520intro%2520email%23msdynmkt_trackingcontext%3D48530695-1ed5-408f-a8a0-04e336c1afac&rf=&id=1778912994

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.159.151.194 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 26 Sep 2023 16:53:54 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
x-servicefabricrequestid: 93ec34f0-9938-4f63-bf72-201364c24de7, 90d8ba67-51bf-428d-9da1-7667dd71ea23
content-type: image/jpeg
x-activity-id: a5a05625-da05-4cff-9186-e0c16f499cd2
x-ms-activity-id: a5a05625-da05-4cff-9186-e0c16f499cd2
content-length: 49
api-deprecated: False

GET
H2 200 ACblea-r
8bc91f758c7141ce8bd80bb6f79532bf.svc.dynamics.com/t/v/he-h6ZqBJ8CG0Dx_7js_RDGf4x63EDnoVP988Ge8zq8/5j_OCBXFRhdC6sIwG0llxxQNHtXlzzr1S15odlzE/ 49 B
439 B 1614ms
1239ms Image
image/jpeg 52.159.151.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.159.151.194 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 26 Sep 2023 16:53:55 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
x-servicefabricrequestid: d98035a4-c87b-40dd-bb83-9bb05a4dd080, 0838fc31-f745-4565-b41f-ceedf86d1654
content-type: image/jpeg
x-activity-id: d2974404-d3e1-4feb-bb68-3c130948a962
x-ms-activity-id: d2974404-d3e1-4feb-bb68-3c130948a962
content-length: 49
api-deprecated: False

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 99ms
98ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230921&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3d2f74701c90893a0434eaee6d770ec17d4bc944fde92f2e99f9b54004d595b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11927
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 160ms
68ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 26 Sep 2023 16:53:54 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2EF0 13 KB
5 KB 43ms
42ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://true.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 6461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Sep 2023 15:06:13 GMT
expires: Wed, 25 Sep 2024 15:06:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 88C7 829 B
1 KB 152ms
53ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

16ca0ae61ba422bd1e582aeaf4e4b9e1c11484efe76df4bccb4bb2ea5f79f6f9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qPUGeoXDsbLGs7OuykAVOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://true.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-qPUGeoXDsbLGs7OuykAVOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 26 Sep 2023 16:53:54 GMT
expires: Tue, 26 Sep 2023 16:53:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2EF0 37 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 14:55:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 14:55:38 GMT

GET
H2 200 token Show response
fae1dd635d1fefda87c9266b509b32.1a.environment.api.powerplatform.com/powervirtualagents/bots/6843363a-21b8-4c9d-aa19-df6e6cf1207c/directline/ Frame E279 931 B
1 KB 143ms
142ms XHR
application/json 52.146.74.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fae1dd635d1fefda87c9266b509b32.1a.environment.api.powerplatform.com/powervirtualagents/bots/6843363a-21b8-4c9d-aa19-df6e6cf1207c/directline/token?api-version=2022-03-01-preview

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.146.74.72 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

787fde067a83c675d5fa0b7a4d8a810013a85a05be2be93fca6907440a9c1530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://web.powerva.microsoft.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-servicefabric: NoRetry
x-ms-gateway-clusters: prdil108eus
x-cci-diagnostics-traceid: 0HMTR2SIKUFBC:0000089B
server-timing: x-ms-igw-upstream-headers;dur=37.8,x-ms-igw-req-overhead;dur=0.2
x-ms-pva-engine-routing: prd-prod-mt-us-108-eus
content-length: 931
x-xss-protection: 1; mode=block
x-ms-islandgateway: GA000003K
x-ms-activity-vector: 00.00.00.00
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Date,Server,Access-Control-Allow-Origin,Access-Control-Expose-Headers,Content-Length,x-ms-gateway-clusters,Strict-Transport-Security,X-XSS-Protection,X-Content-Type-Options,x-cci-diagnostics-traceid,x-ms-pva-engine-routing,x-servicefabric,x-ms-service-request-id,x-ms-correlation-id,x-ms-activity-vector
cache-control: no-cache, no-store
x-ms-correlation-id: 11aadb23-23ef-479e-b6ba-b2bb7f144b4d
x-ms-service-request-id: 5af08d98-8b89-4529-8ed8-457c4301e98d

