Submitted URL: http://na.deputy.com/
Effective URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Submission: On September 12 via manual from GB

Summary

This website contacted 40 IPs in 9 countries across 35 domains to perform 96 HTTP transactions. The main IP is 52.27.220.67, located in Boardman, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is once.deputy.com.
TLS certificate: Issued by Amazon on October 29th 2018. Valid for: a year.
This is the only time once.deputy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.66.145.156 16509 (AMAZON-02)
1 5 52.27.220.67 16509 (AMAZON-02)
15 143.204.208.229 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.208.215 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.166.68.180 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.35.253.59 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 2.18.233.40 16625 (AKAMAI-AS)
1 2 172.217.18.98 15169 (GOOGLE)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 143.204.214.50 16509 (AMAZON-02)
2 89.187.165.7 60068 (CDN77)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
15 19 54.217.245.200 16509 (AMAZON-02)
3 34.253.13.179 16509 (AMAZON-02)
2 2 52.28.145.127 16509 (AMAZON-02)
1 2 52.29.177.239 16509 (AMAZON-02)
1 2 2.18.234.21 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 3 151.101.14.2 54113 (FASTLY)
1 185.64.189.110 62713 (AS-PUBMATIC)
2 2 2001:4998:58:... 26101 (YAHOO-3)
1 2 52.28.51.203 16509 (AMAZON-02)
1 2 52.57.113.38 16509 (AMAZON-02)
1 185.33.223.208 29990 (ASN-APPNEXUS)
1 35.190.72.21 15169 (GOOGLE)
1 2 34.95.120.147 15169 (GOOGLE)
96 40
Apex Domain
Subdomains
Transfer
23 adroll.com
s.adroll.com
d.adroll.com
25 KB
19 deputy.com
na.deputy.com
once.deputy.com
www.deputy.com
hs.deputy.com
132 KB
16 cloudfront.net
d2sebmzxyyulvv.cloudfront.net
d2dq2ahtl5zl1z.cloudfront.net
476 KB
6 hubspot.com
designers.hubspot.com
api.hubspot.com
track.hubspot.com
forms.hubspot.com
9 KB
4 yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
2 KB
4 albacross.com
serve.albacross.com
collect.albacross.com
20 KB
4 facebook.net
connect.facebook.net
199 KB
4 google-analytics.com
ssl.google-analytics.com
18 KB
3 facebook.com
www.facebook.com
568 B
3 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
2 KB
3 gstatic.com
fonts.gstatic.com
37 KB
3 googleapis.com
fonts.googleapis.com
2 KB
2 openx.net
us-u.openx.net
482 B
2 bidswitch.net
x.bidswitch.net
909 B
2 3lift.com
eb2.3lift.com
695 B
2 outbrain.com
sync.outbrain.com
652 B
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 advertising.com
pixel.advertising.com
722 B
2 qualaroo.com
cl.qualaroo.com
dntcl.qualaroo.com
48 KB
2 google.de
www.google.de
530 B
2 google.com
www.google.com
623 B
2 segment.io
api.segment.io
282 B
2 hs-analytics.net
js.hs-analytics.net
51 KB
2 cloudflare.com
cdnjs.cloudflare.com
20 KB
2 hubspot.net
cdn2.hubspot.net
107 KB
1 rlcdn.com
idsync.rlcdn.com
62 B
1 adnxs.com
ib.adnxs.com
875 B
1 taboola.com
trc.taboola.com
261 B
1 pubmatic.com
simage2.pubmatic.com
862 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 googleadservices.com
www.googleadservices.com
9 KB
1 googletagmanager.com
www.googletagmanager.com
36 KB
1 madkudu.com
cdn.madkudu.com
26 KB
1 usemessages.com
js.usemessages.com
14 KB
1 hsleadflows.net
js.hsleadflows.net
61 KB
96 35
Domain Requested by
19 d.adroll.com 15 redirects s.adroll.com
15 d2sebmzxyyulvv.cloudfront.net once.deputy.com
d2sebmzxyyulvv.cloudfront.net
7 www.deputy.com once.deputy.com
www.deputy.com
6 hs.deputy.com www.deputy.com
5 once.deputy.com 1 redirects once.deputy.com
d2sebmzxyyulvv.cloudfront.net
www.deputy.com
4 connect.facebook.net once.deputy.com
connect.facebook.net
4 s.adroll.com 1 redirects www.deputy.com
4 ssl.google-analytics.com 1 redirects d2dq2ahtl5zl1z.cloudfront.net
3 collect.albacross.com
3 www.facebook.com
3 track.hubspot.com once.deputy.com
3 fonts.gstatic.com d2sebmzxyyulvv.cloudfront.net
www.deputy.com
3 fonts.googleapis.com once.deputy.com
www.deputy.com
2 us-u.openx.net 1 redirects
2 x.bidswitch.net 1 redirects
2 eb2.3lift.com 1 redirects
2 ads.yahoo.com 2 redirects
2 sync.outbrain.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 pixel.advertising.com 2 redirects
2 www.google.de
2 www.google.com 1 redirects
2 api.segment.io d2dq2ahtl5zl1z.cloudfront.net
2 js.hs-analytics.net www.deputy.com
d2dq2ahtl5zl1z.cloudfront.net
2 cdnjs.cloudflare.com www.deputy.com
2 cdn2.hubspot.net www.deputy.com
1 cm.g.doubleclick.net 1 redirects
1 idsync.rlcdn.com
1 ib.adnxs.com
1 trc.taboola.com
1 simage2.pubmatic.com
1 pixel.rubiconproject.com
1 dntcl.qualaroo.com cl.qualaroo.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 cl.qualaroo.com once.deputy.com
1 serve.albacross.com once.deputy.com
1 www.googleadservices.com www.googletagmanager.com
1 forms.hubspot.com js.hsleadflows.net
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com d2dq2ahtl5zl1z.cloudfront.net
1 cdn.madkudu.com d2dq2ahtl5zl1z.cloudfront.net
1 api.hubspot.com js.usemessages.com
1 js.usemessages.com www.deputy.com
1 js.hsleadflows.net www.deputy.com
1 d2dq2ahtl5zl1z.cloudfront.net www.deputy.com
1 designers.hubspot.com www.deputy.com
1 na.deputy.com 1 redirects
96 48

This site contains links to these domains. Also see Links.

Domain
www.deputy.com
Subject Issuer Validity Valid
deputy.com
Amazon
2018-10-29 -
2019-11-29
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
*.googleapis.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months crt.sh
ssl902444.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-04-12 -
2019-10-19
6 months crt.sh
*.google.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months crt.sh
hs.deputy.com
CloudFlare Inc ECC CA-2
2019-05-13 -
2020-05-13
a year crt.sh
hubspot.net
CloudFlare Inc ECC CA-2
2019-04-16 -
2020-04-16
a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-08-10 -
2020-02-16
6 months crt.sh
3.hubspot.com
DigiCert SHA2 High Assurance Server CA
2018-05-04 -
2020-05-08
2 years crt.sh
ssl817706.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-08-13 -
2020-02-19
6 months crt.sh
ssl803670.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-05-29 -
2019-12-05
6 months crt.sh
ssl817703.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-08-13 -
2020-02-19
6 months crt.sh
hubspot.com
CloudFlare Inc ECC CA-2
2019-08-28 -
2020-08-27
a year crt.sh
*.segment.com
DigiCert SHA2 Secure Server CA
2019-06-24 -
2020-07-01
a year crt.sh
*.madkudu.com
Amazon
2019-08-09 -
2020-09-09
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months crt.sh
www.google.de
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA
2018-12-19 -
2020-03-19
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-08-24 -
2019-10-19
2 months crt.sh
*.albacross.com
Amazon
2018-11-01 -
2019-12-01
a year crt.sh
1752581972.rsc.cdn77.org
Let's Encrypt Authority X3
2019-07-19 -
2019-10-17
3 months crt.sh
www.google.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months crt.sh
1771968717.rsc.cdn77.org
Let's Encrypt Authority X3
2019-08-15 -
2019-11-13
3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2019-05-08 -
2019-11-04
6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2019-07-17 -
2020-03-09
8 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2019-01-10 -
2021-01-14
2 years crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-07-30 -
2020-07-25
a year crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA
2019-02-22 -
2021-02-21
2 years crt.sh
*.3lift.com
Amazon
2019-07-17 -
2020-08-17
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2019-04-17 -
2020-05-04
a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-04-24 -
2020-04-23
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2018-01-04 -
2020-07-09
3 years crt.sh

This page contains 3 frames:

Primary Page: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Frame ID: 18B8E0D78BEE0AAD8CCD43B8E601BCCE
Requests: 21 HTTP requests in this frame

Frame: https://www.deputy.com/lp/login-splash-prod
Frame ID: 98268D690EE1459F237610C37BD2D228
Requests: 74 HTTP requests in this frame

Frame: https://dntcl.qualaroo.com/frame.html
Frame ID: 820ACACC7A502F920DA4A3B03A465F84
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://na.deputy.com/ HTTP 302
    https://once.deputy.com/my/ Page URL
  2. https://once.deputy.com/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F HTTP 302
    https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /backbone.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /backbone.*\.js/i

Page Statistics

96
Requests

100 %
HTTPS

48 %
IPv6

35
Domains

48
Subdomains

40
IPs

9
Countries

1286 kB
Transfer

4384 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://na.deputy.com/ HTTP 302
    https://once.deputy.com/my/ Page URL
  2. https://once.deputy.com/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F HTTP 302
    https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://na.deputy.com/ HTTP 302
  • https://once.deputy.com/my/
Request Chain 53
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=485322762&utmhn=www.deputy.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=800x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Deputy%20Login%20Splash%20Page&utmhid=1744339701&utmr=https%3A%2F%2Fonce.deputy.com%2Fmy%2Flogin%3Fredirect_url%3Dhttps%253A%252F%252Fonce.deputy.com%252Fmy%252F&utmp=%2Flp%2Flogin-splash-prod&utmht=1568251982747&utmac=UA-16910580-1&utmcc=__utma%3D1.1003120390.1568251983.1568251983.1568251983.1%3B%2B__utmz%3D1.1568251983.1.1.utmcsr%3Donce.deputy.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2Fmy%2Flogin%3B&utmjid=2114940765&utmredir=1&utmu=qhCAAAAAAAAAAAAAAAAAAABE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-16910580-1&cid=1003120390.1568251983&jid=2114940765&_v=5.7.2&z=485322762 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16910580-1&cid=1003120390.1568251983&jid=2114940765&_v=5.7.2&z=485322762 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16910580-1&cid=1003120390.1568251983&jid=2114940765&_v=5.7.2&z=485322762&slf_rd=1&random=3162273573
Request Chain 63
  • https://s.adroll.com/j/exp/WYGYQ3R5TRBGVKEL7RO37B/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 74
  • https://d.adroll.com/pixel/WYGYQ3R5TRBGVKEL7RO37B/R3FKS2NKSBEGVOBYCAXY4A?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&pv=79944715632.50603&cookie=&adroll_s_ref=https%3A//once.deputy.com/my/login%3Fredirect_url%3Dhttps%253A%252F%252Fonce.deputy.com%252Fmy%252F&keyw=&arrfrr=https%3A%2F%2Fwww.deputy.com%2Flp%2Flogin-splash-prod HTTP 302
  • https://s.adroll.com/pixel/WYGYQ3R5TRBGVKEL7RO37B/R3FKS2NKSBEGVOBYCAXY4A/25AOC2LWHRGMPGUVE76YD6.js
Request Chain 76
  • https://d.adroll.com/cm/aol/out?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&advertisable=WYGYQ3R5TRBGVKEL7RO37B HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP434a555b-d4fd-11e9-a89f-0210c3062a56 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP434a555b-d4fd-11e9-a89f-0210c3062a56&verify=true
Request Chain 77
  • https://d.adroll.com/cm/index/out?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&advertisable=WYGYQ3R5TRBGVKEL7RO37B HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&expiration=1599787983 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&expiration=1599787983&C=1
Request Chain 78
  • https://d.adroll.com/cm/n/out?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&advertisable=WYGYQ3R5TRBGVKEL7RO37B HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&expires=365
Request Chain 79
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&advertisable=WYGYQ3R5TRBGVKEL7RO37B HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&rdrctExp=true
Request Chain 80
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&advertisable=WYGYQ3R5TRBGVKEL7RO37B HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 81
  • https://d.adroll.com/cm/r/out?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&advertisable=WYGYQ3R5TRBGVKEL7RO37B HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 82
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&advertisable=WYGYQ3R5TRBGVKEL7RO37B HTTP 302
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI
Request Chain 83
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&advertisable=WYGYQ3R5TRBGVKEL7RO37B HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&dongle=c85e&gdpr=1&cmp_cs=
Request Chain 84
  • https://d.adroll.com/cm/r/out?advertisable=WYGYQ3R5TRBGVKEL7RO37B HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 85
  • https://d.adroll.com/cm/b/out?advertisable=WYGYQ3R5TRBGVKEL7RO37B HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI
Request Chain 86
  • https://d.adroll.com/cm/x/out?advertisable=WYGYQ3R5TRBGVKEL7RO37B HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI
Request Chain 87
  • https://d.adroll.com/cm/l/out?advertisable=WYGYQ3R5TRBGVKEL7RO37B HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=8d393a9c119b4ff331d39e820de45642
Request Chain 88
  • https://d.adroll.com/cm/o/out?advertisable=WYGYQ3R5TRBGVKEL7RO37B HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=8d393a9c119b4ff331d39e820de45642 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=8d393a9c119b4ff331d39e820de45642
Request Chain 89
  • https://d.adroll.com/cm/g/out?advertisable=WYGYQ3R5TRBGVKEL7RO37B&google_nid=adroll4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=jTk6nBGbT_Mx056CDeRWQg HTTP 302
  • https://d.adroll.com/cm/g/in

96 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
once.deputy.com/my/
Redirect Chain
  • http://na.deputy.com/
  • https://once.deputy.com/my/
198 B
433 B
Document
General
Full URL
https://once.deputy.com/my/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.220.67 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-27-220-67.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
ed81f164b8d8cd29b76ff29afcbb98793d5a23241bccf77da4a436300a3171c0

Request headers

:method
GET
:authority
once.deputy.com
:scheme
https
:path
/my/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 12 Sep 2019 01:33:00 GMT
content-type
text/html; charset=UTF-8
content-length
168
server
Apache
set-cookie
DPSID=k84ve38bi4cpp5ki70e2sj5j24; path=/; domain=once.deputy.com; secure; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
private
pragma
no-cache
vary
Accept-Encoding,User-Agent
content-encoding
gzip

