linkedin.salesconfidence.com Open in urlscan Pro
104.154.226.67  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response linkedin.salesconfidence.com/	310 KB 38 KB	581ms 128ms	Document text/html	104.154.226.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.226.67 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 67.226.154.104.bc.googleusercontent.com Software openresty / Express Resource Hash 80a3f8964c423039061a2bb470c9f2c15bff6d748b960b8bd42912e2b4649f1a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server openresty date Fri, 03 Dec 2021 11:07:51 GMT content-type text/html; charset=utf-8 content-length 38759 x-powered-by Express content-encoding gzip etag W/"9767-T/yzil8zqvcIlUoBdddHFueAoOE" vary Accept-Encoding
GET H2	200	user_session.js Show response msgsndr.com/js/	7 KB 3 KB	161ms 127ms	Script application/javascript	2001:4860:4802:32::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://msgsndr.com/js/user_session.js Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 33225f56f5deaa0b89f88f8ad87c11debb298fa1dac82ba86f11f6ea426b0aa3 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://linkedin.salesconfidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=2592000; includeSubdomains content-encoding gzip x-content-type-options nosniff server Google Frontend etag "V6zWsA" x-frame-options sameorigin content-type application/javascript x-cloud-trace-context ddbc58480393270eb00aca1469485711 cache-control no-cache, must-revalidate date Fri, 03 Dec 2021 11:07:52 GMT x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/	10 KB 1 KB	47ms 18ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:400,700|Open%20Sans:400,700|Montserrat:400,700| Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ae0654a806683a598b05c9b329a4812ea26eea227a2a74c12e9627f88dcb50a8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://linkedin.salesconfidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 03 Dec 2021 11:07:52 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 03 Dec 2021 11:07:52 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 03 Dec 2021 11:07:52 GMT
GET H2	200	/ linkedin.salesconfidence.com/	64 KB 64 KB	120ms 119ms	Image text/html	104.154.226.67 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://linkedin.salesconfidence.com/ Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.226.67 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 67.226.154.104.bc.googleusercontent.com Software openresty / Express Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://linkedin.salesconfidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 11:07:52 GMT content-encoding gzip etag W/"9767-T/yzil8zqvcIlUoBdddHFueAoOE" server openresty x-powered-by Express vary Accept-Encoding content-type text/html; charset=utf-8 content-length 38759
GET H2	200	e561a0e.js Show response cdn.msgsndr.com/_preview/	2 KB 2 KB	37ms 7ms	Script application/javascript	35.244.153.18 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.msgsndr.com/_preview/e561a0e.js Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 18.153.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash 83417fd175784d3b86b3235402c09c9ca647f56605f8af37b4559d3bb7c04b13 Request headers Accept-Language de-DE,de;q=0.9 Referer https://linkedin.salesconfidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 12:24:28 GMT content-encoding gzip age 859404 x-guploader-uploadid ADPycdtsYUCQCJFAjJOhTjFAkwC2eHVXU750SbEwz6LjXv9gKnrG8xkSo0PWnyYyLD0fp7epE-3btP8jAE62nmrn7PmSow5fMQ x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc clear content-length 1187 last-modified Tue, 23 Nov 2021 12:19:44 GMT server UploadServer etag "f4fb6c1d6c54c3631e9f1e41c2b86c1c" x-goog-hash crc32c=guc9Vw==, md5=9PtsHWxUw2Menx5BwrhsHA== x-goog-generation 1637669984278971 access-control-allow-origin * cache-control public, no-transform, immutable, max-age=31536000 x-goog-stored-content-length 1187 accept-ranges bytes content-type application/javascript expires Wed, 23 Nov 2022 12:24:28 GMT