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2EF0 0
10 B 42ms
42ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4t6tsg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 88C7 0
0 144ms
144ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230921&jk=4202964151701411&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

POST
H2 200 / Show response
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ Frame E279 153 B
765 B 128ms
41ms XHR
application/json 20.50.73.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.73.11 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

b6801af2bfdb7297d9ff1322e0f3fa1b925e4565f7a92b04d05cf5a4703acf07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

upload-time: 1695747234852
accept-language: en-GB,en;q=0.9
client-version: 1DS-Web-JS-3.2.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
time-delta-to-apply-millis: use-collector-delta
content-type: application/x-json-stream
cache-control: no-cache, no-store
Referer: https://web.powerva.microsoft.com/
apikey: 94a98a699cb047e99210dc27a3d20293-fb6c8c9c-74c6-4b15-bc61-a77165ffa52b-6949
Client-Id: NO_AUTH

Response headers

strict-transport-security: max-age=31536000
date: Tue, 26 Sep 2023 16:53:54 GMT
server: Microsoft-HTTPAPI/2.0
time-delta-millis: 260
access-control-allow-methods: POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type: application/json
access-control-allow-origin: https://web.powerva.microsoft.com
access-control-expose-headers: time-delta-millis
access-control-allow-credentials: true
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
content-length: 153

OPTIONS
H2 200 /
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 151ms
41ms Preflight 20.50.73.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.73.11 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://web.powerva.microsoft.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin: https://web.powerva.microsoft.com
access-control-max-age: 3600
cache-control: public, 3600
content-length: 0
date: Tue, 26 Sep 2023 16:53:54 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

GET
H2 200 regionalchannelsettings Show response
fae1dd635d1fefda87c9266b509b32.1a.environment.api.powerplatform.com/powervirtualagents/ Frame E279 130 B
346 B 116ms
114ms XHR
application/json 52.146.74.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fae1dd635d1fefda87c9266b509b32.1a.environment.api.powerplatform.com/powervirtualagents/regionalchannelsettings?api-version=2022-03-01-preview

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.146.74.72 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b38416a24c973824a716443536344e1c48bc5342b2aa41cc0d1d65bf445453c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://web.powerva.microsoft.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-servicefabric: NoRetry
x-ms-gateway-clusters: prdil108eus
x-cci-diagnostics-traceid: 0HMTR397IVDC7:00013FB9
server-timing: x-ms-igw-upstream-headers;dur=3.0,x-ms-igw-req-overhead;dur=0.2
x-ms-pva-engine-routing: prd-prod-mt-us-108-eus
content-length: 130
x-xss-protection: 1; mode=block
x-ms-islandgateway: GA000003K
x-ms-activity-vector: 00.00.00.00
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Date,Server,Access-Control-Allow-Origin,Access-Control-Expose-Headers,Content-Length,x-ms-gateway-clusters,Strict-Transport-Security,X-XSS-Protection,X-Content-Type-Options,x-cci-diagnostics-traceid,x-ms-pva-engine-routing,x-servicefabric,x-ms-service-request-id,x-ms-correlation-id,x-ms-activity-vector
cache-control: no-cache, no-store
x-ms-correlation-id: c4b352c0-862c-4381-a1d0-97bab3c4a6a0
x-ms-service-request-id: c9af9fcc-9d39-4ec9-8329-f313904b7599

GET
H2 200 botdetails Show response
fae1dd635d1fefda87c9266b509b32.1a.environment.api.powerplatform.com/powervirtualagents/bots/6843363a-21b8-4c9d-aa19-df6e6cf1207c/directline/ Frame E279 173 B
421 B 362ms
361ms XHR
application/json 52.146.74.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fae1dd635d1fefda87c9266b509b32.1a.environment.api.powerplatform.com/powervirtualagents/bots/6843363a-21b8-4c9d-aa19-df6e6cf1207c/directline/botdetails?api-version=2022-03-01-preview