Redirect headers

Date
Thu, 12 Sep 2019 01:32:59 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Server
Apache
Location
https://once.deputy.com/my/
Vary
User-Agent
Primary Request login
once.deputy.com/my/
Redirect Chain
  • https://once.deputy.com/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
  • https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
16 KB
10 KB
Document
General
Full URL
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.220.67 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-27-220-67.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
b6c0cf96895bae56d5598a9d8dda3c08faed9a929a5ea7761f2c967abbe07668
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *.deputy.com *.deputec.com www.deputy.com *.intercom.io *.intercomassets.com *.intercomcdn.com *.intercomusercontent.com *.intercom.help intercom.help *.intercom-sheets.com intercom-sheets.com d2mckvlpm046l3.cloudfront.net *.pusher.com d1m66yh0amo3la.cloudfront.net deputyfile.s3.amazonaws.com d2sebmzxyyulvv.cloudfront.net d11hmzhsuwuq9f.cloudfront.net *.gstatic.com *.google.com *.googleapis.com *.ggpht.com *.googletagmanager.com *.google-analytics.com *.fullstory.com fullstory.com sdk.amazonaws.com *.walkme.com d3sbxpiag177w8.cloudfront.net *.typeform.com calendly.com app.launchdarkly.com events.launchdarkly.com *.chilipiper.com d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net d2qhvajt3imc89.cloudfront.net i.vimeocdn.com *.vimeo.com vimeo.com *.ytimg.com pixel.everesttech.net service-proxy.deputy.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.deputy.com *.deputec.com www.deputy.com *.intercom.io *.intercomassets.com *.intercomcdn.com *.intercomusercontent.com *.intercom.help intercom.help *.intercom-sheets.com intercom-sheets.com d2mckvlpm046l3.cloudfront.net *.pusher.com d1m66yh0amo3la.cloudfront.net deputyfile.s3.amazonaws.com d2sebmzxyyulvv.cloudfront.net d11hmzhsuwuq9f.cloudfront.net *.gstatic.com *.google.com *.googleapis.com *.ggpht.com *.googletagmanager.com *.google-analytics.com *.fullstory.com fullstory.com sdk.amazonaws.com *.walkme.com d3sbxpiag177w8.cloudfront.net *.typeform.com calendly.com app.launchdarkly.com events.launchdarkly.com *.chilipiper.com d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net d2qhvajt3imc89.cloudfront.net i.vimeocdn.com *.vimeo.com vimeo.com *.ytimg.com pixel.everesttech.net service-proxy.deputy.com; img-src 'self' data: www.paypalobjects.com *.deputy.com *.deputec.com www.deputy.com *.intercom.io *.intercomassets.com *.intercomcdn.com *.intercomusercontent.com *.intercom.help intercom.help *.intercom-sheets.com intercom-sheets.com d2mckvlpm046l3.cloudfront.net *.pusher.com d1m66yh0amo3la.cloudfront.net deputyfile.s3.amazonaws.com d2sebmzxyyulvv.cloudfront.net d11hmzhsuwuq9f.cloudfront.net *.gstatic.com *.google.com *.googleapis.com *.ggpht.com *.googletagmanager.com *.google-analytics.com *.fullstory.com fullstory.com sdk.amazonaws.com *.walkme.com d3sbxpiag177w8.cloudfront.net *.typeform.com calendly.com app.launchdarkly.com events.launchdarkly.com *.chilipiper.com d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net d2qhvajt3imc89.cloudfront.net i.vimeocdn.com *.vimeo.com vimeo.com *.ytimg.com pixel.everesttech.net service-proxy.deputy.com; connect-src 'self' wss: firehose.us-west-2.amazonaws.com *.deputy.com *.deputec.com www.deputy.com *.intercom.io *.intercomassets.com *.intercomcdn.com *.intercomusercontent.com *.intercom.help intercom.help *.intercom-sheets.com intercom-sheets.com d2mckvlpm046l3.cloudfront.net *.pusher.com d1m66yh0amo3la.cloudfront.net deputyfile.s3.amazonaws.com d2sebmzxyyulvv.cloudfront.net d11hmzhsuwuq9f.cloudfront.net *.gstatic.com *.google.com *.googleapis.com *.ggpht.com *.googletagmanager.com *.google-analytics.com *.fullstory.com fullstory.com sdk.amazonaws.com *.walkme.com d3sbxpiag177w8.cloudfront.net *.typeform.com calendly.com app.launchdarkly.com events.launchdarkly.com *.chilipiper.com d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net d2qhvajt3imc89.cloudfront.net i.vimeocdn.com *.vimeo.com vimeo.com *.ytimg.com pixel.everesttech.net service-proxy.deputy.com; style-src 'self' 'unsafe-inline' *.deputy.com *.deputec.com www.deputy.com *.intercom.io *.intercomassets.com *.intercomcdn.com *.intercomusercontent.com *.intercom.help intercom.help *.intercom-sheets.com intercom-sheets.com d2mckvlpm046l3.cloudfront.net *.pusher.com d1m66yh0amo3la.cloudfront.net deputyfile.s3.amazonaws.com d2sebmzxyyulvv.cloudfront.net d11hmzhsuwuq9f.cloudfront.net *.gstatic.com *.google.com *.googleapis.com *.ggpht.com *.googletagmanager.com *.google-analytics.com *.fullstory.com fullstory.com sdk.amazonaws.com *.walkme.com d3sbxpiag177w8.cloudfront.net *.typeform.com calendly.com app.launchdarkly.com events.launchdarkly.com *.chilipiper.com d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net d2qhvajt3imc89.cloudfront.net i.vimeocdn.com *.vimeo.com vimeo.com *.ytimg.com pixel.everesttech.net service-proxy.deputy.com; font-src 'self' data: *.deputy.com *.deputec.com www.deputy.com *.intercom.io *.intercomassets.com *.intercomcdn.com *.intercomusercontent.com *.intercom.help intercom.help *.intercom-sheets.com intercom-sheets.com d2mckvlpm046l3.cloudfront.net *.pusher.com d1m66yh0amo3la.cloudfront.net deputyfile.s3.amazonaws.com d2sebmzxyyulvv.cloudfront.net d11hmzhsuwuq9f.cloudfront.net *.gstatic.com *.google.com *.googleapis.com *.ggpht.com *.googletagmanager.com *.google-analytics.com *.fullstory.com fullstory.com sdk.amazonaws.com *.walkme.com d3sbxpiag177w8.cloudfront.net *.typeform.com calendly.com app.launchdarkly.com events.launchdarkly.com *.chilipiper.com d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net d2qhvajt3imc89.cloudfront.net i.vimeocdn.com *.vimeo.com vimeo.com *.ytimg.com pixel.everesttech.net service-proxy.deputy.com; frame-ancestors 'self' *.deputy.com *.deputec.com www.deputy.com *.intercom.io *.intercomassets.com *.intercomcdn.com *.intercomusercontent.com *.intercom.help intercom.help *.intercom-sheets.com intercom-sheets.com d2mckvlpm046l3.cloudfront.net *.pusher.com d1m66yh0amo3la.cloudfront.net deputyfile.s3.amazonaws.com d2sebmzxyyulvv.cloudfront.net d11hmzhsuwuq9f.cloudfront.net *.gstatic.com *.google.com *.googleapis.com *.ggpht.com *.googletagmanager.com *.google-analytics.com *.fullstory.com fullstory.com sdk.amazonaws.com *.walkme.com d3sbxpiag177w8.cloudfront.net *.typeform.com calendly.com app.launchdarkly.com events.launchdarkly.com *.chilipiper.com d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net d2qhvajt3imc89.cloudfront.net i.vimeocdn.com *.vimeo.com vimeo.com *.ytimg.com pixel.everesttech.net service-proxy.deputy.com; child-src 'self' mailto: data: tel: *.youtube.com *.vimeo.com *.wistia.net *.deputy.com *.deputec.com www.deputy.com *.intercom.io *.intercomassets.com *.intercomcdn.com *.intercomusercontent.com *.intercom.help intercom.help *.intercom-sheets.com intercom-sheets.com d2mckvlpm046l3.cloudfront.net *.pusher.com d1m66yh0amo3la.cloudfront.net deputyfile.s3.amazonaws.com d2sebmzxyyulvv.cloudfront.net d11hmzhsuwuq9f.cloudfront.net *.gstatic.com *.google.com *.googleapis.com *.ggpht.com *.googletagmanager.com *.google-analytics.com *.fullstory.com fullstory.com sdk.amazonaws.com *.walkme.com d3sbxpiag177w8.cloudfront.net *.typeform.com calendly.com app.launchdarkly.com events.launchdarkly.com *.chilipiper.com d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net d2qhvajt3imc89.cloudfront.net i.vimeocdn.com *.vimeo.com vimeo.com *.ytimg.com pixel.everesttech.net service-proxy.deputy.com; report-uri /error;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
once.deputy.com
:scheme
https
:path
/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
referer
https://once.deputy.com/my/
accept-encoding
gzip, deflate, br
cookie
DPSID=k84ve38bi4cpp5ki70e2sj5j24
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://once.deputy.com/my/

Response headers

status
200
date
Thu, 12 Sep 2019 01:33:00 GMT
content-type
text/html; charset=UTF-8
server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-security-policy
default-src 'self' 'unsafe-inline' *.deputy.com *.deputec.com www.deputy.com *.intercom.io *.intercomassets.com *.intercomcdn.com *.intercomusercontent.com *.intercom.help intercom.help *.intercom-sheets.com intercom-sheets.com d2mckvlpm046l3.cloudfront.net *.pusher.com d1m66yh0amo3la.cloudfront.net deputyfile.s3.amazonaws.com d2sebmzxyyulvv.cloudfront.net d11hmzhsuwuq9f.cloudfront.net *.gstatic.com *.google.com *.googleapis.com *.ggpht.com *.googletagmanager.com *.google-analytics.com *.fullstory.com fullstory.com sdk.amazonaws.com *.walkme.com d3sbxpiag177w8.cloudfront.net *.typeform.com calendly.com app.launchdarkly.com events.launchdarkly.com *.chilipiper.com d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net d2qhvajt3imc89.cloudfront.net i.vimeocdn.com *.vimeo.com vimeo.com *.ytimg.com pixel.everesttech.net service-proxy.deputy.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.deputy.com *.deputec.com www.deputy.com *.intercom.io *.intercomassets.com *.intercomcdn.com *.intercomusercontent.com *.intercom.help intercom.help *.intercom-sheets.com intercom-sheets.com d2mckvlpm046l3.cloudfront.net *.pusher.com d1m66yh0amo3la.cloudfront.net deputyfile.s3.amazonaws.com d2sebmzxyyulvv.cloudfront.net d11hmzhsuwuq9f.cloudfront.net *.gstatic.com *.google.com *.googleapis.com *.ggpht.com *.googletagmanager.com *.google-analytics.com *.fullstory.com fullstory.com sdk.amazonaws.com *.walkme.com d3sbxpiag177w8.cloudfront.net *.typeform.com calendly.com app.launchdarkly.com events.launchdarkly.com *.chilipiper.com d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net d2qhvajt3imc89.cloudfront.net i.vimeocdn.com *.vimeo.com vimeo.com *.ytimg.com pixel.everesttech.net service-proxy.deputy.com; img-src 'self' data: www.paypalobjects.com *.deputy.com *.deputec.com www.deputy.com *.intercom.io *.intercomassets.com *.intercomcdn.com *.intercomusercontent.com *.intercom.help intercom.help *.intercom-sheets.com intercom-sheets.com d2mckvlpm046l3.cloudfront.net *.pusher.com d1m66yh0amo3la.cloudfront.net deputyfile.s3.amazonaws.com d2sebmzxyyulvv.cloudfront.net d11hmzhsuwuq9f.cloudfront.net *.gstatic.com *.google.com *.googleapis.com *.ggpht.com *.googletagmanager.com *.google-analytics.com *.fullstory.com fullstory.com sdk.amazonaws.com *.walkme.com d3sbxpiag177w8.cloudfront.net *.typeform.com calendly.com app.launchdarkly.com events.launchdarkly.com *.chilipiper.com d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net d2qhvajt3imc89.cloudfront.net i.vimeocdn.com *.vimeo.com vimeo.com *.ytimg.com pixel.everesttech.net service-proxy.deputy.com; connect-src 'self' wss: firehose.us-west-2.amazonaws.com *.deputy.com *.deputec.com www.deputy.com *.intercom.io *.intercomassets.com *.intercomcdn.com *.intercomusercontent.com *.intercom.help intercom.help *.intercom-sheets.com intercom-sheets.com d2mckvlpm046l3.cloudfront.net *.pusher.com d1m66yh0amo3la.cloudfront.net deputyfile.s3.amazonaws.com d2sebmzxyyulvv.cloudfront.net d11hmzhsuwuq9f.cloudfront.net *.gstatic.com *.google.com *.googleapis.com *.ggpht.com *.googletagmanager.com *.google-analytics.com *.fullstory.com fullstory.com sdk.amazonaws.com *.walkme.com d3sbxpiag177w8.cloudfront.net *.typeform.com calendly.com app.launchdarkly.com events.launchdarkly.com *.chilipiper.com d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net d2qhvajt3imc89.cloudfront.net i.vimeocdn.com *.vimeo.com vimeo.com *.ytimg.com pixel.everesttech.net service-proxy.deputy.com; style-src 'self' 'unsafe-inline' *.deputy.com *.deputec.com www.deputy.com *.intercom.io *.intercomassets.com *.intercomcdn.com *.intercomusercontent.com *.intercom.help intercom.help *.intercom-sheets.com intercom-sheets.com d2mckvlpm046l3.cloudfront.net *.pusher.com d1m66yh0amo3la.cloudfront.net deputyfile.s3.amazonaws.com d2sebmzxyyulvv.cloudfront.net d11hmzhsuwuq9f.cloudfront.net *.gstatic.com *.google.com *.googleapis.com *.ggpht.com *.googletagmanager.com *.google-analytics.com *.fullstory.com fullstory.com sdk.amazonaws.com *.walkme.com d3sbxpiag177w8.cloudfront.net *.typeform.com calendly.com app.launchdarkly.com events.launchdarkly.com *.chilipiper.com d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net d2qhvajt3imc89.cloudfront.net i.vimeocdn.com *.vimeo.com vimeo.com *.ytimg.com pixel.everesttech.net service-proxy.deputy.com; font-src 'self' data: *.deputy.com *.deputec.com www.deputy.com *.intercom.io *.intercomassets.com *.intercomcdn.com *.intercomusercontent.com *.intercom.help intercom.help *.intercom-sheets.com intercom-sheets.com d2mckvlpm046l3.cloudfront.net *.pusher.com d1m66yh0amo3la.cloudfront.net deputyfile.s3.amazonaws.com d2sebmzxyyulvv.cloudfront.net d11hmzhsuwuq9f.cloudfront.net *.gstatic.com *.google.com *.googleapis.com *.ggpht.com *.googletagmanager.com *.google-analytics.com *.fullstory.com fullstory.com sdk.amazonaws.com *.walkme.com d3sbxpiag177w8.cloudfront.net *.typeform.com calendly.com app.launchdarkly.com events.launchdarkly.com *.chilipiper.com d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net d2qhvajt3imc89.cloudfront.net i.vimeocdn.com *.vimeo.com vimeo.com *.ytimg.com pixel.everesttech.net service-proxy.deputy.com; frame-ancestors 'self' *.deputy.com *.deputec.com www.deputy.com *.intercom.io *.intercomassets.com *.intercomcdn.com *.intercomusercontent.com *.intercom.help intercom.help *.intercom-sheets.com intercom-sheets.com d2mckvlpm046l3.cloudfront.net *.pusher.com d1m66yh0amo3la.cloudfront.net deputyfile.s3.amazonaws.com d2sebmzxyyulvv.cloudfront.net d11hmzhsuwuq9f.cloudfront.net *.gstatic.com *.google.com *.googleapis.com *.ggpht.com *.googletagmanager.com *.google-analytics.com *.fullstory.com fullstory.com sdk.amazonaws.com *.walkme.com d3sbxpiag177w8.cloudfront.net *.typeform.com calendly.com app.launchdarkly.com events.launchdarkly.com *.chilipiper.com d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net d2qhvajt3imc89.cloudfront.net i.vimeocdn.com *.vimeo.com vimeo.com *.ytimg.com pixel.everesttech.net service-proxy.deputy.com; child-src 'self' mailto: data: tel: *.youtube.com *.vimeo.com *.wistia.net *.deputy.com *.deputec.com www.deputy.com *.intercom.io *.intercomassets.com *.intercomcdn.com *.intercomusercontent.com *.intercom.help intercom.help *.intercom-sheets.com intercom-sheets.com d2mckvlpm046l3.cloudfront.net *.pusher.com d1m66yh0amo3la.cloudfront.net deputyfile.s3.amazonaws.com d2sebmzxyyulvv.cloudfront.net d11hmzhsuwuq9f.cloudfront.net *.gstatic.com *.google.com *.googleapis.com *.ggpht.com *.googletagmanager.com *.google-analytics.com *.fullstory.com fullstory.com sdk.amazonaws.com *.walkme.com d3sbxpiag177w8.cloudfront.net *.typeform.com calendly.com app.launchdarkly.com events.launchdarkly.com *.chilipiper.com d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net d2qhvajt3imc89.cloudfront.net i.vimeocdn.com *.vimeo.com vimeo.com *.ytimg.com pixel.everesttech.net service-proxy.deputy.com; report-uri /error;
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,User-Agent
content-encoding
gzip