GET H2	200	097f2db.js Show response cdn.msgsndr.com/_preview/	12 KB 5 KB	37ms 8ms	Script application/javascript	35.244.153.18 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.msgsndr.com/_preview/097f2db.js Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 18.153.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash f90e551f13172fa503d365f12f30ced79c0bca6bc60e5b967a4889d0ff042a8e Request headers Accept-Language de-DE,de;q=0.9 Referer https://linkedin.salesconfidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 12:24:50 GMT content-encoding gzip age 859382 x-guploader-uploadid ADPycdssJue_UnlHPrngZLdjfo-KKP0RfJFkOJxjPU4OZxkeLTCJjOElSCLPtlGdVExL_pRnYZXn2jUm-yfNeWWC8SA x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc clear content-length 4561 last-modified Tue, 23 Nov 2021 12:19:42 GMT server UploadServer etag "bb8917bbe3f57aba5af0ed4eeac2f9f1" x-goog-hash crc32c=1DEcaA==, md5=u4kXu+P1erpa8O1O6sL58Q== x-goog-generation 1637669982705080 access-control-allow-origin * cache-control public, no-transform, immutable, max-age=31536000 x-goog-stored-content-length 4561 accept-ranges bytes content-type application/javascript expires Wed, 23 Nov 2022 12:24:50 GMT
GET H2	200	d145347.js Show response cdn.msgsndr.com/_preview/	903 KB 247 KB	45ms 16ms	Script application/javascript	35.244.153.18 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.msgsndr.com/_preview/d145347.js Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 18.153.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash 3f4f5bf322e54351abb8074c75e82f5884472594172aa66babe2fcc7200fc62b Request headers Accept-Language de-DE,de;q=0.9 Referer https://linkedin.salesconfidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 02 Dec 2021 13:03:09 GMT content-encoding gzip age 79483 x-guploader-uploadid ADPycdsAZvdwbk6cS0NDCkj0qdDmIe6bO_DRvdTzh3V4PvH_onbO59XIDn7IgBwKDbR5RgEE4u4sMgp2OgwwpOT9R8RDigB9ow x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc clear content-length 252877 last-modified Mon, 29 Nov 2021 10:23:09 GMT server UploadServer etag "1baaca2c7df08188e57d1b48dddaca5f" x-goog-hash crc32c=InU0YQ==, md5=G6rKLH3wgYjlfRtI3drKXw== x-goog-generation 1638181389628862 access-control-allow-origin * cache-control public, no-transform, immutable, max-age=31536000 x-goog-stored-content-length 252877 accept-ranges bytes content-type application/javascript expires Fri, 02 Dec 2022 13:03:09 GMT
GET H2	200	09f61e6.js Show response cdn.msgsndr.com/_preview/	751 KB 156 KB	38ms 9ms	Script application/javascript	35.244.153.18 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.msgsndr.com/_preview/09f61e6.js Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 18.153.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash 6a28fc89e09b597ac371f0e1bd4fc1219ac6eebc401783a7c2ed8c37c9c3cf6d Request headers Accept-Language de-DE,de;q=0.9 Referer https://linkedin.salesconfidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 29 Nov 2021 10:27:19 GMT content-encoding gzip age 348033 x-guploader-uploadid ADPycdvZI_pzSd-q-TLrDLwlCaveP2Lgv1Lqun9HrxixnFZXMZVwAWvbOfLBju8bkMYWsgzaGb09J80z9IP0wVCKxPEm1Rucbw x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc clear content-length 159390 last-modified Mon, 29 Nov 2021 10:23:08 GMT server UploadServer etag "8e4b421739c236be3a6e82a7c1dac514" x-goog-hash crc32c=PYq7Hw==, md5=jktCFznCNr46boKnwdrFFA== x-goog-generation 1638181388677433 access-control-allow-origin * cache-control public, no-transform, immutable, max-age=31536000 x-goog-stored-content-length 159390 accept-ranges bytes content-type application/javascript expires Tue, 29 Nov 2022 10:27:19 GMT
GET H2	200	regular.css use.fontawesome.com/releases/v5.8.1/css/	675 B 696 B	235ms 217ms	Stylesheet text/css	2606:4700:3037::6815:4e07 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.8.1/css/regular.css Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03c0638f9077740737ec996407194737b6170db3ef1d736632df0fe2fc71f8ae Request headers Referer https://linkedin.salesconfidence.com/ Origin https://linkedin.salesconfidence.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 11:07:52 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id CWB3SSFN0KVVY82F access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-id-2 J0LEUgF+DDe+P/+vzUuqJ4+O2zu2N3R1IaY7APTj5EwoFMR0ap9U9kxjfkCl107/eM6Xnm4Jd3E= last-modified Wed, 30 Jun 2021 15:46:39 GMT server cloudflare etag W/"b7c0350118f1465ba68e3b7c93fcc360" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efuWCLafe8%2BwwB60dmuAmSSaHo1psv7GG%2FKbZlYhemESUg2fQJ%2FOPXci1N05GpBDGMZigZihKUHzl0NHzJf0JJZdwlB4qyHL3iwwNF7gZkIyXO55cNVsQIqm3SmQDMqX0O3a%2B9La6ArFsyT0TWxRh3So"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 6b7c5573aa177031-FRA