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.146.74.72 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5f526c3643a81347256f5a3cdfb1eb65dd20750ec6721ccbe066b19265cb54a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://web.powerva.microsoft.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:53:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-servicefabric: NoRetry
x-ms-gateway-clusters: prdil108eus
x-cci-diagnostics-traceid: 0HMTR2SIKTO79:0001415B
server-timing: x-ms-igw-upstream-headers;dur=229.6,x-ms-igw-req-overhead;dur=0.2
x-ms-pva-engine-routing: prd-prod-mt-us-108-eus
content-length: 173
x-xss-protection: 1; mode=block
x-ms-islandgateway: GA000003K
x-ms-activity-vector: 00.00.00.00
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Date,Server,Access-Control-Allow-Origin,Access-Control-Expose-Headers,Content-Length,x-ms-gateway-clusters,Strict-Transport-Security,X-XSS-Protection,X-Content-Type-Options,x-cci-diagnostics-traceid,x-ms-pva-engine-routing,x-servicefabric,x-ms-service-request-id,x-ms-correlation-id,x-ms-activity-vector
cache-control: no-cache, no-store
x-ms-correlation-id: a9c8f893-c8c6-4388-b1ec-dc3f01c56bcf
x-ms-service-request-id: bbb47bdd-f539-442e-8df8-b60981de4eae

OPTIONS
H2 200 conversations
unitedstates.directline.botframework.com/v3/directline/ Frame 0
0 419ms
108ms Preflight 40.71.0.179
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedstates.directline.botframework.com/v3/directline/conversations

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.71.0.179 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-ms-bot-agent,x-requested-with
Access-Control-Request-Method: POST
Origin: https://web.powerva.microsoft.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type,x-ms-bot-agent,x-requested-with
access-control-allow-origin: *
access-control-max-age: 600
arr-disable-session-affinity: true
cache-control: no-cache
content-length: 0
date: Tue, 26 Sep 2023 16:53:55 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 201 conversations Show response
unitedstates.directline.botframework.com/v3/directline/ Frame E279 2 KB
2 KB 184ms
183ms XHR
application/json 40.71.0.179
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedstates.directline.botframework.com/v3/directline/conversations

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/vendors~AppHomePage~S~6b993bf7.e25f219d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.71.0.179 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f74d685de951c87305bdee5d61c46ab1b393ada70c2bc2dcfda1865d676abcdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjVnZEdBYmd1OExXWGZCOXZFZFY3ZUVveGE1cyIsIng1dCI6IjVnZEdBYmd1OExXWGZCOXZFZFY3ZUVveGE1cyIsInR5cCI6IkpXVCJ9.eyJib3QiOiI2ODQzMzYzYS0yMWI4LTRjOWQtYWExOS1kZjZlNmNmMTIwN2MiLCJzaXRlIjoiMXFkb0txMlVKaUUiLCJjb252IjoiN3RHUlBmMTB5eHJFbUR6alBkZHRpVC11cyIsInVzZXIiOiIzMDNkZTczMi03OWNiLTRkMjUtODQyMC1jMWM0Yjk5OTUxOWUiLCJuYmYiOjE2OTU3NDcyMzQsImV4cCI6MTY5NTc1MDgzNCwiaXNzIjoiaHR0cHM6Ly9kaXJlY3RsaW5lLmJvdGZyYW1ld29yay5jb20vIiwiYXVkIjoiaHR0cHM6Ly9kaXJlY3RsaW5lLmJvdGZyYW1ld29yay5jb20vIn0.eJpwRCQBaGwlcKmcIx0gnMGvSectftmll7pYSw4p4X7_2c4O30hKPTYG1jbXYUoo-n4CLZD4tgH-K7D38jL3ivy-SctyI7jMr49CQaT68Oh_bgpX06Axa2MwCDZBwsGxedjDvQLci0B6Kfl4TisXhDGbMa0RUACE4pwXPeFdwrN05IgaiBAbJwA5Ug5Cl9g1Lhj2Txr8_7cA6ASESxdvN_EE3tvLHKUREf2Ut8ycrZgiGO0_FQPLJgVRIOWd0aIzVxnbCiFnaV4XB4keiJp7HCuCrnkvg7r9OG-VeKL_SSerdXOrOFk_rHJs2Ow_UX9TjxRRKT51nejrWH02ac-hug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://web.powerva.microsoft.com/
X-Requested-With: XMLHttpRequest
x-ms-bot-agent: DirectLine/3.0 (directlinejs; WebChat/4.15.8 (Full) 0.15.4)