Redirect headers

status
302
date
Thu, 12 Sep 2019 01:33:00 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
server
Apache
cache-control
private
vary
User-Agent
deputy-fonts.min.css
d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/css/
18 KB
4 KB
Stylesheet
General
Full URL
https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/css/deputy-fonts.min.css
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.229 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-229.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc3145c23305ef562d6badbb9b996d179a1e8305378d951429dd9307a1efa387

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:26:46 GMT
content-encoding
gzip
age
1217175
x-cache
Hit from cloudfront
status
200
last-modified
Wed, 28 Aug 2019 21:09:45 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:97b2f66e9c072c812822838f8aed30e0
vary
Accept-Encoding
x-amz-version-id
Xv252e5hHlzubaqLcWI38Pua6yvpYT8R
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control
max-age=7777000
x-amz-cf-pop
FRA53-C1
content-type
text/css
x-amz-cf-id
RjUX5r72OB4pVwHNTb2yG9G7vu-npdXZCIUfjf6dG2bSktSC1j0UuA==
expires
Fri, 01 Jan 2030 16:00:00 GMT
dp.lib.corev2.min.js
d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/js/
513 KB
147 KB
Script
General
Full URL
https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/js/dp.lib.corev2.min.js
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.229 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-229.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc1fa30080268c17f6d404f044ba06ac3ef3d56b62b9847e8fb1da77ef4e1ed0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 29 Aug 2019 00:37:21 GMT
content-encoding
gzip
age
1212939
x-cache
Hit from cloudfront
status
200
last-modified
Wed, 28 Aug 2019 21:08:22 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:069945ed6eefc8a8e45f874247791d5b
vary
Accept-Encoding
x-amz-version-id
vEBK6uH045GnFmaT0OXD2d1yZl7Wwllc
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control
max-age=7777000
x-amz-cf-pop
FRA53-C1
content-type
text/javascript
x-amz-cf-id
loxH8N4c8ttERd5Wb4TXFSYyoqpxhUD1Wan1OKtlyfCKXN0KcIKtEQ==
expires
Fri, 01 Jan 2030 16:00:00 GMT
jquery.reject.min.js
d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/js/_lib/
8 KB
4 KB
Script
General
Full URL
https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/js/_lib/jquery.reject.min.js
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.229 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-229.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b41b8beaf20f6ae36be87c26e09374c97a8d6dccf86318c677fcf8a1f3d4ab7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:26:50 GMT
content-encoding
gzip
age
1217171
x-cache
Hit from cloudfront
status
200
last-modified
Wed, 28 Aug 2019 21:09:17 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:7b45a6893bfbb7dd73d1d96dd1144f24
vary
Accept-Encoding
x-amz-version-id
h80GoEdVYG7ibMY7hswjEQziVJYZOo2K
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control
max-age=7777000
x-amz-cf-pop
FRA53-C1
content-type
text/javascript
x-amz-cf-id
b543x4iQ8vLlBYNVJRUIeSApM-ZhrlLIGu6y0byS61jWab0guxlYHA==
expires
Fri, 01 Jan 2030 16:00:00 GMT
deputy.min.css
d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/css/
582 KB
102 KB
Stylesheet
General
Full URL
https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/css/deputy.min.css
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.229 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-229.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
071f962485b679abfe48de4568e92970d6c7f4ef74c0faeacddc0f5f5c11fe32

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:26:48 GMT
content-encoding
gzip
age
1217173
x-cache
Hit from cloudfront
status
200
last-modified
Wed, 28 Aug 2019 21:10:00 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:99a47273f706d9af5dd424fd39290a27
vary
Accept-Encoding
x-amz-version-id
scJrUe0LKEJ_AYHcHapSYXIdAYM1287y
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control
max-age=7777000
x-amz-cf-pop
FRA53-C1
content-type
text/css
x-amz-cf-id
EPCIuy0zrVij-5DVrs74F5Bbi9ayZS9f6AGl28QoZ8zgT5D_8Lu_gQ==
expires
Fri, 01 Jan 2030 16:00:00 GMT
jquery.reject.min.css
d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/css/_app/
2 KB
1 KB
Stylesheet
General
Full URL
https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/css/_app/jquery.reject.min.css
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.229 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-229.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ded68f99fe8675e5f6fc5304b2e26dc582c305f601abc6030844632a7517fc5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:26:47 GMT
content-encoding
gzip
age
1217174
x-cache
Hit from cloudfront
status
200
last-modified
Wed, 28 Aug 2019 21:09:53 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:37f48100534874d41030b67386269561
vary
Accept-Encoding
x-amz-version-id
W8gU1SV2nTkIL54fjXzJBa8XOTfngEwk
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control
max-age=7777000
x-amz-cf-pop
FRA53-C1
content-type
text/css
x-amz-cf-id
UEVpE5I0htReunb8bbpeZFkRkVd8rw93Ax2uh-Kj5JLrbkYyq-PD-g==
expires
Fri, 01 Jan 2030 16:00:00 GMT
backbone-validation.min.js
d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/js/_lib/
11 KB
3 KB
Script
General
Full URL
https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/js/_lib/backbone-validation.min.js
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.229 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-229.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c597592b0e5e4c69f1d24926e1ac9d47c00c12e58ccf9db9f8242a69b0d23ec9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 19:22:46 GMT
content-encoding
gzip
age
972615
x-cache
Hit from cloudfront
status
200
last-modified
Wed, 28 Aug 2019 21:09:16 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:6c4ef127cb9faa560332d2b5311944a4
vary
Accept-Encoding
x-amz-version-id
m9Y99dtfsriDHDjYeCAlXVyT5I.D33V_
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control
max-age=7777000
x-amz-cf-pop
FRA53-C1
content-type
text/javascript
x-amz-cf-id
MJn2xwH0t7mdDLQPXzPF6HWVJy4I_jNxxNMizpRN_QGJF0ZuOcE0BA==
expires
Fri, 01 Jan 2030 16:00:00 GMT
dp.my.base.min.js
d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/js/_app/
8 KB
3 KB
Script
General
Full URL
https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/js/_app/dp.my.base.min.js
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.229 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-229.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
410df1f1e7af7727b369d643cae6bac0ed908a6f65189d01bf0b77e26960475a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 19:22:46 GMT
content-encoding
gzip
age
972615
x-cache
Hit from cloudfront
status
200
last-modified
Wed, 28 Aug 2019 21:08:55 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:a7a531b117413a5c0c86033f84e4319f
vary
Accept-Encoding
x-amz-version-id
rPeFBJsauk24odAiA3iMIH1kvBN71aDV
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control
max-age=7777000
x-amz-cf-pop
FRA53-C1
content-type
text/javascript
x-amz-cf-id
Jjgmk_qq04f8FYhM1-ARW9aTrJE_gWrCuzj0gCNokwv3qr6y4cTbKg==
expires
Fri, 01 Jan 2030 16:00:00 GMT
dp.my.login.min.js
d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/js/_app/
5 KB
2 KB
Script
General
Full URL
https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/js/_app/dp.my.login.min.js
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.229 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-229.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22032562902c2f07fc6ea1bc61063f8a6db53df14b223660437ab9a547b9adbc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 19:22:47 GMT
content-encoding
gzip
age
972614
x-cache
Hit from cloudfront
status
200
last-modified
Wed, 28 Aug 2019 21:08:58 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:5b9498b0046896986697a2e3e1cc4942
vary
Accept-Encoding
x-amz-version-id
6wsMg0RvmdLTuED0UXvYoSGKLFsiUz1s
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control
max-age=7777000
x-amz-cf-pop
FRA53-C1
content-type
text/javascript
x-amz-cf-id
dAktB1N_CNhDKQEVCRr9rJvSKb-JsTr7OBVfkypwjJc0cdJZ2RVJJw==
expires
Fri, 01 Jan 2030 16:00:00 GMT
google.svg
d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/img/login/
688 B
1 KB
Image
General
Full URL
https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/img/login/google.svg
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.229 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-229.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 19:22:46 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
age
972614
x-cache
Hit from cloudfront
status
200
content-length
688
last-modified
Wed, 28 Aug 2019 21:12:18 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:686f8efa6e3e28e96d1c08399e8d353d
etag
"686f8efa6e3e28e96d1c08399e8d353d"
x-amz-version-id
TIofUMf5vjhbMHoe5YLqVFqW5MGAIpd1
cache-control
max-age=7777000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/svg+xml
x-amz-cf-id
eDHqJtP9amHmi66YDBFPeXnshYX4G8j3Xgf7BChxqYwZIjB0PeSvTA==
expires
Fri, 01 Jan 2030 16:00:00 GMT
intuit_blue.png
d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/img/login/
2 KB
3 KB
Image
General
Full URL
https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/img/login/intuit_blue.png
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.229 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-229.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccda46cecfcc7d119a056a3b4d4bb231574caa9fe688fe2eb6fd020f4485ee51

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 29 Aug 2019 00:37:21 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
age
1212939
x-cache
Hit from cloudfront
status
200
content-length
2501
last-modified
Wed, 28 Aug 2019 21:13:02 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:f7aeeb9f53275c5d68c393c63557f0e3
etag
"f7aeeb9f53275c5d68c393c63557f0e3"
x-amz-version-id
t4o.WDHjFqFBGEgwLCsMfBEbmj3HSlgx
cache-control
max-age=7777000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
Rt2j0VcwhOT1yfqtz92CktnGeFs5Dd-6gaOloKP4mpHaFOhX7K4rJA==
expires
Fri, 01 Jan 2030 16:00:00 GMT
adp-logo-white.png
d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/img/login/
59 KB
60 KB
Image
General
Full URL
https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/img/login/adp-logo-white.png
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.229 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-229.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae64e367d9b17277598aa32cf7705caa9879e4e6a6a07bf6e6917f005d750b9d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 19:22:47 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
age
972614
x-cache
Hit from cloudfront
status
200
content-length
60616
last-modified
Wed, 28 Aug 2019 21:13:02 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:6577f83a42b6904868bafcaa7ca92596
etag
"6577f83a42b6904868bafcaa7ca92596"
x-amz-version-id
JpLs7k_647egiwJANpMzfMWrvOOF7O9x
cache-control
max-age=7777000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
sgSrw8UnIueoesGsxnKuVeVvCGXYnoMoXiXkGcH48eUhI4M6DhS0Og==
expires
Fri, 01 Jan 2030 16:00:00 GMT
css
fonts.googleapis.com/
3 KB
756 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,300,400,700
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
bc6b96a7245cd2f73ac09a4290d0a3ea04a4ae60496ec51cacbd4bc9dc2d6f39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 12 Sep 2019 01:33:00 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 12 Sep 2019 01:33:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Thu, 12 Sep 2019 01:33:00 GMT
css
fonts.googleapis.com/
3 KB
539 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
34401e82a1141472df1697a141aa50812c17e6138424ca4caba5f3fc69885f4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 12 Sep 2019 01:33:00 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 12 Sep 2019 01:33:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Thu, 12 Sep 2019 01:33:00 GMT
flag-icon.min.css
d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/fonts/flag-icon-css/css/
33 KB
3 KB
Stylesheet
General
Full URL
https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/fonts/flag-icon-css/css/flag-icon.min.css
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.229 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-229.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3645cc7cf729a22877ff158372b25c017efca47a5fc31921363d1b01ff00313b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:26:48 GMT
content-encoding
gzip
age
1217173
x-cache
Hit from cloudfront
status
200
last-modified
Wed, 28 Aug 2019 21:09:41 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:3ec51e5e797a0b68940179e636a6bdac
vary
Accept-Encoding
x-amz-version-id
Nuu2kKnkDkVz4OOfEEeQ9C6QB8d7ukvW
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control
max-age=7777000
x-amz-cf-pop
FRA53-C1
content-type
text/css
x-amz-cf-id
_-Qq0gGhECnlcpv3c5NYltP3J4goOj_cH687eVaXVYEqhkgwWwpDIg==
expires
Fri, 01 Jan 2030 16:00:00 GMT
all.min.css
d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/fonts/font-awesome-5/css/
153 KB
30 KB
Stylesheet
General
Full URL
https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/fonts/font-awesome-5/css/all.min.css
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.229 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-229.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c694cfafd5c00ba4a7a2110060eb937afccfc1d7b745a319c49764fe4ef017c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:26:49 GMT
content-encoding
gzip
age
1217172
x-cache
Hit from cloudfront
status
200
last-modified
Wed, 28 Aug 2019 21:09:41 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:28b5623458ed1aafaff6b3c0b63ed250
vary
Accept-Encoding
x-amz-version-id
CEq0A4vf_EkHmoseraLblaFq7tcGzeqZ
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control
max-age=7777000
x-amz-cf-pop
FRA53-C1
content-type
text/css
x-amz-cf-id
Vovy2ZkbXtKvbD4kVOC1Sgux5DmwtnRn-dgahfHoXsNgD3XBQXxL3g==
expires
Fri, 01 Jan 2030 16:00:00 GMT
font-awesome.min.css
d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/fonts/font-awesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/fonts/font-awesome/css/font-awesome.min.css
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.229 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-229.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40cdf2a2de9b1fc4477e6f2d6481331bad542a35b52a5b5a898311e164b6b5ea

