www.workstepssleep.com Open in urlscan Pro
34.251.201.224 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.workstepssleep.com/
Effective URL:
https://www.workstepssleep.com/
Submission: On July 29 via manual (July 29th 2022, 8:44:48 pm UTC) from US — Scanned from DE

Summary HTTP 73 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 18 domains to perform 73 HTTP transactions. The main IP is 34.251.201.224, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.workstepssleep.com.
TLS certificate: Issued by R3 on July 1st 2022. Valid for: 3 months.

This is the only time www.workstepssleep.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	34.251.201.224 34.251.201.224	16509 (AMAZON-02) (AMAZON-02)
15	52.222.236.13 52.222.236.13	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	52.222.232.99 52.222.232.99	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:401... 2a00:1450:4014:80f::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	18.66.139.84 18.66.139.84	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	52.51.216.125 52.51.216.125	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:401... 2a00:1450:4014:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:1375	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.54.96.194 52.54.96.194	14618 (AMAZON-AES) (AMAZON-AES)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
73	26

4 34.251.201.224 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-201-224.eu-west-1.compute.amazonaws.com

www.workstepssleep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.222.236.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-13.fra56.r.cloudfront.net

global-uploads.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-99.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4014:80f::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-84.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.216.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-216-125.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80e::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1375 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	gstatic.com fonts.gstatic.com www.gstatic.com	267 KB
15	webflow.com global-uploads.webflow.com — Cisco Umbrella Rank: 30376	328 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 542 c.clarity.ms — Cisco Umbrella Rank: 1008 d.clarity.ms — Cisco Umbrella Rank: 5259	26 KB
7	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10582	2 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 637 script.hotjar.com — Cisco Umbrella Rank: 795 vars.hotjar.com — Cisco Umbrella Rank: 874 in.hotjar.com — Cisco Umbrella Rank: 1519	71 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 344 c.bing.com — Cisco Umbrella Rank: 192	13 KB
4	workstepssleep.com 1 redirects www.workstepssleep.com	7 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5701	899 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2841	20 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 3795	4 KB
2	google.com www.google.com — Cisco Umbrella Rank: 10	655 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 stats.g.doubleclick.net — Cisco Umbrella Rank: 117	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	111 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3701	71 KB
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	150 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 303 fonts.googleapis.com — Cisco Umbrella Rank: 72	8 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
73	18

	Domain	Requested by
15	global-uploads.webflow.com	www.workstepssleep.com global-uploads.webflow.com
13	fonts.gstatic.com	fonts.googleapis.com
7	mc.yandex.com	2 redirects www.workstepssleep.com mc.yandex.ru
4	www.workstepssleep.com	1 redirects connect.facebook.net
3	d.clarity.ms	www.clarity.ms
3	www.google.de	www.workstepssleep.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.workstepssleep.com
2	c.clarity.ms	1 redirects
2	pi.pardot.com	www.workstepssleep.com pi.pardot.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.google.com	www.workstepssleep.com
2	connect.facebook.net	www.workstepssleep.com connect.facebook.net
2	mc.yandex.ru	1 redirects www.workstepssleep.com
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	static.hotjar.com	www.workstepssleep.com www.googletagmanager.com
2	www.googletagmanager.com	www.workstepssleep.com www.googletagmanager.com
1	c.bing.com	1 redirects
1	in.hotjar.com	script.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	vars.hotjar.com	static.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	www.workstepssleep.com
1	ajax.googleapis.com	www.workstepssleep.com
73	28

This site contains links to these domains. Also see Links.

Domain
www.worksteps.com
www.google.com
www.branding.studio

Subject Issuer	Validity	Valid
www.workstepssleep.com R3	`2022-07-01` - `2022-09-29`	3 months	crt.sh
global-uploads.webflow.com Amazon	`2021-11-18` - `2022-12-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-08` - `2022-08-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.workstepssleep.com/
Frame ID: B9883B9AF3898B75DAA74D455FA2C99D
Requests: 72 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Frame ID: 068B15681C71B80B4FDFA1026C1FA0E8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DOT home sleep apnea testing and treatment for commercial drivers

Page URL History Show full URLs

http://www.workstepssleep.com/ HTTP 301
https://www.workstepssleep.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