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 16:53:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 1a853f959bc52ada6a0719462e16dd8b
access-control-expose-headers: Retry-After
cache-control: no-cache
arr-disable-session-affinity: true
content-length: 1977
x-xss-protection: 1; mode=block
expires: -1

GET
BLOB 200
OK f3bb66c0-7dbd-4a62-ad2e-09315943b6fd
https://web.powerva.microsoft.com/ Frame E279 26 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://web.powerva.microsoft.com/f3bb66c0-7dbd-4a62-ad2e-09315943b6fd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a02909d42cb8e3e5aee76d6fbda30837d1f1c030e998d133e86a031c304d8345

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Length: 26751
Content-Type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 151ms
150ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230921&jk=4202964151701411&bg=!1dal1pnNAAYrDsWMCw47ADQBe5WfOCHIAFNCrPI_jSGBqqFoUTXX9DlO-OTxid6jIRxBO25xa9Az95ZlT4ZXj8zVlCpnAgAAAEpSAAAABmgBB5kCtFZVL63LXT01nhNArJYPFeCwE4cOe5H1Wyc3BY4uoeG2Lukwe8lCnwqGBglKSG44HolCaa_kIlUAvA96_lU3DoFNSzSQ8gwExf_1s4Pqme02Erhzrtp62q-Yy5CymWpOnj7RNhEa5LXXPZ7zZxOZTZqB4Uq8VwFmXBuSFnFqdhv-m0qb93B56tmrhbURAdSd4_iCUPY-m8CQ4fZtaB3_n8eZAdFORYYCBEh6pLO26HC1I3AdWw7v4rp8bgEOBdNfV3MwBbwMMbYqFpxLb1V_QEgJ1GABEFEa5GcXN2t-5a7K9qcjR_1XzdbyU2QZuLoSy54VFSKqlDMfjbxvxSKIasrO5LVrI2PqueeQpy4GUNuS3Tz_c0bx7wF1EZuroEHcQkk_U_SePSf023VzpWJuqyRPh7p2KXq3d5ATntEF-KAWCF1pECfH3a7j_IU9LTDUMFolQoS3vJEacadPOy8NHZnxggzEFzxVi0CgKYi5FgNFopPLS2nLsmbZObgFssIzpVTsJwW-H2GvnxCcrfYSbk2WlvVeDHHZpYW_TpeEafjxVBKl_0_Lg0pq13dxhwuKRAYPMorKkcvrxySDnlvdMuBwejkqBdJGcvtE2kPw_FwROZkq4Bn-X_FEaRxWvnAyKBsqDtv3FH1emvP8weVRA4Y1x4L7ajKbhJOq3_FPqjj1JkZjRAM6KRGU8tJjby_02i6zdYCfxah0p9HZjmSGJmEPdg_E7UT05Dvt5Nh4YnYpM-0zSvefGC3B_9NMuqZEhNNOChgGrjjN56gHymml260d517LPU3CrMP7w2YxGqBnQccE-XWKaLWVJ_BhNnTigwxXj2hmqT6_WW1ZtJ4JzJIiG1s6M65oIl3zWbUU1kec21EW_LtRGsZTeksHzhuMFFmy4FTxaE-YnZl4sniem-4LXZhN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://true.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

OPTIONS
H2 200 /
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 41ms
41ms Preflight 20.50.73.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.73.11 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://web.powerva.microsoft.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin: https://web.powerva.microsoft.com
access-control-max-age: 3600
cache-control: public, 3600
content-length: 0
date: Tue, 26 Sep 2023 16:53:55 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 / Show response
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ Frame E279 154 B
238 B 130ms
128ms XHR
application/json 20.50.73.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.73.11 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