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:26:50 GMT
content-encoding
gzip
age
1217171
x-cache
Hit from cloudfront
status
200
last-modified
Wed, 28 Aug 2019 21:09:40 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:883ef63fb6fa1e86ceb296d8483dfeb2
vary
Accept-Encoding
x-amz-version-id
Tlp24mfroCsn7jAMQt2vtRSOUCM.lmg5
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control
max-age=7777000
x-amz-cf-pop
FRA53-C1
content-type
text/css
x-amz-cf-id
vaVeMly2WSD6p1WqcYSxNfRm_bxQ6ON74d7gtrheTvc3jxeJXoBBbQ==
expires
Fri, 01 Jan 2030 16:00:00 GMT
login-splash-prod
www.deputy.com/lp/ Frame 9826
15 KB
5 KB
Document
General
Full URL
https://www.deputy.com/lp/login-splash-prod
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:d450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / HubSpot
Resource Hash
192ce9a095cfac62d7210cb9bb10c20c463a3bc147376744faafdf497b3cc630
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0

Request headers

:method
GET
:authority
www.deputy.com
:scheme
https
:path
/lp/login-splash-prod
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-site
referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F

Response headers

status
200
date
Thu, 12 Sep 2019 01:33:01 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=d2a7b2ba65a7af60a44d67e5e004257541568251980; expires=Fri, 11-Sep-20 01:33:00 GMT; path=/; domain=.deputy.com; HttpOnly; Secure __cfruid=988329988de78dee3269032778f2f29199928237-1568251981; path=/; domain=.hs.deputy.com; HttpOnly
cf-cache-status
EXPIRED
cache-control
s-maxage=7200,max-age=5
cf-ray
514e218119ddcba8-VIE
access-control-allow-credentials
false
content-security-policy
upgrade-insecure-requests
edge-cache-tag
CT-5306959175,P-3040938,CW-5555905742,CW-5556163746,CW-5556164355,E-12238357393,E-5112451106,E-5132195402,E-5137668386,PGS-ALL,SW-3,SD-38
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
</hs/hsstatic/HubspotToolsMenu/static-1.37/js/index.js>; rel=preload; as=script </hs/hsstatic/cos-i18n/static-1.10/bundles/project.js>; rel=preload; as=script
strict-transport-security
max-age=0
vary
Accept-Encoding
x-debug
https://hs.deputy.com/lp/login-splash-prod
x-hs-cache-config
BrowserCache-5s-EdgeCache-7200s
x-hs-combine-css
Retry
x-hs-content-campaign-id
c4f2123b-5e7d-4f21-ab99-f733c299d25a
x-hs-content-id
5306959175
x-hs-hub-id
3040938
x-powered-by
HubSpot
x-trace
2B02B0765092FE188FA3989D2736F22C3F7DF50722000000000000000000
server
cloudflare
content-encoding
br
cf-h2-pushed
</hs/hsstatic/HubspotToolsMenu/static-1.37/js/index.js>,</hs/hsstatic/cos-i18n/static-1.10/bundles/project.js>
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: d2sebmzxyyulvv.cloudfront.net
URL: https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/js/dp.lib.corev2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:100,300,400,700
Origin
https://once.deputy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 13:36:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
1425411
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
14044
x-xss-protection
0
expires
Tue, 25 Aug 2020 13:36:09 GMT
deputy-icon.ttf
d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/fonts/icomoon/fonts/
69 KB
41 KB
Font
General
Full URL
https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/fonts/icomoon/fonts/deputy-icon.ttf
Requested by
Host: d2sebmzxyyulvv.cloudfront.net
URL: https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/js/dp.lib.corev2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.229 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-229.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1e7c28b44aa96a7e41e241fa0ad92675167f7608e18a5c7dfa337c60cfcd652

Request headers

Sec-Fetch-Mode
cors
Referer
https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/css/deputy-fonts.min.css
Origin
https://once.deputy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 00:07:04 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
91556
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Wed, 28 Aug 2019 21:12:34 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:581eb95f44a86abaf6f0781197906de5
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-amz-version-id
txaBMVdusWia7tAx1WFIA_7tiot_PlUD
via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control
max-age=7777000
x-amz-cf-pop
FRA53-C1
content-type
application/x-font-ttf
x-amz-cf-id
jxlHPhVkwd7eR1e_P8dKii2PljWT0ywqJLUii0ZNqG4m9tVTFamfeQ==
expires
Fri, 01 Jan 2030 16:00:00 GMT
login
once.deputy.com/my/
117 B
328 B
XHR
General
Full URL
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Requested by
Host: d2sebmzxyyulvv.cloudfront.net
URL: https://d2sebmzxyyulvv.cloudfront.net/7ef1675a760f6861db1553bac5b064dee98d26aa/js/dp.lib.corev2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.220.67 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-27-220-67.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f2ade421502c6b323f08e809a4a8b74dbacbf2c3438ea7ec5527e3ac974820db

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 12 Sep 2019 01:33:00 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
status
200
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
index.js
www.deputy.com/hs/hsstatic/HubspotToolsMenu/static-1.37/js/ Frame 9826
7 KB
3 KB
Script
General
Full URL
https://www.deputy.com/hs/hsstatic/HubspotToolsMenu/static-1.37/js/index.js
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:d450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f586c83e85f4f4b68b74be4fdd4c511f0a1d6287a55c8428731999223f4d237

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:01 GMT
via
1.1 82c27f654a5635aeb67d519456516244.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
1051870
cf-ray
514e2183bc40cba8-VIE
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
x-debug
https://hs.deputy.com/hs/hsstatic/HubspotToolsMenu/static-1.37/js/index.js
content-encoding
br
last-modified
Mon, 01 Jul 2019 15:29:52 GMT
server
cloudflare
etag
W/"26d78ce5267782134c1f99583174875a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
wexbev.nvvEBJk76WbVV737vokPNmbul
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-cf-pop
IAD79-C3
content-type
application/javascript; charset=utf-8
x-amz-cf-id
pLl2FQvg9-7EOfk35DE_i4-NSE9WfKjuilywEY_7KjaubQZ4psoddg==
project.js
www.deputy.com/hs/hsstatic/cos-i18n/static-1.10/bundles/ Frame 9826
1 KB
1 KB
Script
General
Full URL
https://www.deputy.com/hs/hsstatic/cos-i18n/static-1.10/bundles/project.js
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:d450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab449241b50123673e76dbcd70f869ae11d26920f0ce1670fdfd266308058179

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:01 GMT
via
1.1 dddbce278f81f85c0d8ad70ec0b24e44.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
1161006
cf-ray
514e2183bc41cba8-VIE
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
x-debug
https://hs.deputy.com/hs/hsstatic/cos-i18n/static-1.10/bundles/project.js
content-encoding
br
last-modified
Wed, 13 Sep 2017 02:51:30 GMT
server
cloudflare
etag
W/"0011aaf4067b097bcbfd9dc99a4b94c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
p6iak7Gl9Xyg7crK_8XyTwctOBvKD1DL
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-cf-pop
IAD53
content-type
application/javascript; charset=utf-8
x-amz-cf-id
DZ1oAHsqDJlZUFu7C-jKztnquVyDSoLGIvZZUVPKH8G4LM-xQvgZXA==
jquery-1.11.2.js
www.deputy.com/hs/hsstatic/jquery-libs/static-1.4/jquery/ Frame 9826
94 KB
32 KB
Script
General
Full URL
https://www.deputy.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:d450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:01 GMT
via
1.1 ab2f63669c9809614cbcf54bfba8ee06.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
1036890
cf-ray
514e2183dc64cba8-VIE
x-cache
Hit from cloudfront
status
200
x-debug
https://hs.deputy.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
content-encoding
br
last-modified
Thu, 08 Jan 2015 18:08:00 GMT
server
cloudflare
etag
W/"5790ead7ad3ba27397aedfa3d263b867"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-cf-pop
IAD89-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
I3AgF_8U42ZfrVRKEN8999TsFdg3-e4X-gJZqT_XBvp4lHWf0ndwRg==
public_common.css
www.deputy.com/hs/hsstatic/content_shared_assets/static-1.4091/css/ Frame 9826
15 KB
3 KB
Stylesheet
General
Full URL
https://www.deputy.com/hs/hsstatic/content_shared_assets/static-1.4091/css/public_common.css
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:d450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd4e7d673bbc63158e39dea37a762ee0af39b01ef139cbab85af5890296182a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:01 GMT
via
1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
168833
cf-ray
514e2183ec68cba8-VIE
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
x-debug
https://hs.deputy.com/hs/hsstatic/content_shared_assets/static-1.4091/css/public_common.css
content-encoding
br
last-modified
Fri, 05 Apr 2019 16:58:49 GMT
server
cloudflare
etag
W/"cfe6316cb11658520885892716e87dcd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
1kigdSO8pg1CivK17zvd3dPbXzptHqwI
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-cf-pop
IAD89-C1
content-type
text/css
x-amz-cf-id
rsueNby-Yw46fZR2ooWepN6K0dPVMKgbpoSRqWmjyZ9Yvx9Eg3zg5A==
deputy_common.min.css
hs.deputy.com/hs-fs/hub/3040938/hub_generated/template_assets/1566904621640/Coded_files/Custom/page/css/ Frame 9826
7 KB
2 KB
Stylesheet
General
Full URL
https://hs.deputy.com/hs-fs/hub/3040938/hub_generated/template_assets/1566904621640/Coded_files/Custom/page/css/deputy_common.min.css
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:79b4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
be7c710f3a28ec083f40cbdf0914a2af1b3223ca1b92209b5b7f13c81db27e60

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:01 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
1883AB4DB265222B
cf-ray
514e21843cc2cba8-VIE
status
200
x-amz-id-2
tBGyNY7QPsMNk8LkxkT0xpthj+HljLRKRUNkk8Ito0cbhcY2wYVWfOVelhVtIQ9kl+50je4uPpk=
last-modified
Tue, 27 Aug 2019 11:17:02 GMT
server
cloudflare
etag
W/"73b69cdd441693949ce25bd902bab2cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
vC1glI587y3DQ6z8bYxF.326C_8SDaym
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
text/css
fonts.min.css
hs.deputy.com/hs-fs/hub/3040938/hub_generated/template_assets/1544216578455/Custom/page/CSS/ Frame 9826
33 B
341 B
Stylesheet
General
Full URL
https://hs.deputy.com/hs-fs/hub/3040938/hub_generated/template_assets/1544216578455/Custom/page/CSS/fonts.min.css
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:79b4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
19b70ec50fa6e2d809429fb647b236611baab307f9355083191691751c2456be

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:01 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
0286DC6C6FECE2B9
cf-ray
514e21843cc5cba8-VIE
status
200
content-length
33
x-amz-id-2
afrgtk4d+4vt1oxuadIn7ES0vP8/CIE24kf8BRojcwaPAotKh250mS2W2mzPhAFFhSKw19dJTw8=
last-modified
Fri, 07 Dec 2018 21:02:59 GMT
server
cloudflare
etag
"09eaac1aced5a57766a3ae6ee6f17420"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
WE1srSk6XvXoGwbdhBsC2o6YJC8ZRUAu
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
content-type
text/css
css
fonts.googleapis.com/ Frame 9826
3 KB
585 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
34401e82a1141472df1697a141aa50812c17e6138424ca4caba5f3fc69885f4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 12 Sep 2019 01:33:01 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 12 Sep 2019 01:33:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Thu, 12 Sep 2019 01:33:01 GMT
layout.min.css
cdn2.hubspot.net/hub/-1/hub_generated/template_assets/1495141902003/hubspot_default/shared/responsive/ Frame 9826
5 KB
2 KB
Stylesheet
General
Full URL
https://cdn2.hubspot.net/hub/-1/hub_generated/template_assets/1495141902003/hubspot_default/shared/responsive/layout.min.css
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:01 GMT
content-encoding
gzip
cf-cache-status
HIT
age
806479
status
200
x-amz-meta-md5-hash
0b0c633d59ab0af9553a98c0e7d97349
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 43
last-modified
Thu, 18 May 2017 21:11:43 GMT
server
cloudflare
etag
W/"0b0c633d59ab0af9553a98c0e7d97349"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
s-maxage=1209600, max-age=1209600
x-amz-cf-pop
IAD79-C3
cf-ray
514e21841a4ecbc8-VIE
fontawesome5.min.css
hs.deputy.com/hs-fs/hub/3040938/hub_generated/template_assets/1555039488034/Custom/page/css/ Frame 9826
59 KB
12 KB
Stylesheet
General
Full URL
https://hs.deputy.com/hs-fs/hub/3040938/hub_generated/template_assets/1555039488034/Custom/page/css/fontawesome5.min.css
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:79b4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a16f99388da9dc6533c1a16808d7ef2351ed17787e82aecbbcaa4dad8160dc54

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:01 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
0F7A16A2A1C81883
cf-ray
514e21843cc3cba8-VIE
status
200
x-amz-id-2
ldl6uW3sDgRMpz+yRu2RMJA/hslPiJuNLsHf9IXmO6Xr0KMbk8LWw8rGLqbaiRFwdR1nlB6Owp8=
last-modified
Fri, 12 Apr 2019 03:24:49 GMT
server
cloudflare
etag
W/"d5aa6ef1bfa510a24389754f47516651"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
y9YfgSKC2cBnroOq9r4Tc.qqzD.Nayru
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
text/css
login-splash-2019.min.css
hs.deputy.com/hs-fs/hub/3040938/hub_generated/template_assets/1556859725749/Custom/page/css/ Frame 9826
75 KB
15 KB
Stylesheet
General
Full URL
https://hs.deputy.com/hs-fs/hub/3040938/hub_generated/template_assets/1556859725749/Custom/page/css/login-splash-2019.min.css
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:79b4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7134bd1e43faa03a0d322cbd2d73141521350b2c11befb0e4b083e6939ccb86f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:01 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
889820FA5B8D897E
cf-ray
514e21843cc4cba8-VIE
status
200
x-amz-id-2
TKScp5wdQdv1G1ZqxfWkCL3f9/GmDyPlhq3BrQq7dElkKEDOcw0PkYPOhf/GfIp0j40nEFibi/E=
last-modified
Fri, 03 May 2019 05:02:06 GMT
server
cloudflare
etag
W/"adca18655fa649bd3b9ca59617b366af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
BcTHUpiiFVgUiqwc3owYVN8qfpVaxUHA
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
text/css
android_frame.png
hs.deputy.com/hs-fs/hubfs/Webfonts/Once%20Splash%20Page/ Frame 9826
38 KB
38 KB
Image
General
Full URL
https://hs.deputy.com/hs-fs/hubfs/Webfonts/Once%20Splash%20Page/android_frame.png?width=875&name=android_frame.png
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:79b4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b261c009b273b7e190ca3bab60283dcdd43018d05d3714510943848ba64dfed