GET H2	200	solid.css use.fontawesome.com/releases/v5.8.1/css/	667 B 699 B	246ms 229ms	Stylesheet text/css	2606:4700:3037::6815:4e07 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.8.1/css/solid.css Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 561b7e6fd9934ae58e8c04d53855a9692ca95e60b0231ae9e1766e78245f4dd3 Request headers Referer https://linkedin.salesconfidence.com/ Origin https://linkedin.salesconfidence.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 11:07:52 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id CWB9MPGM1B03N7WC access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-id-2 KT/PHY5kUWO7O3bZRwtxqh5JFcrZQojx2TBAZk8a3Ra+Rzfvd5p2+TNgnjVt2QSZq/SLo7b5gyc= last-modified Wed, 30 Jun 2021 15:46:39 GMT server cloudflare etag W/"cddcd8fd12da8dd6bcad774583afd75c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zPZbNvKH5mwyEXhfWWhy0orxYbSQsSpTEi%2B0cLrR6VWB85AK7SlV1XeLwXRH1vUfs5pV2hAZ6v7bkobMi3zY9NeQj%2FJCzRHmj8E5j8%2BR0KKwtE5YLfSlKEtR5pcAQWgZwymyOHmthCi4L2XJh5MfCXD"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 6b7c5573aa187031-FRA
GET H2	200	brands.css use.fontawesome.com/releases/v5.8.1/css/	660 B 1 KB	231ms 214ms	Stylesheet text/css	2606:4700:3037::6815:4e07 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.8.1/css/brands.css Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdec02a79a6c4f929cf12c9b215492a5530c489ad27487f84887466831115493 Request headers Referer https://linkedin.salesconfidence.com/ Origin https://linkedin.salesconfidence.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 11:07:52 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id CWBCB662J5E49R20 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-id-2 tr2fJ1EgfO5y1YtNtt7G+H3Klmv5nBvg4+X0gcpRcoWbK8EF6ixLC8PBryWY8E3X6iIgL1cSYQY= last-modified Wed, 30 Jun 2021 15:46:39 GMT server cloudflare etag W/"c9fcdfd0e53dec8552f9dd3b40f75973" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHlEjNntTRazIPQFuLouoWRNu9WRtUXE%2FaOjlm8NMWVikdkyFkfJtPHCJFuxGQ0e5c%2ByFW06nwngvGD%2B0sCwFGy%2BORYe%2FLQPOYDKNOvp0Y4wgk1D9k9xeWUHoqZFpCwnuvG7GicAsoIvfU3NPQWSkywG"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 6b7c5573aa1a7031-FRA
GET H2	200	859646428_640.jpg i.vimeocdn.com/video/	6 KB 7 KB	41ms 14ms	Image image/jpeg	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/859646428_640.jpg Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2b3dc225b59b1c985d351700d56785f18fbc983646e07383a3761265da0ae881 Request headers Accept-Language de-DE,de;q=0.9 Referer https://linkedin.salesconfidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 11:07:52 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 530393 x-viewmaster-lossless-format false x-cache miss, HIT, HIT x-backend-server varnish content-length 6643 viewmaster-server viewmaster-us-central1-x5cf x-served-by cache-dfw18627-DFW, cache-hhn4026-HHN x-timer S1638529672.294192,VS0,VE0 etag 7bc2f8817fac8396f21ebbc75cdea6d7 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 11, 9369
GET H2	200	859643460_640.jpg i.vimeocdn.com/video/	6 KB 7 KB	40ms 13ms	Image image/jpeg	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/859643460_640.jpg Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2b3dc225b59b1c985d351700d56785f18fbc983646e07383a3761265da0ae881 Request headers Accept-Language de-DE,de;q=0.9 Referer https://linkedin.salesconfidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 11:07:52 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 530393 x-viewmaster-lossless-format false x-cache miss, HIT, HIT x-backend-server varnish content-length 6643 viewmaster-server viewmaster-us-central1-x5cf x-served-by cache-dfw18627-DFW, cache-hhn4026-HHN x-timer S1638529672.294297,VS0,VE0 etag 7bc2f8817fac8396f21ebbc75cdea6d7 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 11, 9369
GET H2	200	859643303_640.jpg i.vimeocdn.com/video/	6 KB 7 KB	40ms 13ms	Image image/jpeg	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/859643303_640.jpg Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2b3dc225b59b1c985d351700d56785f18fbc983646e07383a3761265da0ae881 Request headers Accept-Language de-DE,de;q=0.9 Referer https://linkedin.salesconfidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 11:07:52 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 530393 x-viewmaster-lossless-format false x-cache miss, HIT, HIT x-backend-server varnish content-length 6643 viewmaster-server viewmaster-us-central1-x5cf x-served-by cache-dfw18627-DFW, cache-hhn4026-HHN x-timer S1638529672.294307,VS0,VE0 etag 7bc2f8817fac8396f21ebbc75cdea6d7 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 11, 9369