57942aae460332d6380a780feaa945d9224f540c2aee702aa4a1a56ea4611017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

upload-time: 1695747235856
accept-language: en-GB,en;q=0.9
client-version: 1DS-Web-JS-3.2.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
time-delta-to-apply-millis: 260
content-type: application/x-json-stream
cache-control: no-cache, no-store
Referer: https://web.powerva.microsoft.com/
apikey: 94a98a699cb047e99210dc27a3d20293-fb6c8c9c-74c6-4b15-bc61-a77165ffa52b-6949
Client-Id: NO_AUTH

Response headers

strict-transport-security: max-age=31536000
date: Tue, 26 Sep 2023 16:53:55 GMT
server: Microsoft-HTTPAPI/2.0
time-delta-millis: 53
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://web.powerva.microsoft.com
access-control-expose-headers: time-delta-millis
access-control-allow-credentials: true
access-control-allow-headers: time-delta-millis
content-length: 154

OPTIONS
H2 200 activities
unitedstates.directline.botframework.com/v3/directline/conversations/7tGRPf10yxrEmDzjPddtiT-us/ Frame 0
0 109ms
109ms Preflight 40.71.0.179
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedstates.directline.botframework.com/v3/directline/conversations/7tGRPf10yxrEmDzjPddtiT-us/activities

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.71.0.179 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-ms-bot-agent,x-requested-with
Access-Control-Request-Method: POST
Origin: https://web.powerva.microsoft.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type,x-ms-bot-agent,x-requested-with
access-control-allow-origin: *
access-control-max-age: 600
arr-disable-session-affinity: true
cache-control: no-cache
content-length: 0
date: Tue, 26 Sep 2023 16:53:55 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 activities Show response
unitedstates.directline.botframework.com/v3/directline/conversations/7tGRPf10yxrEmDzjPddtiT-us/ Frame E279 49 B
300 B 223ms
223ms XHR
application/json 40.71.0.179
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedstates.directline.botframework.com/v3/directline/conversations/7tGRPf10yxrEmDzjPddtiT-us/activities

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/vendors~AppHomePage~S~6b993bf7.e25f219d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.71.0.179 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

78e93f8930973f6cf7f4247aa4186b464a0652a845e899d068ad47b966dca324

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://web.powerva.microsoft.com/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
x-ms-bot-agent: DirectLine/3.0 (directlinejs; WebChat/4.15.8 (Full) 0.15.4)
Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjVnZEdBYmd1OExXWGZCOXZFZFY3ZUVveGE1cyIsIng1dCI6IjVnZEdBYmd1OExXWGZCOXZFZFY3ZUVveGE1cyIsInR5cCI6IkpXVCJ9.eyJib3QiOiI2ODQzMzYzYS0yMWI4LTRjOWQtYWExOS1kZjZlNmNmMTIwN2MiLCJzaXRlIjoiMXFkb0txMlVKaUUiLCJjb252IjoiN3RHUlBmMTB5eHJFbUR6alBkZHRpVC11cyIsInVzZXIiOiIzMDNkZTczMi03OWNiLTRkMjUtODQyMC1jMWM0Yjk5OTUxOWUiLCJuYmYiOjE2OTU3NDcyMzUsImV4cCI6MTY5NTc1MDgzNSwiaXNzIjoiaHR0cHM6Ly9kaXJlY3RsaW5lLmJvdGZyYW1ld29yay5jb20vIiwiYXVkIjoiaHR0cHM6Ly9kaXJlY3RsaW5lLmJvdGZyYW1ld29yay5jb20vIn0.PCE83GXf4U52nwGQhGV97itKSzD9yj9P1RyMI2u0QcN4vOtVvNVhHe_9sU9FpyfOEURQVhyJkur9nb2_ypyl_eE1oEIOgDpMzTA1QyIdgUGfW3stgNrahG7PViIWkWUrrZZX15Cm7vvX9pETIfGzmbpdWp6DF_OFZIZxFw-r_p1TSxYcD53kpCR7PvpUpx9g93DHtj_Six4tyhi5p6sjWpiqwWG8OAK0EdR43YY5ZvLIvNJY0PCQ77udTIC9oes9iQwnScuPP06fOMuJIEGl6HqfHbDX1ESzdrcXxjoX_yXSgNpIFc3tRMEvzmBFlm3SlEu_7PFXq4sA3tu1gpGgzw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 16:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 63fb8f1ccba3b89c88fd186bce5c8682
access-control-expose-headers: Retry-After
cache-control: no-cache
arr-disable-session-affinity: true
content-length: 167
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 6843363a-21b8-4c9d-aa19-df6e6cf1207c_5di1vU54n6CgCyr5kK7epCEf8svF5OCUtCW83kF5zp9rNGKf.png
bot-framework.azureedge.net/bot-icons-v1/ Frame E279 3 KB
3 KB 133ms
27ms Image
image/png 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bot-framework.azureedge.net/bot-icons-v1/6843363a-21b8-4c9d-aa19-df6e6cf1207c_5di1vU54n6CgCyr5kK7epCEf8svF5OCUtCW83kF5zp9rNGKf.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lpl/EF0A) /
Resource Hash: 30f010feb6bb4b55c322d6c4478c3824e8599f35e8c6e5539437506ce56c69e0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://web.powerva.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Sep 2023 16:53:56 GMT
content-md5: RoQJR8a5AtbKm8a4mMFZgQ==
age: 110476
x-cache: HIT
content-length: 3001
x-ms-lease-status: unlocked
last-modified: Tue, 19 Sep 2023 16:51:33 GMT
server: ECAcc (lpl/EF0A)
etag: 0x8DBB930AE1F37E1
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 085cdd7d-d01e-0014-3598-ef27d5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