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:01 GMT
via
1.1 f9efe5e72b7e5cc47bf34a0b0debcbe2.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
946866
cf-polished
origFmt=png, origSize=86206
edge-cache-tag
F-8871799598,FD-8832820222,P-3040938,FLS-ALL
status
200
content-disposition
inline; filename="android_frame.webp"
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 43
content-length
38486
x-cache
Miss from cloudfront
last-modified
Mon, 15 Apr 2019 02:10:43 GMT
server
cloudflare
etag
"b542aa9859ffd234f6027307519e0d98"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
s-maxage=1209600, max-age=1209600
access-control-allow-credentials
false
x-amz-cf-pop
IAD89-C1
accept-ranges
bytes
cf-ray
514e21843cc6cba8-VIE
x-amz-cf-id
Cv5KhB67wK4hg4LrLKt9MNsPoX_p0YCEBASRg2CIlPPXdTC2B3G1UQ==
cf-bgj
imgq:85
3040938.js
www.deputy.com/hs/scriptloader/ Frame 9826
1 KB
718 B
Script
General
Full URL
https://www.deputy.com/hs/scriptloader/3040938.js
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:d450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cf8c47de3f270c560605b1a48c19884dcfce4e7ca5077af5352f87add43bda3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:02 GMT
x-debug
https://hs.deputy.com/hs/scriptloader/3040938.js
cf-cache-status
EXPIRED
cf-polished
origSize=1606
status
200
content-encoding
br
cf-bgj
minify
server
cloudflare
x-trace
2B52C7E2D5771B5E174547B70438AC4635B5F8294A000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=60
access-control-allow-credentials
false
cf-ray
514e2183ec69cba8-VIE
expires
Thu, 12 Sep 2019 01:34:01 GMT
www-country.js
once.deputy.com/my/ Frame 9826
29 KB
7 KB
Script
General
Full URL
https://once.deputy.com/my/www-country.js
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.220.67 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-27-220-67.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
71cb323bebe4a7733d8188602d9065cc7e420f79ae3dcee5cdf090ec8084fb0c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
cache
date
Thu, 12 Sep 2019 01:33:01 GMT
content-encoding
gzip
user-cache-control
max-age=86400
server
Apache
etag
7ef1675a760f6861db1553bac5b064dee98d26aa
vary
Accept-Encoding,User-Agent
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private
last-modified
Wed, 11 Sep 2019 01:33:01 GMT
content-length
6586
expires
Fri, 13 Sep 2019 01:33:01 GMT
sign-up.min.js
hs.deputy.com/hs-fs/hub/3040938/hub_generated/template_assets/1529634679137/Custom/page/Javascript/ Frame 9826
5 KB
2 KB
Script
General
Full URL
https://hs.deputy.com/hs-fs/hub/3040938/hub_generated/template_assets/1529634679137/Custom/page/Javascript/sign-up.min.js
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:79b4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5b48c53d69e39034a8e5e9d59d97a243fc6c0f67f6e31fd5232742e64dbc3e1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:01 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
5948B0B4BE848F4F
cf-ray
514e21843cc9cba8-VIE
status
200
x-amz-id-2
y8jSO34fwQOl/9ZVsh3Y4dwx+ZtDJGywNq09dNvsgrnkav3SsPIByLEKq++uzaNCpjnIVV1Vyj4=
last-modified
Fri, 22 Jun 2018 02:31:20 GMT
server
cloudflare
etag
W/"85c34d0c09d1265173b2acd8fc583ef4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
QTrbbmJFlZ.fHXeR5b8Qr21MnfeC3qC.
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
application/javascript; charset=utf-8
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.2/css/ Frame 9826
104 KB
16 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.2/css/bootstrap.min.css
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
186c40d06fc13830497a7b9f42bc14538c1b7fa0b98560c7911e6e1a935f769d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3566605
status
200
served-in-seconds
0.002
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:26:03 GMT
server
cloudflare
etag
W/"5afd4aab-19e1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
514e21868fcc5a12-VIE
expires
Tue, 01 Sep 2020 01:33:01 GMT
bootstrap-responsive.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.2/css/ Frame 9826
16 KB
4 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.2/css/bootstrap-responsive.min.css
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
948149bd7d046c4a606e185ad68acdad7695d532a781f556ac86f081c1e5f341
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
12885812
status
200
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:27:13 GMT
server
cloudflare
etag
W/"5afd4af1-41d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
514e21868fce5a12-VIE
expires
Tue, 01 Sep 2020 01:33:01 GMT
font-awesome.css
designers.hubspot.com/hs-fs/hub/327485/file-2054199286-css/ Frame 9826
26 KB
5 KB
Stylesheet
General
Full URL
https://designers.hubspot.com/hs-fs/hub/327485/file-2054199286-css/font-awesome.css
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:77b4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
93cf0138ab6e21fdf74500a3d9d5d519e726dd3e8cc76efebb5bb183d3558064

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:01 GMT
via
1.1 5bbbde7889bb9c7247f5924a32d2fdf1.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
973
edge-cache-tag
F-2054199286,P-327485,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 43
content-encoding
br
last-modified
Tue, 10 Oct 2017 01:13:09 GMT
server
cloudflare
etag
W/"164b5e1e801316562777bb5d25d9d857"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
s-maxage=1209600, max-age=1209600
access-control-allow-credentials
false
x-amz-cf-pop
IAD89-C2
cf-ray
514e2186bc475994-VIE
x-amz-cf-id
-N4rIv0QLBw7jTdecSs9yxB2wxinvTQIAXCXner87SWqMDiDpsfU9A==
jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v11/ Frame 9826
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v11/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=PT+Sans:400,700
Origin
https://www.deputy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 25 Aug 2019 01:30:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:28:25 GMT
server
sffe
age
1555377
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11504
x-xss-protection
0
expires
Mon, 24 Aug 2020 01:30:04 GMT
jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v11/ Frame 9826
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0KExcOPIDU.woff2
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=PT+Sans:400,700
Origin
https://www.deputy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 13:42:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:28:02 GMT
server
sffe
age
1425012
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11380
x-xss-protection
0
expires
Tue, 25 Aug 2020 13:42:49 GMT
fa-light-300.woff2
cdn2.hubspot.net/hubfs/3040938/Webfonts/ Frame 9826
104 KB
105 KB
Font
General
Full URL
https://cdn2.hubspot.net/hubfs/3040938/Webfonts/fa-light-300.woff2
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e178abaada4c85b35e7d012f2d667beb22c83d6b4f42810efcf3731fd632979

Request headers

Sec-Fetch-Mode
cors
Referer
https://hs.deputy.com/hs-fs/hub/3040938/hub_generated/template_assets/1555039488034/Custom/page/css/fontawesome5.min.css
Origin
https://www.deputy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:01 GMT
via
1.1 f78fee2989d34e40cb45ddfbcb9ba346.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-8832378839,FD-8832378738,P-3040938,FLS-ALL
age
1036887
cf-ray
514e21873ccf8c86-VIE
edge-cache-tag
F-8832378839,FD-8832378738,P-3040938,FLS-ALL
status
200
content-length
106624
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 43
x-amz-request-id
61B651A0C5D566B4
x-amz-id-2
Wf1udYyVfVedoclC682zoasgh8hm84e2VDtYUwdnWIrsktSgzbm4UpyM2iFWg33XY12TE0tjiO4=
last-modified
Fri, 12 Apr 2019 03:23:30 GMT
server
cloudflare
etag
"5ff1542dcc475555920015f954d56ecd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
eov8K1RHXESPgEmXjDCAG8Qk0LcLNy63
access-control-allow-origin
*
cache-control
s-maxage=1209600, max-age=1209600
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
application/font-woff2
x-amz-cf-id
wMoYyTGxjJpEbaHGTkzy9L9L3Qzs1v_puSmwtcKDSJ2Xi9Gon3HlzQ==
analytics.min.js
d2dq2ahtl5zl1z.cloudfront.net/analytics.js/v1/0vzlbfxv2q/ Frame 9826
319 KB
67 KB
Script
General
Full URL
https://d2dq2ahtl5zl1z.cloudfront.net/analytics.js/v1/0vzlbfxv2q/analytics.min.js
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.215 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-215.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a56246d3e48499cbe71b1ca8d55a91e5509fac14eccaa4c416b63a4c1131a148

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
zzil276ukehq0OtjD0oS25uDQJuk9LBr
Content-Encoding
gzip
ETag
"dd00595ad44b30c3075cd1139d5e20e7"
X-Amz-Cf-Pop
FRA53-C1, FRA53-C1
X-Cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
67278
Access-Control-Allow-Origin
*
Last-Modified
Wed, 11 Sep 2019 18:54:51 GMT
Server
AmazonS3
Date
Thu, 12 Sep 2019 01:33:03 GMT
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/javascript; charset=utf-8
Via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront), 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
Cache-Control
public, max-age=300
Accept-Ranges
bytes
X-Amz-Cf-Id
nMUTER2ICtVITgAVLKRvdRynjcYpdOrL5OJn1_d5cnTD6LED_jn6WQ==
leadflows.js
js.hsleadflows.net/ Frame 9826
376 KB
61 KB
Script
General
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/hs/scriptloader/3040938.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
365a1413ce25dd637e8047c087cbb87744ebacd36c2913a9a5e7aadb6a2ad7d3

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.deputy.com/lp/login-splash-prod
Origin
https://www.deputy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:02 GMT
via
1.1 64f48913f84e52a7792094a73a889c99.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
REVALIDATED
x-amz-cf-pop
IAD79-C2
cf-ray
514e21881d3859c4-VIE
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 10 Sep 2019 02:39:37 GMT
server
cloudflare
etag
W/"610c17afc92df5a693ba7232b8b5078b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
g4h0oK9TvZ5nLDlXBIUQLn565nlBJTCH
access-control-allow-origin
*
cache-control
max-age=600
content-type
application/javascript; charset=utf-8
x-amz-cf-id
9apmD1RxCa9VJGXXnE9qf-aGWPKxX03Y6hIUZh8GQHQi1M1bLfpMOQ==
3040938.js
js.hs-analytics.net/analytics/1568251800000/ Frame 9826
75 KB
26 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1568251800000/3040938.js
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/hs/scriptloader/3040938.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d502cb4a3a2e8ba0c0c314f1d63829000a9db9e7d528105febdf7b87522373a6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:02 GMT
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
04498E1BE568C898
cf-ray
514e21881a36cbb8-VIE
status
200
x-amz-id-2
8FTHAAx8XGtyogm11R2E/wBIQ5p4A/UdW3HwF7s7b5y25FO1UZY4LVkbv7ueMGmDgNAjsjGLVDw=
last-modified
Mon, 02 Sep 2019 05:33:43 GMT
server
cloudflare
etag
W/"590b23f3d6f784892e6ee36b0890f600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Thu, 12 Sep 2019 01:38:02 GMT
conversations-embed.js
js.usemessages.com/ Frame 9826
57 KB
14 KB
Script
General
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/hs/scriptloader/3040938.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fab783488866f7b444b16bd86bea35618ba2ddb22b033cd44a39528378f44db

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:02 GMT
via
1.1 b005949014b117aed39cd14f2e31cfb9.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
172
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
application/javascript; charset=utf-8
last-modified
Thu, 29 Aug 2019 05:34:26 GMT
server
cloudflare
etag
W/"b3cd59c04ef8732ede6ab2f9f898a0c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
UBNzMktF0SICHWSScExdqgKCoe3eON2r
cache-control
max-age=600
x-amz-cf-pop
IAD79-C2
cf-ray
514e21881be8cbbc-VIE
x-amz-cf-id
8WfKa-6y6V1FHqaVG5uWNSydseIneUQNSfV2dK-SZu_CvUKAKbAM3A==
public
api.hubspot.com/livechat-public/v1/message/ Frame 9826
277 B
493 B
XHR
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=3040938&conversations-embed=static-1.4358&mobile=false&messagesUtk=0a4471cc8bad41baa25fdffa2c766857&traceId=0a4471cc8bad41baa25fdffa2c766857
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fc05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c06878261fa4a197dd185244856f14d4acbd41671b3f9139d1d32e817bd86968
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-HubSpot-Messages-Uri
https://www.deputy.com/lp/login-splash-prod

Response headers

date
Thu, 12 Sep 2019 01:33:02 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
218
server
cloudflare
x-trace
2B37988340F9A3B6249244531A5244D6FF603DC304000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.deputy.com
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
514e218948f3598e-VIE
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
p
api.segment.io/v1/ Frame 9826
21 B
141 B
XHR
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: d2dq2ahtl5zl1z.cloudfront.net
URL: https://d2dq2ahtl5zl1z.cloudfront.net/analytics.js/v1/0vzlbfxv2q/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.68.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-166-68-180.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Thu, 12 Sep 2019 01:33:03 GMT
access-control-allow-origin
https://www.deputy.com
content-length
21
vary
Origin
content-type
application/json
p
api.segment.io/v1/ Frame 9826
21 B
141 B
XHR
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: d2dq2ahtl5zl1z.cloudfront.net
URL: https://d2dq2ahtl5zl1z.cloudfront.net/analytics.js/v1/0vzlbfxv2q/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.68.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-166-68-180.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Thu, 12 Sep 2019 01:33:03 GMT
access-control-allow-origin
https://www.deputy.com
content-length
21
vary
Origin
content-type
application/json
__ptq.gif
track.hubspot.com/ Frame 9826
45 B
463 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=818329955&v=1.1&a=3040938&pi=5306959175&ct=landing-page&ccu=http%3A%2F%2Fhs.deputy.com%2Flp%2Flogin-splash-prod&cpi=5306959175&cfi=5306940945&lpi=5306959175&lvi=5306959175&lvc=en&r=https%3A%2F%2Fonce.deputy.com%2Fmy%2Flogin%3Fredirect_url%3Dhttps%253A%252F%252Fonce.deputy.com%252Fmy%252F&pu=https%3A%2F%2Fwww.deputy.com%2Flp%2Flogin-splash-prod&t=Deputy+Login+Splash+Page&cts=1568251982707&vi=32657cd07d949c0af43357ca2759ee9e&nc=true&u=115885593.32657cd07d949c0af43357ca2759ee9e.1568251982704.1568251982704.1568251982704.1&b=115885593.1.1568251982704&pt=0
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/login?redirect_url=https%3A%2F%2Fonce.deputy.com%2Fmy%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fd05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
514e218c2fd659e2-VIE
date
Thu, 12 Sep 2019 01:33:02 GMT
content-type
image/gif
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-robots-tag
none
content-length
45
madkudu.min.js
cdn.madkudu.com/madkudu.js/v1/f3b4bfe7c3ca66dd35b6280b2c158a29/ Frame 9826
81 KB
26 KB
Script
General
Full URL
https://cdn.madkudu.com/madkudu.js/v1/f3b4bfe7c3ca66dd35b6280b2c158a29/madkudu.min.js
Requested by
Host: d2dq2ahtl5zl1z.cloudfront.net
URL: https://d2dq2ahtl5zl1z.cloudfront.net/analytics.js/v1/0vzlbfxv2q/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.59 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-59.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
716e9de983c945096e451439a9c113bd14ca2703e50517081ffd8c660149e8db