95 %
HTTPS

58 %
IPv6

18
Domains

28
Subdomains

26
IPs

5
Countries

1124 kB
Transfer

2648 kB
Size

39
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.worksteps.com/

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/WorkSTEPS/@30.215329,-97.719824,15z/data=!4m5!3m4!1s0x0:0xd9562ce9d617f228!8m2!3d30.215329!4d-97.719824
Title: 3019 Alvin Devane Blvd. Suite 115 Austin TX 78741

Search URL Search Domain Scan URL

URL: https://www.branding.studio/
Title: by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.workstepssleep.com/ HTTP 301
https://www.workstepssleep.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://www.googleadservices.com/pagead/conversion/688446132/wcm?cc=ZZ&dn=8774368478&cl=o0HfCMng3bYBELS1o8gC&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774368478&cl=o0HfCMng3bYBELS1o8gC

Request Chain 57

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9714.CIB_YC0kQ21H4mJiCZqmhh2WCoIcJJMyhTkgK4uTAbvRmWalTOVD4mOnPG_BKnId.Jf2bSOOQnGgts1WVdS4pqZ45XsM%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9714.72rCy7MPNatArr5xikfhrb7DoRHKl9loz2MeFMYJulaEntgqxH6FGBTMDEUbvrBtbYKLvflwIYUn5s4ujHs1tw%2C%2C.FOtmrxDebCKdy_rBnYRswfMEjlA%2C

Request Chain 61

https://mc.yandex.com/watch/56719444?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A819%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A89711597060%3Ahid%3A820709915%3Az%3A0%3Ai%3A20220729204441%3Aet%3A1659127481%3Ac%3A1%3Arn%3A610511536%3Arqn%3A1%3Au%3A1659127481640283749%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1659127479777%3Ads%3A0%2C91%2C50%2C1%2C123%2C0%2C%2C736%2C0%2C%2C%2C%2C1008%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1659127481%3At%3ADOT%20home%20sleep%20apnea%20testing%20and%20treatment%20for%20commercial%20drivers&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/56719444/1?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A819%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A89711597060%3Ahid%3A820709915%3Az%3A0%3Ai%3A20220729204441%3Aet%3A1659127481%3Ac%3A1%3Arn%3A610511536%3Arqn%3A1%3Au%3A1659127481640283749%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1659127479777%3Ads%3A0%2C91%2C50%2C1%2C123%2C0%2C%2C736%2C0%2C%2C%2C%2C1008%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1659127481%3At%3ADOT%20home%20sleep%20apnea%20testing%20and%20treatment%20for%20commercial%20drivers&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 64

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=FA2E8F59BD124DF8B0BFECF552B715F3&RedC=c.clarity.ms&MXFR=2AE1FA389B1D666019FBEBC89F1D687B HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=FA2E8F59BD124DF8B0BFECF552B715F3&MUID=0B9E0D845E6E63F61EDF1C745F0562D5

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.workstepssleep.com/
Redirect Chain

http://www.workstepssleep.com/
https://www.workstepssleep.com/

16 KB
5 KB

142ms
50ms

Document
text/html

34.251.201.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.workstepssleep.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.251.201.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-201-224.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: e3994dd4f97d27d9e3f022d3c3a31e0016a96049fa5dac641df910d97555bd9b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3355
content-encoding: gzip
content-length: 5018
content-type: text/html
date: Fri, 29 Jul 2022 20:44:40 GMT
server: openresty
vary: x-wf-forwarded-proto, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-cluster-name: eu-west-1-prod-edge-blue
x-served-by: cache-iad-kjyo7100117-IAD, cache-dub4338-DUB
x-timer: S1659127480.025810,VS0,VE1

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Fri, 29 Jul 2022 20:44:39 GMT
Location: https://www.workstepssleep.com/
Server: openresty

GET
H2 200 worksteps-sleep.webflow.48920e507.css
global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/ 219 KB
25 KB 470ms
417ms Stylesheet
text/css 52.222.236.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
Requested by: Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 459b4649a6d5d11b018c94eeb2ef2f2589aa1ed095dc8a93216d04f3ff20a961

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: 8hUN1Y.eJZar.80DiznYqMXSOZTlJHUv
content-encoding: gzip
etag: "727f5ba9d5a94e41d69c76824383056a"
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24984
access-control-allow-origin: *
last-modified: Tue, 08 Jun 2021 19:19:36 GMT
server: AmazonS3
date: Fri, 29 Jul 2022 20:44:41 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 9CiLsMtDbJ2WVvFccUvxr65Vt3TCBtGgCeHG5lHf0Guwk9Bl4HtgAg==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 65ms
18ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 07:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 07:50:22 GMT