GET H2	200	859645096_640.jpg i.vimeocdn.com/video/	6 KB 7 KB	25ms 23ms	Image image/jpeg	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/859645096_640.jpg Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2b3dc225b59b1c985d351700d56785f18fbc983646e07383a3761265da0ae881 Request headers Accept-Language de-DE,de;q=0.9 Referer https://linkedin.salesconfidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 11:07:52 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 530393 x-viewmaster-lossless-format false x-cache miss, HIT, HIT x-backend-server varnish content-length 6643 viewmaster-server viewmaster-us-central1-x5cf x-served-by cache-dfw18627-DFW, cache-hhn4026-HHN x-timer S1638529672.294416,VS0,VE0 etag 7bc2f8817fac8396f21ebbc75cdea6d7 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 11, 9370
GET H2	200	JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/	20 KB 20 KB	29ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700|Open%20Sans:400,700|Montserrat:400,700| Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://linkedin.salesconfidence.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 06:44:42 GMT x-content-type-options nosniff age 15790 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20040 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:44 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 03 Dec 2022 06:44:42 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v18/	19 KB 20 KB	35ms 13ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700|Open%20Sans:400,700|Montserrat:400,700| Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://linkedin.salesconfidence.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 01 Dec 2021 15:40:37 GMT x-content-type-options nosniff age 156435 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19844 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:10 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 01 Dec 2022 15:40:37 GMT
OPTIONS H2	204	migrate-vimeo-thumbnails-bg services.msgsndr.com/funnels/funnel/ Frame	0 0	141ms 116ms	Preflight	35.190.19.171 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://services.msgsndr.com/funnels/funnel/migrate-vimeo-thumbnails-bg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.19.171 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 171.19.190.35.bc.googleusercontent.com Software / Express Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers channel,content-type,source,version Origin https://linkedin.salesconfidence.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers x-powered-by Express access-control-allow-origin * access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE vary Access-Control-Request-Headers access-control-allow-headers channel,content-type,source,version content-length 0 date Fri, 03 Dec 2021 11:07:52 GMT via 1.1 google alt-svc clear
OPTIONS H2	200	event msgsndr.com/funnel/ Frame	0 0	156ms 131ms	Preflight text/html	2001:4860:4802:32::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://msgsndr.com/funnel/event Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Express Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://linkedin.salesconfidence.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers x-powered-by Express access-control-allow-origin * access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE vary Access-Control-Request-Headers access-control-allow-headers content-type x-cloud-trace-context b379612dfef899d8e99602d25e129cb2 date Fri, 03 Dec 2021 11:07:52 GMT content-type text/html server Google Frontend content-length 0
GET H2	200	v3 Show response js.stripe.com/	268 KB 71 KB	71ms 10ms	Script application/javascript	18.66.112.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: cdn.msgsndr.com URL: https://cdn.msgsndr.com/_preview/d145347.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash 63e3ac410082d5007e3ae749ab68c2b92617afc3049fa5ac9de25dce8ce359f5 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://linkedin.salesconfidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 36 x-cache Hit from cloudfront date Fri, 03 Dec 2021 11:07:16 GMT via 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront) last-modified Thu, 02 Dec 2021 19:53:11 GMT server Cloudfront etag W/"1e62c70ab2a761b44ddf6e653f0dcf54" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 x-amz-cf-pop FRA56-P5 timing-allow-origin * x-amz-cf-id l5DYWz5CjnsyJ21KPruXvmcZokgoCBqcH25TzZk3MLexciRTS0nSdw==