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:28:50 GMT
content-encoding
gzip
last-modified
Sat, 08 Sep 2018 16:49:31 GMT
server
AmazonS3
age
253
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
AXKTwXzfW4WhQxhyNlPvUNg_cgiZfvnXD-kEQJ6E8R8VrHVvPWWMwQ==
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
gtm.js
www.googletagmanager.com/ Frame 9826
143 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KFRR4XR&l=dataLayer
Requested by
Host: d2dq2ahtl5zl1z.cloudfront.net
URL: https://d2dq2ahtl5zl1z.cloudfront.net/analytics.js/v1/0vzlbfxv2q/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1708c1050797ba95dbff8aa8ba904e3a161583648e8cfc3c3bee4ad6a2ba1087
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:02 GMT
content-encoding
br
last-modified
Thu, 12 Sep 2019 00:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
36200
x-xss-protection
0
expires
Thu, 12 Sep 2019 01:33:02 GMT
3040938.js
js.hs-analytics.net/analytics/1568252100000/ Frame 9826
75 KB
25 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1568252100000/3040938.js
Requested by
Host: d2dq2ahtl5zl1z.cloudfront.net
URL: https://d2dq2ahtl5zl1z.cloudfront.net/analytics.js/v1/0vzlbfxv2q/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d502cb4a3a2e8ba0c0c314f1d63829000a9db9e7d528105febdf7b87522373a6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:02 GMT
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
D084DB71699D19CD
cf-ray
514e218bfeeccbb8-VIE
status
200
x-amz-id-2
bt4osGR7IUyaqaPdlvvrh4A8oe4Jaw5DELxFYbOuSMkNcQXD/9ZBt0+pCrnFzbS/c/eUo4YvX/k=
last-modified
Mon, 02 Sep 2019 05:33:43 GMT
server
cloudflare
etag
W/"590b23f3d6f784892e6ee36b0890f600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Thu, 12 Sep 2019 01:38:02 GMT
ga.js
ssl.google-analytics.com/ Frame 9826
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: d2dq2ahtl5zl1z.cloudfront.net
URL: https://d2dq2ahtl5zl1z.cloudfront.net/analytics.js/v1/0vzlbfxv2q/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4458
date
Thu, 12 Sep 2019 00:18:44 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17168
expires
Thu, 12 Sep 2019 02:18:44 GMT
ga-audiences
www.google.de/ads/ Frame 9826
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=485322762&utmhn=www.deputy.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=800x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Deputy%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-16910580-1&cid=1003120390.1568251983&jid=2114940765&_v=5.7.2&z=485322762
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16910580-1&cid=1003120390.1568251983&jid=2114940765&_v=5.7.2&z=485322762
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16910580-1&cid=1003120390.1568251983&jid=2114940765&_v=5.7.2&z=485322762&slf_rd=1&random=3162273573
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16910580-1&cid=1003120390.1568251983&jid=2114940765&_v=5.7.2&z=485322762&slf_rd=1&random=3162273573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Sep 2019 01:33:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Sep 2019 01:33:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16910580-1&cid=1003120390.1568251983&jid=2114940765&_v=5.7.2&z=485322762&slf_rd=1&random=3162273573
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__utm.gif
ssl.google-analytics.com/ Frame 9826
35 B
93 B
Image
General
Full URL
https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=408749813&utmhn=www.deputy.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=800x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Deputy%20Login%20Splash%20Page&utmhid=1744339701&utmr=https%3A%2F%2Fonce.deputy.com%2Fmy%2Flogin%3Fredirect_url%3Dhttps%253A%252F%252Fonce.deputy.com%252Fmy%252F&utmp=%2Flp%2Flogin-splash-prod&utmht=1568251982752&utmac=UA-16910580-1&utmcc=__utma%3D1.1003120390.1568251983.1568251983.1568251983.1%3B%2B__utmz%3D1.1568251983.1.1.utmcsr%3Donce.deputy.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2Fmy%2Flogin%3B&utmjid=&utmu=qhCAAAAAAAAAAAAAAAAAAABE~
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Aug 2019 12:16:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1862200
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
__utm.gif
ssl.google-analytics.com/ Frame 9826
35 B
197 B
Image
General
Full URL
https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=1593673140&utmhn=www.deputy.com&utmt=event&utme=5(All*Viewed%20Hubspot%20Page)(0)&utmcs=UTF-8&utmsr=1600x1200&utmvp=800x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Deputy%20Login%20Splash%20Page&utmhid=1744339701&utmr=https%3A%2F%2Fonce.deputy.com%2Fmy%2Flogin%3Fredirect_url%3Dhttps%253A%252F%252Fonce.deputy.com%252Fmy%252F&utmp=%2Flp%2Flogin-splash-prod&utmht=1568251982755&utmac=UA-16910580-1&utmni=1&utmcc=__utma%3D1.1003120390.1568251983.1568251983.1568251983.1%3B%2B__utmz%3D1.1568251983.1.1.utmcsr%3Donce.deputy.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2Fmy%2Flogin%3B&utmjid=&utmu=6hCAAAAAAAAAAAAAAAAAAABE~
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Aug 2019 12:16:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1862200
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
roundtrip.js
s.adroll.com/j/ Frame 9826
34 KB
11 KB
Script
General
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e129303f75e317ba0dd09f90f4de9e94f1d832355b5d9202181e3e72648b3646

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
QeYg6KFO.FRXBdsxcgzaI4tvnuNYuapJ
Content-Encoding
gzip
ETag
"6c0b13f9ae206371f89a62089e2cee50"
x-amz-request-id
72C989087570869F
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
10669
x-amz-id-2
TgB7jm4tUHMYhmYndS1Uuw4Z8J5SwCSq+l0APkKh74lNhuvIYuMVZK29ShMaGBKiS0VURCM5OAU=
Last-Modified
Thu, 29 Aug 2019 21:37:09 GMT
Server
AmazonS3
Date
Thu, 12 Sep 2019 01:33:02 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
json
forms.hubspot.com/lead-flows-config/v1/config/ Frame 9826
15 KB
3 KB
XHR
General
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=3040938&utk=32657cd07d949c0af43357ca2759ee9e&__hstc=115885593.32657cd07d949c0af43357ca2759ee9e.1568251982704.1568251982704.1568251982704.1&__hssc=115885593.1.1568251982704&referrer=https%3A%2F%2Fonce.deputy.com%2Fmy%2Flogin%3Fredirect_url%3Dhttps%253A%252F%252Fonce.deputy.com%252Fmy%252F&contentId=5306959175&currentUrl=https%3A%2F%2Fwww.deputy.com%2Flp%2Flogin-splash-prod
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fc05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce5720b19a8772aaf317aed085efbe8de2d05f63b54570cec1b57bc9b830588
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-ray
514e218c4973598e-VIE
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.deputy.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
conversion_async.js
www.googleadservices.com/pagead/ Frame 9826
24 KB
9 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFRR4XR&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
8c88d6a0ae774f43c52a16b37d0134231b235ddf98ce9eb7f28c587c31b59d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
9186
x-xss-protection
0
server
cafe
etag
1827501119694548318
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 12 Sep 2019 01:33:02 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 9826
121 KB
32 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31604
x-xss-protection
0
pragma
public
x-fb-debug
P8eLuEhTs1USalSQrHbSWkoPT3+T9r4me05jFG8LP5/r1kh7UMLD4TxvU9C0nUn8V4F3Nhft7d/Qr2X9uEuojQ==
x-fb-trip-id
194532234
x-frame-options
DENY
date
Thu, 12 Sep 2019 01:33:02 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
track.js
serve.albacross.com/ Frame 9826
64 KB
19 KB
Script
General
Full URL
https://serve.albacross.com/track.js
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.50 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-50.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
780bf4274874c3830efeb6e38c68642acb41bacef7ad4183938090786b9db3b1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 06:58:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Sep 2019 06:50:22 GMT
Server
AmazonS3
Age
66829
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
d3jLtNZ9s7RK4Pzd16DVtsvbyFQWvcdmy0EkrwInLoo2UV7jFIzQMg==
g_z.js
cl.qualaroo.com/ki.js/73212/ Frame 9826
140 KB
48 KB
Script
General
Full URL
https://cl.qualaroo.com/ki.js/73212/g_z.js
Requested by
Host: once.deputy.com
URL: https://once.deputy.com/my/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.165.7 Zurich, Switzerland, ASN60068 (CDN77, GB),
Reverse DNS
zurich-6.cdn77.com
Software
CDN77-Turbo /
Resource Hash
282678f4a9da97ff05927eab1d543e6837fb87ad0b18959e0a9e0262d735618a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:02 GMT
content-encoding
gzip
x-amz-request-id
8ED1A797C181C91A
x-edge-location
zurichCH
x-cache
HIT
status
200
x-age
2514
content-length
48405
x-amz-id-2
M3cLy8pUE/6Y4Zt2uKhM0fbIFu9cNdfHb8p1j/RAtx1gjuHfuk5ghWI1Cxcliz+ywmIs1s0Gn30=
last-modified
Sun, 11 Aug 2019 08:18:26 GMT
server
CDN77-Turbo
etag
"2dea17a85808673dd72b4529932c54df"
content-type
application/ecmascript
cache-control
max-age=3600
x-edge-ip
89.187.165.6
accept-ranges
bytes
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/812265040/ Frame 9826
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/812265040/?random=1568251982803&cv=9&fst=1568251982803&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg941&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.deputy.com%2Flp%2Flogin-splash-prod&ref=https%3A%2F%2Fonce.deputy.com%2Fmy%2Flogin%3Fredirect_url%3Dhttps%253A%252F%252Fonce.deputy.com%252Fmy%252F&tiba=Deputy%20Login%20Splash%20Page&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
41a6e8a54db09236c5fe14516ea349530605d1fc96457cfe17940b5faf03d828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Sep 2019 01:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
993
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.js
s.adroll.com/j/exp/ Frame 9826
Redirect Chain
  • https://s.adroll.com/j/exp/WYGYQ3R5TRBGVKEL7RO37B/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
680 B
Script
General
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
D.2Va6a9fwfhGxvqmb7uFcraB6I.xxHU
ETag
"5816cced8568d223aa09d889f300692b"
x-amz-request-id
5FCDAF8AFB7A9303
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
28
x-amz-id-2
9tV7GTDfH44A3PgubgAFIfRFCHJp2TIQQAnnyMEzEH+mT629i5pKEc+3jZJzVrKThCNPTV2Q8V0=
Last-Modified
Wed, 11 Sep 2019 16:00:55 GMT
Server
AmazonS3
Date
Thu, 12 Sep 2019 01:33:03 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Thu, 12 Sep 2019 01:33:03 GMT
Server
AkamaiGHost
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
887751571280750
connect.facebook.net/signals/config/ Frame 9826
308 KB
79 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/887751571280750?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e05b4593dd233abe7f47c149102c11f8a21501543d6573de3461534e86c17001
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-xss-protection
0
pragma
public
x-fb-debug
SEk2HokmwDaZ0zJLT0l/+mth+EqPtaqZ2X34ODCbdzex+0LnnbHTfIYL7aqinftAvDN3nUVQ21R6bxZw5/doRA==
x-fb-trip-id
194532234
x-frame-options
DENY
date
Thu, 12 Sep 2019 01:33:02 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/812265040/ Frame 9826
42 B
167 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/812265040/?random=1568251982803&cv=9&fst=1568250000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg941&sendb=1&frm=2&url=https%3A%2F%2Fwww.deputy.com%2Flp%2Flogin-splash-prod&ref=https%3A%2F%2Fonce.deputy.com%2Fmy%2Flogin%3Fredirect_url%3Dhttps%253A%252F%252Fonce.deputy.com%252Fmy%252F&tiba=Deputy%20Login%20Splash%20Page&async=1&fmt=3&is_vtc=1&random=161557662&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Sep 2019 01:33:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/812265040/ Frame 9826
42 B
421 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/812265040/?random=1568251982803&cv=9&fst=1568250000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg941&sendb=1&frm=2&url=https%3A%2F%2Fwww.deputy.com%2Flp%2Flogin-splash-prod&ref=https%3A%2F%2Fonce.deputy.com%2Fmy%2Flogin%3Fredirect_url%3Dhttps%253A%252F%252Fonce.deputy.com%252Fmy%252F&tiba=Deputy%20Login%20Splash%20Page&async=1&fmt=3&is_vtc=1&random=161557662&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Sep 2019 01:33:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
frame.html
dntcl.qualaroo.com/ Frame 820A
0
0
Document
General
Full URL
https://dntcl.qualaroo.com/frame.html
Requested by
Host: cl.qualaroo.com
URL: https://cl.qualaroo.com/ki.js/73212/g_z.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.165.7 Zurich, Switzerland, ASN60068 (CDN77, GB),
Reverse DNS
zurich-6.cdn77.com
Software
CDN77-Turbo /
Resource Hash

Request headers

:method
GET
:authority
dntcl.qualaroo.com
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.deputy.com/lp/login-splash-prod
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.deputy.com/lp/login-splash-prod