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 71ms
18ms Script
application/javascript 52.222.232.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=5d63e6792f49487250e1a27a
Requested by: Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-99.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.workstepssleep.com/
Origin: https://www.workstepssleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 07:28:06 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 47795
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: M4QNCkeBPlOZygQg48D0ja6DtPs6ln4ryRZsyq0xY4iQw0T1_MJTvw==

GET
H2 200 webflow.7d020acda.js Show response
global-uploads.webflow.com/5d63e6792f49487250e1a27a/js/ 234 KB
57 KB 489ms
436ms Script
text/javascript 52.222.236.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/js/webflow.7d020acda.js
Requested by: Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59ee8cc8c6989b52b09072e19092ad4a779eb351a352c25ea5b6672ce0b26ce4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 57681
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
last-modified: Tue, 08 Jun 2021 19:19:36 GMT
server: AmazonS3
etag: "b72e1ed117202679615909b316c92202"
x-amz-version-id: CLxu8yNBx3pAsz0V9vD8MaOZtkNYafpW
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
content-type: text/javascript
x-amz-cf-id: FXzV7QEDQ54ATHNx7iqJxC6S6CnKTTwF-d_Txa7HVtiivjOxcq9o-Q==

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 65ms
24ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd873f7d37f5cf26addad6ac7bee44ba9f8eaff154553750130751f0f288e197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 20:44:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Jul 2022 20:44:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Jul 2022 20:44:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 225 KB
80 KB 78ms
38ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W8ZN2Z8

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90598d4c3129cce1f185ebc67771f02510ace39160f0ba0db07860335ba4f44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80891
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 20:44:40 GMT

GET
H2 200 hotjar-1489924.js Show response
static.hotjar.com/c/ 5 KB
2 KB 94ms
53ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1489924.js?sv=6

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

332d7a42bee3156d7d453d8bc21127a45c737c248678eff6347a2a93a40672a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:40 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
etag: W/1478a8512457edcd2a1f0eb4db87d1c5
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: DP2wYgiqwlrIBATD-vq5HsucVa7SRQhfilK717u7gaFe-rTNglb9LQ==
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)

GET
H2 200 5d6dbbfa141661aa27e80c01_worksteps%20logo.svg
global-uploads.webflow.com/5d63e6792f49487250e1a27a/ 13 KB
5 KB 477ms
475ms Image
image/svg+xml 52.222.236.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/5d6dbbfa141661aa27e80c01_worksteps%20logo.svg
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe127281e682037e8d193335ec1ef2bb4ce69afb837d6c4ed3b510128efbd106

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
content-encoding: br
last-modified: Tue, 03 Sep 2019 01:03:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: W/"58c580bdd7e6e0932ce390008fbeebce"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: B9B306LMCQZYC9WN4UAmihw3VhN6ktYl
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: PhQ9floS68cKcQZp2o61nkoJ3W3U3PdyTspetgVyuCq2wVf-OFzLvg==
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)

GET
H2 200 5d6dd1c5b8496eeecc9a2266_flag.jpg
global-uploads.webflow.com/5d63e6792f49487250e1a27a/ 5 KB
5 KB 446ms
444ms Image
image/jpeg 52.222.236.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/5d6dd1c5b8496eeecc9a2266_flag.jpg
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50150c7b74487811061d3b192444b312d007ab3fc3321ccfb1a2fcf39f94f198

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
last-modified: Tue, 03 Sep 2019 02:36:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: "fbceec9cd6bc58177059ae05591c418d"
x-cache: Miss from cloudfront
x-amz-version-id: p_0K.SxN2_NcX0rLYG31lgrAQpdYBpPr
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 4730
x-amz-cf-id: JGZsjJUW1UZsbFLTqIA03fZdAfN9Byj6pMMVfmSPBCEcIoQin37eqA==

GET
H2 200 5d6dd2397155881cab14a5b3_proud-icon.svg
global-uploads.webflow.com/5d63e6792f49487250e1a27a/ 25 KB
9 KB 449ms
447ms Image
image/svg+xml 52.222.236.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/5d6dd2397155881cab14a5b3_proud-icon.svg
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a518d969920f8ba9b097fb6df14ebb27f518d2f52d869a6c05b0885a6e66db6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
content-encoding: br
last-modified: Tue, 03 Sep 2019 02:38:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: W/"2674431e639fab28e514b53817408a40"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: oEgrTu8NzxTOZhYrfFGKp.DmANrXe6RI
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: 5XSDkNLx_XodWsbr3-kiXdErHUVWLaMmOPiCdoOpiB9oOSuNIK_azA==
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)