POST H2	201	migrate-vimeo-thumbnails-bg Show response services.msgsndr.com/funnels/funnel/	56 B 165 B	356ms 356ms	XHR application/json	35.190.19.171 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://services.msgsndr.com/funnels/funnel/migrate-vimeo-thumbnails-bg Requested by Host: cdn.msgsndr.com URL: https://cdn.msgsndr.com/_preview/d145347.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.19.171 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 171.19.190.35.bc.googleusercontent.com Software / Express Resource Hash fa39b22bab4759d3d5616dc9b07087a6f6fc714eb65d9b51eb1c1d253ee0b3a0 Request headers Accept-Language de-DE,de;q=0.9 source WEB_USER User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/json;charset=UTF-8 Accept application/json, text/plain, */* Referer https://linkedin.salesconfidence.com/ channel APP version 2021-04-15 Response headers date Fri, 03 Dec 2021 11:07:53 GMT via 1.1 google etag W/"38-RESLyHIAsO6qpW8iWRCtJNY18b8" x-powered-by Express vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * alt-svc clear content-length 56
POST H2	200	event Show response msgsndr.com/funnel/	2 B 137 B	165ms 165ms	XHR text/plain	2001:4860:4802:32::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://msgsndr.com/funnel/event Requested by Host: cdn.msgsndr.com URL: https://cdn.msgsndr.com/_preview/d145347.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Express Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept application/json, text/plain, */* Referer https://linkedin.salesconfidence.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Fri, 03 Dec 2021 11:07:52 GMT etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" server Google Frontend x-powered-by Express content-type text/plain; charset=utf-8 access-control-allow-origin * x-cloud-trace-context 7c9a0b44cdb19211851dc7b5687c8e1a content-length 2
GET H2	200	location%2Fpb8iHmgpcuAXcE3C9ieK%2Fimages%2F6cbd6b2b-1f58-4f1e-bcc1-e75b9eda4331.jpeg cdn.msgsndr.com/	282 KB 282 KB	426ms 425ms	Image image/jpeg	35.244.153.18 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.msgsndr.com/location%2Fpb8iHmgpcuAXcE3C9ieK%2Fimages%2F6cbd6b2b-1f58-4f1e-bcc1-e75b9eda4331.jpeg?alt=media Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 18.153.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash 40469769b485eca2bde411ee5e1710607dee762ff731c36d4f614c0c5aeaac8a Request headers Accept-Language de-DE,de;q=0.9 Referer https://linkedin.salesconfidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 11:07:52 GMT x-guploader-uploadid ADPycdtCa0qQhfk2jXlNkdz9AeUXRM7UNf0ycAqUWPFPmWnN05q11L0I4Tem3hCvcJeP9TJ4A9Cw_Lf_IDdP8r26ELLfEJngSA x-goog-storage-class STANDARD x-goog-metageneration 4 x-goog-stored-content-encoding identity content-disposition inline; filename*=utf-8''6cbd6b2b-1f58-4f1e-bcc1-e75b9eda4331.jpeg alt-svc clear content-length 288664 last-modified Wed, 26 Feb 2020 15:53:47 GMT server UploadServer etag "247ff82581e8487b473d65c662ace7c0" x-goog-hash crc32c=0p363w==, md5=JH/4JYHoSHtHPWXGYqznwA== x-goog-generation 1582732427100359 access-control-allow-origin * cache-control public, max-age=31536000 x-goog-stored-content-length 288664 x-goog-meta-firebasestoragedownloadtokens b0a2fb95-6f2a-4683-8b78-3717bb0ffab8 accept-ranges bytes content-type image/jpeg expires Sat, 03 Dec 2022 11:07:52 GMT
GET H2	200	m-outer-f7902241893e7a497417843cb15dc858.html Show response js.stripe.com/v3/ Frame 2F2F	240 B 959 B	8ms 8ms	Document text/html	18.66.112.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash 1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://linkedin.salesconfidence.com/ Response headers content-type text/html; charset=utf-8 content-length 240 last-modified Wed, 27 Oct 2021 22:19:31 GMT accept-ranges bytes server Cloudfront access-control-allow-origin * x-content-type-options nosniff strict-transport-security max-age=31556926; includeSubDomains; preload content-security-policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report timing-allow-origin * date Fri, 03 Dec 2021 11:07:50 GMT cache-control max-age=60 etag "f7902241893e7a497417843cb15dc858" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amz-cf-id fQFDiBI4y8J7QIp9PTjmd7HjKnSMKmLy4eJL4gM2vorWJ-_MYEVcUQ== age 3