POST
H2 200 / Show response
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ Frame E279 153 B
219 B 40ms
40ms XHR
application/json 20.50.73.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Requested by

Host: content.powerapps.com
URL: https://content.powerapps.com/resource/makerx/static/js/module/main.82b9e33d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.73.11 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

b6801af2bfdb7297d9ff1322e0f3fa1b925e4565f7a92b04d05cf5a4703acf07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

upload-time: 1695747237973
accept-language: en-GB,en;q=0.9
client-version: 1DS-Web-JS-3.2.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
time-delta-to-apply-millis: 260
content-type: application/x-json-stream
cache-control: no-cache, no-store
Referer: https://web.powerva.microsoft.com/
apikey: 94a98a699cb047e99210dc27a3d20293-fb6c8c9c-74c6-4b15-bc61-a77165ffa52b-6949
Client-Id: NO_AUTH

Response headers

strict-transport-security: max-age=31536000
date: Tue, 26 Sep 2023 16:53:57 GMT
server: Microsoft-HTTPAPI/2.0
time-delta-millis: 61
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://web.powerva.microsoft.com
access-control-expose-headers: time-delta-millis
access-control-allow-credentials: true
access-control-allow-headers: time-delta-millis
content-length: 153

OPTIONS
H2 200 /
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 41ms
41ms Preflight 20.50.73.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.73.11 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://web.powerva.microsoft.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin: https://web.powerva.microsoft.com
access-control-max-age: 3600
cache-control: public, 3600
content-length: 0
date: Tue, 26 Sep 2023 16:53:57 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.true.org/	1970-01-21 00:38:27	Name: _ga_ZXY6PQD0EZ Value: GS1.1.1695747233.1.0.1695747233.0.0.0
.true.org/	1970-01-21 00:38:27	Name: _ga Value: GA1.2.977298695.1695747233
.true.org/	1970-01-20 15:03:53	Name: _gid Value: GA1.2.940939994.1695747233
.true.org/	1970-01-20 15:02:27	Name: _gat_gtag_UA_246817973_1 Value: 1
.true.org/	1970-01-21 00:24:03	Name: __gads Value: ID=f1f6a0bd100a08a0-22fa3fa593de00d7:T=1695747233:RT=1695747233:S=ALNI_MaKzZYB5IfQVbRxPpF4VIKXdiuKqQ
.true.org/	1970-01-21 00:24:03	Name: __gpi Value: UID=00000d9551a5fdf1:T=1695747233:RT=1695747233:S=ALNI_Ma6dSBii8VhXeVNuDIpCz-Ypgw03A
.doubleclick.net/	1970-01-20 15:02:28	Name: test_cookie Value: CheckForPermission
true.org/	1970-01-21 00:38:27	Name: msd365mkttr Value: 5j_OCBXFRhdC6sIwG0llxxQNHtXlzzr1S15odlzE
true.org/	1969-12-31 23:59:59	Name: msd365mkttrs Value: ACblea-r
.microsoft.com/	1970-01-20 23:48:03	Name: MC1 Value: GUID=830afcc535c34614b7c582555c96eddf&HASH=830a&LV=202309&V=4&LU=1695747235112
.microsoft.com/	1970-01-20 15:02:29	Name: MS0 Value: 6f8a4291f43c4c8cabb20893e2a800d2
8bc91f758c7141ce8bd80bb6f79532bf.svc.dynamics.com/	1970-01-21 00:38:27	Name: 79f08280-5c63-4331-b04d-fb6f39afda51 Value: XQhW36Iu-IDKU0oQSQsRgsRgA0mIA3FdvJ6dMSqqB-k
8bc91f758c7141ce8bd80bb6f79532bf.svc.dynamics.com/	1969-12-31 23:59:59	Name: 319af4c0-e197-4de9-8a9b-fe98c8a2ca04 Value: XQhW36Iu-IDKU0oQSQsRgsRgA0mIA3FdvJ6dMSqqB-k