GET
H2 200 5d7450c334bd3610f2e2c8cf_icon-phone.svg
global-uploads.webflow.com/5d63e6792f49487250e1a27a/ 2 KB
2 KB 458ms
457ms Image
image/svg+xml 52.222.236.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/5d7450c334bd3610f2e2c8cf_icon-phone.svg
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4a76db7b8bf20c95f3a421e3b9472f9ff7bdaa8355d8722a3ca39ac7bf357f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
content-encoding: br
last-modified: Sun, 08 Sep 2019 00:52:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: W/"d546f8e711944321bc10f27251952802"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: IhG8DvwacyOKWEJyepVWjCKhgOC7Vos3
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: a6tFBclyFLi00pqkb91Gb0iKkW4FdtqKZ7RMrQlANHhwqqZVwVGdyg==
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)

GET
H2 200 5da63465bb438c92603205b4_icon-home--black.svg
global-uploads.webflow.com/5d63e6792f49487250e1a27a/ 1 KB
894 B 460ms
460ms Image
image/svg+xml 52.222.236.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/5da63465bb438c92603205b4_icon-home--black.svg
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d91886641331de72ecd7d406d2d95fdb0a015108e4b61a08914f15f10e65db29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
content-encoding: br
last-modified: Tue, 15 Oct 2019 21:04:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: W/"1569198c4480759d98a6f98edac92eba"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: MEYBxa3kMIUGWZJHSqtjyL3jO24iJDXe
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: aTOCLH46Q3tXd48CX24hTv1Lq6aT_hfyoajMZ6i_rvSGswkRbfCnMw==
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)

GET
H2 200 5d8110363510c9333505fbd3_image--hero--home.jpg
global-uploads.webflow.com/5d63e6792f49487250e1a27a/ 88 KB
88 KB 510ms
509ms Image
image/jpeg 52.222.236.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/5d8110363510c9333505fbd3_image--hero--home.jpg
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f041697b282dae297547fc755f50f39f4f3ce9b56ee9eb088cbf08f2f8419a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
last-modified: Tue, 17 Sep 2019 16:56:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: "2c4c486b419f7d95ccf1e587aa9ae597"
x-cache: Miss from cloudfront
x-amz-version-id: 9KWrwIQFoPZiY5HLmSkRn.o2yPxUZWZZ
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 89914
x-amz-cf-id: l0iBJsWIwQOKV94W5dAwYbATp0QPZNc6fgtj_GDQ0UatDpBaZsiBuQ==

GET
H2 200 5d6f06f900df071a6c44fa6d_fda-approved-icon.svg
global-uploads.webflow.com/5d63e6792f49487250e1a27a/ 14 KB
5 KB 453ms
451ms Image
image/svg+xml 52.222.236.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/5d6f06f900df071a6c44fa6d_fda-approved-icon.svg
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dfe4cb0bcd615e43c11b51b4ca7d7aa2c7f2f167a7d2b5559281fa2126f437c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
content-encoding: br
last-modified: Wed, 04 Sep 2019 00:36:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: W/"d76fa95898b0c0d996e8ed0730276c85"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: o2ih.Zboou4ef06phBzBnmy0w456KTS3
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: YHRde80aFb_J8I0u5Phd17p60HKumn6ggFNHT9JzWylzF3_b7oIDHA==
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)

GET
H2 200 5ddd890f167ced3d3a613e0a_dot-compliant--logo.svg
global-uploads.webflow.com/5d63e6792f49487250e1a27a/ 13 KB
5 KB 474ms
472ms Image
image/svg+xml 52.222.236.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/5ddd890f167ced3d3a613e0a_dot-compliant--logo.svg
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9535567cf78680a6df04468cdc4e2ae4bb61755f4395d6caa009eff97cecac1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
content-encoding: br
last-modified: Tue, 26 Nov 2019 20:20:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: W/"6866e3d8e1b7ad5f8dc4cd10c2500f4e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: I_c.pcGQPOrqYl0RyBtzD8gUjwrkGfm7
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: RMqNaWSwRKeYJx4p2x6QM33rW6GVhEsLDY9MjnJNj0NyMW1XmoE-dQ==
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)