POST H2	200	csp-report q.stripe.com/ Frame 2F2F	0 347 B	552ms 182ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://js.stripe.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/csp-report Response headers date Fri, 03 Dec 2021 11:07:53 GMT server nginx access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type x-envoy-upstream-service-time 1 access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token content-length 0
GET H2	200	m-outer-639174098ea8fe7fede6fa654790e8ec.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 2F2F	1 KB 1 KB	8ms 8ms	Script application/javascript	18.66.112.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash 6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 13 x-cache Hit from cloudfront date Fri, 03 Dec 2021 11:07:39 GMT via 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront) last-modified Mon, 25 Oct 2021 19:35:20 GMT server Cloudfront etag W/"5213886b88cd72e6d0aebc89868e5d13" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 x-amz-cf-pop FRA56-P5 timing-allow-origin * x-amz-cf-id 5GQdLIxs2fMWIeceHZFR5jlkVVwRlqTgfhDnRLHYbUeBCJg2Bl9gHg==
GET H2	200	inner.html Show response m.stripe.network/ Frame 7924	932 B 2 KB	55ms 8ms	Document text/html	2600:9000:223e:4a00:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:4a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd Security Headers Name Value Content-Security-Policy connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://js.stripe.com/ Response headers content-type text/html; charset=utf-8 content-length 932 last-modified Thu, 04 Nov 2021 19:04:57 GMT accept-ranges bytes server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * x-content-type-options nosniff content-security-policy-report-only base-uri 'none'; connect-src 'self' https://m.stripe.com; default-src 'none'; font-src 'self'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report date Fri, 03 Dec 2021 11:04:44 GMT cache-control max-age=300, public etag "f6254e6dd0cb06228801a1c8baf0939f" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 x-amz-cf-id J5TafUAq3ghT3K4ql6hejDH69a62b-dXCbdpyCrKXPfL0sQXHKDOyA== age 188
POST H2	200	create_session Show response services.msgsndr.com/attribution_service/user_session_v3/	105 B 220 B	172ms 172ms	Fetch application/json	35.190.19.171 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://services.msgsndr.com/attribution_service/user_session_v3/create_session Requested by Host: msgsndr.com URL: https://msgsndr.com/js/user_session.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.19.171 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 171.19.190.35.bc.googleusercontent.com Software / Express Resource Hash ddc1983ed58352486d62a4fbd287dbd3dc2b3dd3bbbace21fcd32c8f335cf627 Request headers Referer https://linkedin.salesconfidence.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/json Response headers date Fri, 03 Dec 2021 11:07:53 GMT via 1.1 google etag W/"69-ci/87F61dwhMxjR5QH6Y8JhXkaA" x-powered-by Express content-type application/json; charset=utf-8 access-control-allow-origin * alt-svc clear content-length 105
OPTIONS H2	200	create_session services.msgsndr.com/attribution_service/user_session_v3/ Frame	0 0	114ms 113ms	Preflight	35.190.19.171 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://services.msgsndr.com/attribution_service/user_session_v3/create_session Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.19.171 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 171.19.190.35.bc.googleusercontent.com Software / Express Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://linkedin.salesconfidence.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers x-powered-by Express access-control-allow-origin * access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE vary Access-Control-Request-Headers access-control-allow-headers content-type content-length 0 date Fri, 03 Dec 2021 11:07:52 GMT via 1.1 google alt-svc clear
POST H2	200	csp-report q.stripe.com/ Frame 7924	0 120 B	477ms 183ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://m.stripe.network/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/csp-report Response headers date Fri, 03 Dec 2021 11:07:53 GMT x-envoy-upstream-service-time 1 server nginx content-length 0 strict-transport-security max-age=31556926; includeSubDomains; preload