Response headers

status
200
date
Thu, 12 Sep 2019 01:33:02 GMT
content-type
text/html
last-modified
Mon, 01 Apr 2019 13:30:25 GMT
etag
W/"5ca21271-142"
access-control-allow-origin
*
server
CDN77-Turbo
x-edge-ip
89.187.165.6
x-edge-location
zurichCH
x-cache
HIT
x-age
183071
content-encoding
br
__ptq.gif
track.hubspot.com/ Frame 9826
45 B
102 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=818329955&v=1.1&a=3040938&pi=5306959175&ct=landing-page&ccu=http%3A%2F%2Fhs.deputy.com%2Flp%2Flogin-splash-prod&cpi=5306959175&cfi=5306940945&lpi=5306959175&lvi=5306959175&lvc=en&r=https%3A%2F%2Fonce.deputy.com%2Fmy%2Flogin%3Fredirect_url%3Dhttps%253A%252F%252Fonce.deputy.com%252Fmy%252F&pu=https%3A%2F%2Fwww.deputy.com%2Flp%2Flogin-splash-prod&t=Deputy+Login+Splash+Page&cts=1568251982907&vi=32657cd07d949c0af43357ca2759ee9e&nc=true&u=115885593.32657cd07d949c0af43357ca2759ee9e.1568251982704.1568251982704.1568251982704.1&b=115885593.1.1568251982704&pt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fd05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
514e218d380859e2-VIE
date
Thu, 12 Sep 2019 01:33:02 GMT
content-type
image/gif
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-robots-tag
none
content-length
45
__ptq.gif
track.hubspot.com/ Frame 9826
45 B
125 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=818329955&v=1.1&a=3040938&pi=5306959175&ct=landing-page&ccu=http%3A%2F%2Fhs.deputy.com%2Flp%2Flogin-splash-prod&cpi=5306959175&cfi=5306940945&lpi=5306959175&lvi=5306959175&lvc=en&r=https%3A%2F%2Fonce.deputy.com%2Fmy%2Flogin%3Fredirect_url%3Dhttps%253A%252F%252Fonce.deputy.com%252Fmy%252F&pu=https%3A%2F%2Fwww.deputy.com%2Flp%2Flogin-splash-prod&t=Deputy+Login+Splash+Page&cts=1568251982911&vi=32657cd07d949c0af43357ca2759ee9e&nc=true&u=115885593.32657cd07d949c0af43357ca2759ee9e.1568251982704.1568251982704.1568251982704.1&b=115885593.1.1568251982704&pt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fd05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
514e218d380b59e2-VIE
date
Thu, 12 Sep 2019 01:33:03 GMT
content-type
image/gif
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-robots-tag
none
content-length
45
inferredEvents.js
connect.facebook.net/signals/plugins/ Frame 9826
35 KB
10 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-trip-id
194532234
pragma
private
x-fb-debug
/29KLFJE6PZyh3y6DmAD5OyxIe93dNAL5TL3MIlHQSNPDw6QVez04T7gG2slE/ZMAPPbPkIRI/yc1bppgqFV1w==
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
DENY
date
Thu, 12 Sep 2019 01:33:02 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
private
vary
Accept-Encoding
content-length
10218
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 9826
44 B
324 B
Image
General
Full URL
https://www.facebook.com/tr/?id=887751571280750&ev=PageView&dl=https%3A%2F%2Fwww.deputy.com%2Flp%2Flogin-splash-prod&rl=https%3A%2F%2Fonce.deputy.com%2Fmy%2Flogin%3Fredirect_url%3Dhttps%253A%252F%252Fonce.deputy.com%252Fmy%252F&if=true&ts=1568251982934&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1568251982933.354056478&it=1568251982811&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:02 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 12 Sep 2019 01:33:02 GMT
WYGYQ3R5TRBGVKEL7RO37B
d.adroll.com/consent/check/ Frame 9826
46 B
505 B
Script
General
Full URL
https://d.adroll.com/consent/check/WYGYQ3R5TRBGVKEL7RO37B?_s=27d0e3f512e2ebe7136486134c2556a4
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.245.200 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-217-245-200.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
f7d7b8e746c4d75bbd4454d4a0e2e2c58d51f0293c25b1351696c33fc3571cce

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Sep 2019 01:33:03 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
application/javascript
Content-Length
46
e.gif
collect.albacross.com/ Frame 9826
37 B
184 B
Image
General
Full URL
https://collect.albacross.com/e.gif?s=JSCollector%2C2.0.2%2C1568251982822&e1=pageview&ur1=https%3A%2F%2Fwww.deputy.com%2Flp%2Flogin-splash-prod&ti1=Deputy%20Login%20Splash%20Page&r1=https%3A%2F%2Fonce.deputy.com%2Fmy%2Flogin%3Fredirect_url%3Dhttps%253A%252F%252Fonce.deputy.com%252Fmy%252F&re1=1600&re1=1200&p1=9d1ee6c5-31a2-37ee-1bfa-c91aeae98edf&c1=89871469&ci1=9f49017e-63ca-c321-81bb-bc50bcd1cd3b&v1=12b37015-810a-0d73-3dc4-b36a650ab6ec&u1=9d1ee6c5-31a2-37ee-1bfa-c91aeae98edf&e2=fingerprint&fi2=a6e01a05d3374b426f7ec5b06c1fd1d9&ti2=30&p2=9d1ee6c5-31a2-37ee-1bfa-c91aeae98edf&c2=89871469&ci2=9f49017e-63ca-c321-81bb-bc50bcd1cd3b&v2=12b37015-810a-0d73-3dc4-b36a650ab6ec&u2=5f9e2c30-2917-4431-275e-e5fd43d9b34c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.13.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-253-13-179.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 01:33:03 GMT
Server
nginx/1.12.1
Connection
keep-alive
Content-Length
37
Content-Type
image/gif
25AOC2LWHRGMPGUVE76YD6.js
s.adroll.com/pixel/WYGYQ3R5TRBGVKEL7RO37B/R3FKS2NKSBEGVOBYCAXY4A/ Frame 9826
Redirect Chain
  • https://d.adroll.com/pixel/WYGYQ3R5TRBGVKEL7RO37B/R3FKS2NKSBEGVOBYCAXY4A?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&pv=79944715632.50603&cookie=&adroll_s_ref=https%3A//once....
  • https://s.adroll.com/pixel/WYGYQ3R5TRBGVKEL7RO37B/R3FKS2NKSBEGVOBYCAXY4A/25AOC2LWHRGMPGUVE76YD6.js
5 KB
2 KB
Script
General
Full URL
https://s.adroll.com/pixel/WYGYQ3R5TRBGVKEL7RO37B/R3FKS2NKSBEGVOBYCAXY4A/25AOC2LWHRGMPGUVE76YD6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
18528bd2fa00f0789829b47b6f1efead57a972dddb8b333e9c5d8fb3e3f179a7

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
bWMED7sFAbfR_TzmNckl6fNRKn.anXkt
Content-Encoding
gzip
ETag
"857547bb456eabebfe42061ecd41a43c"
x-amz-request-id
11E13545BA4ACB4B
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1460
x-amz-id-2
qS6rZ72ATzKNcsDt0IHZDUvBFFMGp/zwzv4C6J1iQTWrfYNYWGA4CLJWrAtQqOh5ZO+KVIQZBPw=
Last-Modified
Tue, 20 Aug 2019 22:56:26 GMT
Server
AmazonS3
Date
Thu, 12 Sep 2019 01:33:03 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Thu, 12 Sep 2019 01:33:03 GMT
X-Segment-Display-Name
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection
keep-alive
Content-Length
0
Pragma
no-cache
X-Conversion-Value
0.0
Server
nginx/1.14.1
X-Rule
*
X-Segment-Eid
25AOC2LWHRGMPGUVE76YD6
Location
https://s.adroll.com/pixel/WYGYQ3R5TRBGVKEL7RO37B/R3FKS2NKSBEGVOBYCAXY4A/25AOC2LWHRGMPGUVE76YD6.js
Cache-Control
no-store, no-cache, must-revalidate
X-Pixel-Eid
R3FKS2NKSBEGVOBYCAXY4A
X-Segment-Name
*
X-Advertisable-Eid
WYGYQ3R5TRBGVKEL7RO37B
X-Conversion-Currency
368483456643318
connect.facebook.net/signals/config/ Frame 9826
307 KB
79 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/368483456643318?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6bb9ce63d15c4ed7437444a134711ce7ec257e0fa31600d161a12fd721b20c51
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-xss-protection
0
pragma
public
x-fb-debug
oHyargQGx+EHQJu3+jcdqWj3tWYY0bpBbmmCQOHRLK4KYymG0ADJVKai3cYPMduZSJVH7pCqAnhfPGKQ5jbe9A==
x-fb-trip-id
194532234
x-frame-options
DENY
date
Thu, 12 Sep 2019 01:33:03 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55980/ Frame 9826
Redirect Chain
  • https://d.adroll.com/cm/aol/out?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&advertisable=WYGYQ3R5TRBGVKEL7RO37B
  • https://pixel.advertising.com/ups/55980/sync?uid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://pixel.advertising.com/ups/55980/sync?uid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP434a555b-d4fd-11e9-a89f-02...
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP434a555b-d4fd-11e9-a89f-02...
0
472 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?uid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP434a555b-d4fd-11e9-a89f-0210c3062a56&verify=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.177.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-177-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Thu, 12 Sep 2019 01:33:03 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status
302
date
Thu, 12 Sep 2019 01:33:03 GMT
content-length
0
location
https://ups.analytics.yahoo.com/ups/55980/sync?uid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP434a555b-d4fd-11e9-a89f-0210c3062a56&verify=true
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 9826
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&advertisable=WYGYQ3R5TRBGVKEL7RO37B
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&expiration=1599787983
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&expiration=1599787983&C=1
43 B
898 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&expiration=1599787983&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Sep 2019 01:33:03 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 12 Sep 2019 01:33:03 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 12 Sep 2019 01:33:03 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&expiration=1599787983&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
Expires
Thu, 12 Sep 2019 01:33:03 GMT
tap.php
pixel.rubiconproject.com/ Frame 9826
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&advertisable=WYGYQ3R5TRBGVKEL7RO37B
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&expires=365
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 12 Sep 2019 01:33:03 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&expires=365
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
124
cookie-sync
sync.outbrain.com/ Frame 9826
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&advertisable=WYGYQ3R5TRBGVKEL7RO37B
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&rdrctExp=true
0
325 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&rdrctExp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:03 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, JFK, FRA, Europe1
x-timer
S1568251983.370226,VS0,VE90
accept-ranges
bytes, bytes
x-served-by
cache-jfk8120-JFK, cache-fra19142-FRA
x-cache
MISS, MISS
status
200
backend-ip
104.156.90.20
x-traceid
414cf4a255da3fa824eb4b67cb728f25
content-length
0
x-cache-hits
0, 0

Redirect headers

date
Thu, 12 Sep 2019 01:33:03 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, JFK, FRA, Europe1
x-timer
S1568251983.280282,VS0,VE83
accept-ranges
bytes, bytes
x-served-by
cache-jfk8151-JFK, cache-fra19142-FRA
status
302
x-cache
MISS, MISS
location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&rdrctExp=true
backend-ip
104.156.90.51
x-traceid
c761c13fef38a0d1f83eab25d9ed6988
content-length
0
x-cache-hits
0, 0
Pug
simage2.pubmatic.com/AdServer/ Frame 9826
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&advertisable=WYGYQ3R5TRBGVKEL7RO37B
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...
1 B
862 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Thu, 12 Sep 2019 01:33:03 GMT
X-lat
Pug22065:0:279
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Pragma
no-cache
Date
Thu, 12 Sep 2019 01:33:03 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
220
in
d.adroll.com/cm/r/ Frame 9826
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&advertisable=WYGYQ3R5TRBGVKEL7RO37B
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
42 B
501 B
Image
General
Full URL
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.245.200 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-217-245-200.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Sep 2019 01:33:03 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42

Redirect headers

Date
Thu, 12 Sep 2019 01:33:03 GMT
X-Content-Type-Options
nosniff
Server
ATS
Age
0
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
P3P
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
/
trc.taboola.com/sg/adroll-network/1/rtb-h/ Frame 9826
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&advertisable=WYGYQ3R5TRBGVKEL7RO37B
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI
0
261 B
Image
General
Full URL
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:03 GMT
via
1.1 varnish
server
nginx
x-timer
S1568251983.302984,VS0,VE8
x-cache
MISS
status
204
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-fra19142-FRA

Redirect headers

Pragma
no-cache
Date
Thu, 12 Sep 2019 01:33:03 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
111
xuid
eb2.3lift.com/ Frame 9826
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=ab292fbcf98d90158a8e5bd9aa5768f4-1568251983138&xid_ch=f&advertisable=WYGYQ3R5TRBGVKEL7RO37B
  • https://eb2.3lift.com/xuid?mid=4714&xuid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&dongle=c85e&gdpr=1&cmp_cs=
37 B
335 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&dongle=c85e&gdpr=1&cmp_cs=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.51.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-51-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 12 Sep 2019 01:33:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

status
302
date
Thu, 12 Sep 2019 01:33:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
/xuid?ld=1&mid=4714&xuid=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI&dongle=c85e&gdpr=1&cmp_cs=
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
in
d.adroll.com/cm/r/ Frame 9826
Redirect Chain
  • https://d.adroll.com/cm/r/out?advertisable=WYGYQ3R5TRBGVKEL7RO37B
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
42 B
501 B
Image
General
Full URL
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.245.200 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-217-245-200.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Sep 2019 01:33:03 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42

Redirect headers

Date
Thu, 12 Sep 2019 01:33:03 GMT
X-Content-Type-Options
nosniff
Server
ATS
Age
0
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
P3P
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
sync
x.bidswitch.net/ul_cb/ Frame 9826
Redirect Chain
  • https://d.adroll.com/cm/b/out?advertisable=WYGYQ3R5TRBGVKEL7RO37B
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI
43 B
379 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.113.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-57-113-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 12 Sep 2019 01:33:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Thu, 12 Sep 2019 01:33:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
setuid
ib.adnxs.com/ Frame 9826
Redirect Chain
  • https://d.adroll.com/cm/x/out?advertisable=WYGYQ3R5TRBGVKEL7RO37B
  • https://ib.adnxs.com/setuid?entity=172&code=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI
43 B
875 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=172&code=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Sep 2019 01:33:05 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.248:80
AN-X-Request-Uuid
d36dc6a0-8c08-4e8e-b669-4ebd49666682
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 12 Sep 2019 01:33:03 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://ib.adnxs.com/setuid?entity=172&code=OGQzOTNhOWMxMTliNGZmMzMxZDM5ZTgyMGRlNDU2NDI
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
93
377928.gif
idsync.rlcdn.com/ Frame 9826
Redirect Chain
  • https://d.adroll.com/cm/l/out?advertisable=WYGYQ3R5TRBGVKEL7RO37B
  • https://idsync.rlcdn.com/377928.gif?partner_uid=8d393a9c119b4ff331d39e820de45642
0
62 B
Image
General
Full URL
https://idsync.rlcdn.com/377928.gif?partner_uid=8d393a9c119b4ff331d39e820de45642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
21.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Thu, 12 Sep 2019 01:33:03 GMT
via
1.1 google
alt-svc
clear