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8bc91f758c7141ce8bd80bb6f79532bf.svc.dynamics.com
bot-framework.azureedge.net
content.powerapps.com
eu-mobile.events.data.microsoft.com
fae1dd635d1fefda87c9266b509b32.1a.environment.api.powerplatform.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mktdplp102cdn.azureedge.net
pagead2.googlesyndication.com
partner.googleadservices.com
public-usa.mkt.dynamics.com
region1.google-analytics.com
shellprod.msocdn.com
tpc.googlesyndication.com
true.org
unitedstates.directline.botframework.com
web.powerva.microsoft.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
152.199.19.160
160.153.0.50
20.50.73.11
2001:4860:4802:32::36
2606:2800:133:206e:1315:22a5:2006:24fd
2620:1ec:46::45
2620:1ec:bdf::45
2a00:1450:4001:806::2001
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:830::200e
2a02:26f0:3500:58b::38f3
40.71.0.179
52.146.74.72
52.146.76.30
52.159.151.194
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
060ec570ce237792d9ac427adadd152cc1d2fe7124694c7d12567c73895d2f09
0ebadc083adae4622f0605131ef40bf46716cd4bffd6bf146c70f9fd28316546
16ba305de1b88fcef60d25b31581298fa48cb4d2062e74a38c040bf73d7d4d38
16ca0ae61ba422bd1e582aeaf4e4b9e1c11484efe76df4bccb4bb2ea5f79f6f9
17b66c40779e8eb2ccc481d16107cbbdb5ae23a5bdc87c7fa3d0c104e3177efc
181016c6e6dc38e12ad63a3ffa2e6b0543f7fb47a7754c1fd1b344ee8accff44
19c87f2cd612b3c621ad067b780931f28775db1feafc5ffe8179d6f7ce3465ec
1fc16d52df0447658e7059fb909916be892f9ad9630d778c2da1aef160c7ec96
256e4eb21ef59631543ed1bed34521ffd8c965d19f5b9d07cdc3c62df5c447bc
2647929dfeae4985ab93982d31be22a4a93efdbcfc52c6a695372682e78fc1bc
279f2c9014094c01425eec011581664626b78b9bcaff54413dbcd1e4c98781bb
29d12c96f60b98e18a097845e41f4599c06454a02a79b35f2a4a877be2fe09b5
2beb85048a926ed482eb1abe117407805965e26510937df579d50b0f92f509dd
2ff12d4f804c8080ad2d000a975bacedb4ec970a649f82c30654f53bfa17985d
30f010feb6bb4b55c322d6c4478c3824e8599f35e8c6e5539437506ce56c69e0
34ef9626d67f5f66b8491056fcc48fa9f3ca7fbfd5aba5c93ca36fb865366b99
3dde60b5ce8775d77daf8d8d2be7af64b2688554697f0edc7bed3d50989a8b32
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4781128a4f8574281770df7600b3713ee3ddaa28abea3e11b9a7affbb5dfc251
4c2b93a239b1baa342d3344b73311cea9816c24b01caae1a2b6a60ea35a8ecb4
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57942aae460332d6380a780feaa945d9224f540c2aee702aa4a1a56ea4611017
5934c2ebe1d7fcb80bd54fbd1bec802017d28275d531893275086096a54e2e6f
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5ccef0ae7493b8d68cff0be6d4e93a4873d2616a54885b2043ea8213e79ce1be