POST H2	200	csp-report q.stripe.com/ Frame 7924	0 120 B	477ms 183ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: linkedin.salesconfidence.com URL: https://linkedin.salesconfidence.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://m.stripe.network/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/csp-report Response headers date Fri, 03 Dec 2021 11:07:53 GMT x-envoy-upstream-service-time 1 server nginx content-length 0 strict-transport-security max-age=31556926; includeSubDomains; preload
GET H2	200	out-4.5.41.js Show response m.stripe.network/ Frame 7924	85 KB 14 KB	10ms 9ms	Script text/javascript	2600:9000:223e:4a00:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.41.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:4a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff age 124 x-cache Hit from cloudfront date Fri, 03 Dec 2021 11:05:53 GMT last-modified Thu, 04 Nov 2021 19:04:57 GMT server Cloudfront etag W/"2db385faf28cf5f9393cf01a0a1edfa2" vary Accept-Encoding content-type text/javascript; charset=utf-8 via 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront) cache-control max-age=300, public x-amz-cf-pop FRA56-P4 timing-allow-origin * x-amz-cf-id OIab1xagHSF4ztC40beeACbk_S5ebuZJGV-bO9vI2jhQTG1e95iR-A==
POST H2	200	6 Show response m.stripe.com/ Frame 7924	156 B 523 B	568ms 189ms	XHR application/json	52.25.233.186 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.41.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.25.233.186 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-25-233-186.us-west-2.compute.amazonaws.com Software nginx / Resource Hash dda8e9dc7e99071c8ced26ecf5d2e83f1a2dcd9f889bce821d722eb104690073 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 03 Dec 2021 11:07:53 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=31556926; includeSubDomains; preload content-type application/json;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| userSessionAttribution object| __NUXT__ object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| core function| vueRecaptchaApiLoaded object| __SENTRY__ object| $nuxt object| __webpackStripeJSv3Jsonp function| Stripe

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			linkedin.salesconfidence.com/	1970-01-20 07:54:25	Name: msgsndr_id Value: 35cd2270-d990-425b-a50c-0f8808504944
			m.stripe.com/	1970-01-20 16:40:01	Name: m Value: 021672c4-b89d-42c7-a59a-51797b03a983c2a7db
			.linkedin.salesconfidence.com/	1970-01-20 07:54:25	Name: __stripe_mid Value: d711cc81-ef35-4927-9d6f-0d0724559b941ad657
			.linkedin.salesconfidence.com/	1970-01-19 23:08:51	Name: __stripe_sid Value: ae758517-5a59-485e-862c-b321b56f8be25e65f5

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.msgsndr.com
fonts.googleapis.com
fonts.gstatic.com
i.vimeocdn.com
js.stripe.com
linkedin.salesconfidence.com
m.stripe.com
m.stripe.network
msgsndr.com
q.stripe.com
services.msgsndr.com
use.fontawesome.com
104.154.226.67
151.101.114.109
18.66.112.111
2001:4860:4802:32::15
2600:9000:223e:4a00:19:7d10:bd80:93a1
2606:4700:3037::6815:4e07
2a00:1450:4001:80f::2003
2a00:1450:4001:829::200a
35.190.19.171
35.244.153.18
52.25.233.186
54.187.119.242
03c0638f9077740737ec996407194737b6170db3ef1d736632df0fe2fc71f8ae
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2b3dc225b59b1c985d351700d56785f18fbc983646e07383a3761265da0ae881
33225f56f5deaa0b89f88f8ad87c11debb298fa1dac82ba86f11f6ea426b0aa3
3f4f5bf322e54351abb8074c75e82f5884472594172aa66babe2fcc7200fc62b
40469769b485eca2bde411ee5e1710607dee762ff731c36d4f614c0c5aeaac8a
561b7e6fd9934ae58e8c04d53855a9692ca95e60b0231ae9e1766e78245f4dd3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
63e3ac410082d5007e3ae749ab68c2b92617afc3049fa5ac9de25dce8ce359f5
6a28fc89e09b597ac371f0e1bd4fc1219ac6eebc401783a7c2ed8c37c9c3cf6d
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
80a3f8964c423039061a2bb470c9f2c15bff6d748b960b8bd42912e2b4649f1a
83417fd175784d3b86b3235402c09c9ca647f56605f8af37b4559d3bb7c04b13
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
ae0654a806683a598b05c9b329a4812ea26eea227a2a74c12e9627f88dcb50a8
bdec02a79a6c4f929cf12c9b215492a5530c489ad27487f84887466831115493
dda8e9dc7e99071c8ced26ecf5d2e83f1a2dcd9f889bce821d722eb104690073
ddc1983ed58352486d62a4fbd287dbd3dc2b3dd3bbbace21fcd32c8f335cf627
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
f90e551f13172fa503d365f12f30ced79c0bca6bc60e5b967a4889d0ff042a8e
fa39b22bab4759d3d5616dc9b07087a6f6fc714eb65d9b51eb1c1d253ee0b3a0