Redirect headers

Pragma
no-cache
Date
Thu, 12 Sep 2019 01:33:03 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://idsync.rlcdn.com/377928.gif?partner_uid=8d393a9c119b4ff331d39e820de45642
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
86
sd
us-u.openx.net/w/1.0/ Frame 9826
Redirect Chain
  • https://d.adroll.com/cm/o/out?advertisable=WYGYQ3R5TRBGVKEL7RO37B
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=8d393a9c119b4ff331d39e820de45642
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=8d393a9c119b4ff331d39e820de45642
43 B
183 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=8d393a9c119b4ff331d39e820de45642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.161.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Sep 2019 01:33:03 GMT
via
1.1 google
server
OXGW/16.161.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 12 Sep 2019 01:33:03 GMT
via
1.1 google
server
OXGW/16.161.0
status
302
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=8d393a9c119b4ff331d39e820de45642
alt-svc
clear
content-length
0
in
d.adroll.com/cm/g/ Frame 9826
Redirect Chain
  • https://d.adroll.com/cm/g/out?advertisable=WYGYQ3R5TRBGVKEL7RO37B&google_nid=adroll4
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=jTk6nBGbT_Mx056CDeRWQg
  • https://d.adroll.com/cm/g/in
42 B
523 B
Image
General
Full URL
https://d.adroll.com/cm/g/in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.245.200 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-217-245-200.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Sep 2019 01:33:03 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
X-Result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Thu, 12 Sep 2019 01:33:03 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 9826
44 B
145 B
Image
General
Full URL
https://www.facebook.com/tr/?id=368483456643318&ev=PageView&dl=https%3A%2F%2Fwww.deputy.com%2Flp%2Flogin-splash-prod&rl=https%3A%2F%2Fonce.deputy.com%2Fmy%2Flogin%3Fredirect_url%3Dhttps%253A%252F%252Fonce.deputy.com%252Fmy%252F&if=true&ts=1568251983253&cd[segment_eid]=25AOC2LWHRGMPGUVE76YD6&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=29&fbp=fb.1.1568251982933.354056478&it=1568251982811&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 12 Sep 2019 01:33:03 GMT
/
www.facebook.com/tr/ Frame 9826
44 B
99 B
Image
General
Full URL
https://www.facebook.com/tr/?id=887751571280750&ev=Microdata&dl=https%3A%2F%2Fwww.deputy.com%2Flp%2Flogin-splash-prod&rl=https%3A%2F%2Fonce.deputy.com%2Fmy%2Flogin%3Fredirect_url%3Dhttps%253A%252F%252Fonce.deputy.com%252Fmy%252F&if=true&ts=1568251983436&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Deputy%20Login%20Splash%20Page%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22%22%2C%22og%3Atitle%22%3A%22Deputy%20Login%20Splash%20Page%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fhs.deputy.com%2Flp%2Flogin-splash-prod%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1568251982933.354056478&it=1568251982811&coo=false&es=automatic&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 01:33:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 12 Sep 2019 01:33:03 GMT
perf
www.deputy.com/_hcms/ Frame 9826
2 B
267 B
XHR
General
Full URL
https://www.deputy.com/_hcms/perf
Requested by
Host: www.deputy.com
URL: https://www.deputy.com/lp/login-splash-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:d450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

cf-ray
514e219ea95bcba8-VIE
date
Thu, 12 Sep 2019 01:33:05 GMT
x-debug
https://hs.deputy.com/_hcms/perf
server
cloudflare
x-trace
2B612A35206E079DA95827346495D43B4770B43064000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
status
200
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
content-length
2
e.gif
collect.albacross.com/ Frame 9826
37 B
184 B
Image
General
Full URL
https://collect.albacross.com/e.gif?s=JSCollector%2C2.0.2%2C1568251985823&e1=pageview_ping&p1=9d1ee6c5-31a2-37ee-1bfa-c91aeae98edf&c1=89871469&ci1=9f49017e-63ca-c321-81bb-bc50bcd1cd3b&v1=12b37015-810a-0d73-3dc4-b36a650ab6ec&u1=92e5025c-21bd-1598-73bf-5d57fc767dfc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.13.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-253-13-179.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 01:33:06 GMT
Server
nginx/1.12.1
Connection
keep-alive
Content-Length
37
Content-Type
image/gif
e.gif
collect.albacross.com/ Frame 9826
37 B
184 B
Image
General
Full URL
https://collect.albacross.com/e.gif?s=JSCollector%2C2.0.2%2C1568251990327&e1=pageview_ping&p1=9d1ee6c5-31a2-37ee-1bfa-c91aeae98edf&c1=89871469&ci1=4b76a89d-7aa2-35c3-5f41-814750a7beff&v1=60d6ced0-9cf8-40b3-73ff-811baa9caa6d&u1=3f35eb9b-cd0b-3da3-3237-8bce230159ff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.13.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-253-13-179.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.deputy.com/lp/login-splash-prod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 01:33:10 GMT
Server
nginx/1.12.1
Connection
keep-alive
Content-Length
37
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| DP_RENDER_ID string| DP_SERVER_INSTANCE string| DP_ENVIRONMENT string| DP_ASSETS number| DP_DESKTOP_AUTO_UPDATE boolean| DP_OFFLINE object| DP_LOCALE_INFO number| DP_SUBSCRIPTION object| DP_JS_LIB_MAP boolean| DP_IS_ENTERPRISE object| qcodo object| qc function| _typeof function| __resetListBox function| _sp function| TrieNode function| _isDebug function| _log function| _client_log function| _initMarkings function| _clearMarkings function| _mark function| DP_PHP_JS object| DPEffects function| noty function| dp_tip_show function| dp_tip_hide function| $ function| jQuery object| html5 object| Modernizr function| yepnope object| Mustache function| _ object| Backbone object| DP function| DEPUTECTrie function| BSTreeNode function| BSTree function| sprintf object| jQuery18309666470144202559 boolean| dpTip_is_showed object| dpTip_win object| dpTip_timedEvent function| moment object| lazySizes

16 Cookies

Domain/Path Name / Value
www.deputy.com/ Name: __utmt
Value: 1
www.deputy.com/ Name: __utmc
Value: 1
.deputy.com/ Name: ajs_group_id
Value: null
.deputy.com/ Name: __hstc
Value: 115885593.32657cd07d949c0af43357ca2759ee9e.1568251982704.1568251982704.1568251982704.1
.deputy.com/ Name: __hssc
Value: 115885593.1.1568251982704
.deputy.com/ Name: __hssrc
Value: 1
.deputy.com/ Name: ajs_user_id
Value: null
.deputy.com/ Name: hubspotutk
Value: 32657cd07d949c0af43357ca2759ee9e
www.deputy.com/ Name: __utmz
Value: 1.1568251983.1.1.utmcsr=once.deputy.com|utmccn=(referral)|utmcmd=referral|utmcct=/my/login
.deputy.com/ Name: _gcl_au
Value: 1.1.1153596330.1568251983
www.deputy.com/lp Name: DPReferrer
Value: https%3A//once.deputy.com/my/login%3Fredirect_url%3Dhttps%253A%252F%252Fonce.deputy.com%252Fmy%252F
www.deputy.com/ Name: __utma
Value: 1.1003120390.1568251983.1568251983.1568251983.1
.deputy.com/ Name: ajs_anonymous_id
Value: %22562501b3-5e98-4cf2-bbb2-0d40b807e540%22
www.deputy.com/ Name: __utmb
Value: 1.3.9.1568251983
.deputy.com/ Name: __cfduid
Value: deef1abaa6a138086d3db9fc62ad254561568251981
.once.deputy.com/ Name: DPSID
Value: k84ve38bi4cpp5ki70e2sj5j24

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
api.hubspot.com
api.segment.io
cdn.madkudu.com
cdn2.hubspot.net
cdnjs.cloudflare.com
cl.qualaroo.com
cm.g.doubleclick.net
collect.albacross.com
connect.facebook.net
d.adroll.com
d2dq2ahtl5zl1z.cloudfront.net
d2sebmzxyyulvv.cloudfront.net
designers.hubspot.com
dntcl.qualaroo.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
hs.deputy.com
ib.adnxs.com
idsync.rlcdn.com
js.hs-analytics.net
js.hsleadflows.net
js.usemessages.com
na.deputy.com
once.deputy.com
pixel.advertising.com
pixel.rubiconproject.com
s.adroll.com
serve.albacross.com
simage2.pubmatic.com
ssl.google-analytics.com
stats.g.doubleclick.net
sync.outbrain.com
track.hubspot.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.deputy.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
13.35.253.59
143.204.208.215
143.204.208.229
143.204.214.50
151.101.14.2
172.217.18.98
185.33.223.208
185.64.189.110
2.18.233.40
2.18.234.21
2001:4998:58:4904::7000
2606:4700:10::6814:d450
2606:4700::6810:fc05
2606:4700::6810:fd05
2606:4700::6811:46b0
2606:4700::6811:77b4
2606:4700::6811:79b4
2606:4700::6811:e9cc
2606:4700::6811:eecc
2606:4700::6811:f4cc
2606:4700::6813:c397
2a00:1450:4001:819::2008
2a00:1450:4001:81a::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:81f::2008
2a00:1450:4001:821::2002
2a00:1450:400c:c06::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.253.13.179
34.95.120.147
35.166.68.180
35.190.72.21
52.27.220.67
52.28.145.127
52.28.51.203
52.29.177.239
52.57.113.38
54.217.245.200
54.66.145.156
69.173.144.165
89.187.165.7
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
071f962485b679abfe48de4568e92970d6c7f4ef74c0faeacddc0f5f5c11fe32
0b261c009b273b7e190ca3bab60283dcdd43018d05d3714510943848ba64dfed
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
1708c1050797ba95dbff8aa8ba904e3a161583648e8cfc3c3bee4ad6a2ba1087
18528bd2fa00f0789829b47b6f1efead57a972dddb8b333e9c5d8fb3e3f179a7
186c40d06fc13830497a7b9f42bc14538c1b7fa0b98560c7911e6e1a935f769d
192ce9a095cfac62d7210cb9bb10c20c463a3bc147376744faafdf497b3cc630
19b70ec50fa6e2d809429fb647b236611baab307f9355083191691751c2456be
1b41b8beaf20f6ae36be87c26e09374c97a8d6dccf86318c677fcf8a1f3d4ab7
22032562902c2f07fc6ea1bc61063f8a6db53df14b223660437ab9a547b9adbc
282678f4a9da97ff05927eab1d543e6837fb87ad0b18959e0a9e0262d735618a
2c694cfafd5c00ba4a7a2110060eb937afccfc1d7b745a319c49764fe4ef017c
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170
34401e82a1141472df1697a141aa50812c17e6138424ca4caba5f3fc69885f4a
3645cc7cf729a22877ff158372b25c017efca47a5fc31921363d1b01ff00313b
365a1413ce25dd637e8047c087cbb87744ebacd36c2913a9a5e7aadb6a2ad7d3
3cf8c47de3f270c560605b1a48c19884dcfce4e7ca5077af5352f87add43bda3
3ded68f99fe8675e5f6fc5304b2e26dc582c305f601abc6030844632a7517fc5
3fab783488866f7b444b16bd86bea35618ba2ddb22b033cd44a39528378f44db
40cdf2a2de9b1fc4477e6f2d6481331bad542a35b52a5b5a898311e164b6b5ea
410df1f1e7af7727b369d643cae6bac0ed908a6f65189d01bf0b77e26960475a
41a6e8a54db09236c5fe14516ea349530605d1fc96457cfe17940b5faf03d828
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6bb9ce63d15c4ed7437444a134711ce7ec257e0fa31600d161a12fd721b20c51
7134bd1e43faa03a0d322cbd2d73141521350b2c11befb0e4b083e6939ccb86f
716e9de983c945096e451439a9c113bd14ca2703e50517081ffd8c660149e8db
71cb323bebe4a7733d8188602d9065cc7e420f79ae3dcee5cdf090ec8084fb0c
780bf4274874c3830efeb6e38c68642acb41bacef7ad4183938090786b9db3b1
7f586c83e85f4f4b68b74be4fdd4c511f0a1d6287a55c8428731999223f4d237
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c88d6a0ae774f43c52a16b37d0134231b235ddf98ce9eb7f28c587c31b59d5a
93cf0138ab6e21fdf74500a3d9d5d519e726dd3e8cc76efebb5bb183d3558064
948149bd7d046c4a606e185ad68acdad7695d532a781f556ac86f081c1e5f341
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
9e178abaada4c85b35e7d012f2d667beb22c83d6b4f42810efcf3731fd632979
a16f99388da9dc6533c1a16808d7ef2351ed17787e82aecbbcaa4dad8160dc54
a1e7c28b44aa96a7e41e241fa0ad92675167f7608e18a5c7dfa337c60cfcd652
a56246d3e48499cbe71b1ca8d55a91e5509fac14eccaa4c416b63a4c1131a148
ab449241b50123673e76dbcd70f869ae11d26920f0ce1670fdfd266308058179
ae64e367d9b17277598aa32cf7705caa9879e4e6a6a07bf6e6917f005d750b9d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
b6c0cf96895bae56d5598a9d8dda3c08faed9a929a5ea7761f2c967abbe07668
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
bc6b96a7245cd2f73ac09a4290d0a3ea04a4ae60496ec51cacbd4bc9dc2d6f39
bce5720b19a8772aaf317aed085efbe8de2d05f63b54570cec1b57bc9b830588
be7c710f3a28ec083f40cbdf0914a2af1b3223ca1b92209b5b7f13c81db27e60
c06878261fa4a197dd185244856f14d4acbd41671b3f9139d1d32e817bd86968
c597592b0e5e4c69f1d24926e1ac9d47c00c12e58ccf9db9f8242a69b0d23ec9
cc1fa30080268c17f6d404f044ba06ac3ef3d56b62b9847e8fb1da77ef4e1ed0
cc3145c23305ef562d6badbb9b996d179a1e8305378d951429dd9307a1efa387
ccda46cecfcc7d119a056a3b4d4bb231574caa9fe688fe2eb6fd020f4485ee51
d502cb4a3a2e8ba0c0c314f1d63829000a9db9e7d528105febdf7b87522373a6
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ddd4e7d673bbc63158e39dea37a762ee0af39b01ef139cbab85af5890296182a
e05b4593dd233abe7f47c149102c11f8a21501543d6573de3461534e86c17001
e129303f75e317ba0dd09f90f4de9e94f1d832355b5d9202181e3e72648b3646
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b48c53d69e39034a8e5e9d59d97a243fc6c0f67f6e31fd5232742e64dbc3e1
ed81f164b8d8cd29b76ff29afcbb98793d5a23241bccf77da4a436300a3171c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ade421502c6b323f08e809a4a8b74dbacbf2c3438ea7ec5527e3ac974820db
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7d7b8e746c4d75bbd4454d4a0e2e2c58d51f0293c25b1351696c33fc3571cce