5f526c3643a81347256f5a3cdfb1eb65dd20750ec6721ccbe066b19265cb54a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63748e0b4ed02a57b105e0de3bf25520333e1dd3759cc20efdf8d844edf015ab
68e6aa3bcaa37fcb34a6cca5e7f987b46b873468d983ebfeb60cdb873be636c0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f1c07a738cbcde2320c75ce8b9e2f52898cc362fbb1e1eae82c71ab48aabeef
772b5ab0b9e17d7dc3f58f4881e800510452f75d6a60cca3a6cff08828709a19
787fde067a83c675d5fa0b7a4d8a810013a85a05be2be93fca6907440a9c1530
78e93f8930973f6cf7f4247aa4186b464a0652a845e899d068ad47b966dca324
7ae98455fbf939d8886bb7e9efbac315ee9671b03ddf7573fdda16ee20dd4ef7
7dc5b6bd0dcd02da6e93867c9c4ef4185de09604e1f9dc594960881af2c65d9e
7f5522b8ff93530a2f77f5ee1d84d9378f58a1428e91f21ca528b1d2dd15c183
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8315df14d297e4957ec5f7e08d74fce1b69f3a078ff1f9e5d7479969d9919848
84ee5b7232d5bf426dcdeba176ce8b1d821cd4eb3c91e941abaf11d72f2f418d
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9e851171dba16a3e76f5102a738dcb28f9ff3527ed63e0572e9cf611313efc36
a02909d42cb8e3e5aee76d6fbda30837d1f1c030e998d133e86a031c304d8345
a6fa552f38b8b4e37bf75d808a8906d2fa801d0b2f01d493ad4f5161aa0f7543
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
b38416a24c973824a716443536344e1c48bc5342b2aa41cc0d1d65bf445453c3
b3d2f74701c90893a0434eaee6d770ec17d4bc944fde92f2e99f9b54004d595b
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
b477e6b51f8b95b103fb6b1fcc72c2420c760b629f62f5b3730af7fb501c94c5
b6801af2bfdb7297d9ff1322e0f3fa1b925e4565f7a92b04d05cf5a4703acf07
b6df5874139282d1a253b6a3b09249d5a1507aaf4e7de558e222eaf6c7b56dff
c8a90528681fa2e93e292db0968db37d87d82f6af3a3cecfb09899746fc8bd0f
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d9ad0fc5c272d19bb37b2b4ee2be610754e4842c713de3a6e8ed6009d06277a9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eff264416c56fcacc9d0f4b17a970055003c169bb3ad99c64498319682d540f1
f74d685de951c87305bdee5d61c46ab1b393ada70c2bc2dcfda1865d676abcdd
f8adb8b0c5e7880cf2c66137533bfeea4e96040bb2c7edcb9e5c6373d78a5d0a
fb826ca0311d95b08c693e4cd01b3cb132566f7efd3a376d198b405695b13022
ff28026a6566ea7c86b4240f5be5f4a0213733b741d392c99de0644540fbbecf

true.org Open in urlscan Pro 160.153.0.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

96 %HTTPS

67 %IPv6

16 Domains

21 Subdomains

21 IPs

3 Countries

2778 kBTransfer

14550 kBSize

13 Cookies

4 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

true.org Open in urlscan Pro
160.153.0.50 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

96 %
HTTPS

67 %
IPv6

16
Domains

21
Subdomains

21
IPs

3
Countries

2778 kB
Transfer

14550 kB
Size

13
Cookies

80 HTTP transactions
0 data transactions