GET
H2 200 5d77bc6b9fadddea5f291932_st-christopher-logo.png
global-uploads.webflow.com/5d63e6792f49487250e1a27a/ 39 KB
39 KB 476ms
475ms Image
image/png 52.222.236.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/5d77bc6b9fadddea5f291932_st-christopher-logo.png
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38a5b436a9e4f740073a985ddaec0bf5a40e428b919c6e5fc669f4758fa858fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
last-modified: Tue, 10 Sep 2019 15:08:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: "4bea9656c651340df2605694dd1843b7"
x-cache: Miss from cloudfront
x-amz-version-id: GPlRLg8KW9giyQqXDnPngdr9v5U1MJvP
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/png
content-length: 39688
x-amz-cf-id: hV20VtigZ3MskoNU7-DgS-9eyuy0u3KWaNFIbVyaq9z9ouSz008x2A==

GET
H2 200 5d6f089b2fd62f7efb20d352_itamar-logo.png
global-uploads.webflow.com/5d63e6792f49487250e1a27a/ 16 KB
17 KB 156ms
155ms Image
image/png 52.222.236.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/5d6f089b2fd62f7efb20d352_itamar-logo.png
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e04946174f0e5ac6cb9a086d1cf1c5ba78acd69e37c5af2da88deef0a993a3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 00:43:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: "32dd8bc05b77cab8c89de6e8b1fa427d"
x-cache: Miss from cloudfront
x-amz-version-id: Oz75TodVNulyGel8CkFxnVZ5CxFDYd5N
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/png
content-length: 16596
x-amz-cf-id: dTvKIHLeLBfGxCZhQoA73fPEgxqjxvzls8RfBPBLolQGkaG6nl8_xA==

GET
H2 200 5d642223346aae6ee37d046e_link-arrow--blue.svg
global-uploads.webflow.com/5d63e6792f49487250e1a27a/ 592 B
1011 B 227ms
226ms Image
image/svg+xml 52.222.236.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/5d642223346aae6ee37d046e_link-arrow--blue.svg
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 948ffb316a7caaafb40aab087d9a47d610d0fe75f3a805069b6c0f3f65c2e3d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
last-modified: Mon, 26 Aug 2019 18:17:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: "fe0dc0be171153665259db5d146bfcc4"
x-cache: Miss from cloudfront
x-amz-version-id: bOEoeviLhstjR35Xe4en.pGHUsyBoFbR
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/svg+xml
content-length: 592
x-amz-cf-id: -8fG43f0-CM1NTQy6o0BNOY9tDg01ZC86_moM2vZI8tpkW7v72BU3A==

GET
H2 200 5d706f219b8d7b049889af48_image-banner--sleep-apnea.jpg
global-uploads.webflow.com/5d63e6792f49487250e1a27a/ 64 KB
64 KB 450ms
450ms Image
image/jpeg 52.222.236.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/5d706f219b8d7b049889af48_image-banner--sleep-apnea.jpg
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62d426aa4f9781734b55b0e380a4c36bba6891bc5573f8ac254971c71361e7ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
last-modified: Thu, 05 Sep 2019 02:12:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: "e9c863fde1a136b472acc9cdfa2fb598"
x-cache: Miss from cloudfront
x-amz-version-id: q4ikXdOCoCqh19gTAUwLgaOm994HMhJS
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 65522
x-amz-cf-id: jIjXYwNEptw__jEn4W86O5rR4Xj58dl5KGb9_ZgvEyV5-RDNKhZ2fg==

GET
H2 200 5d640349afd53f3d241fa0b2_WorkSTEPS-logo.svg
global-uploads.webflow.com/5d63e6792f49487250e1a27a/ 13 KB
5 KB 154ms
154ms Image
image/svg+xml 52.222.236.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/5d640349afd53f3d241fa0b2_WorkSTEPS-logo.svg
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c65593fd2a50e479ba7db2b1b41ad7f5318c425e00a433d76b8537a31f2ac74d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.48920e507.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
content-encoding: br
last-modified: Mon, 26 Aug 2019 16:05:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: W/"375c8b677e718aaabfab344ff8f1d808"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: k5LwZov1_ujlXXFAjHJ_qdb6UrSyacqf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: PCUo4gBvuEXsD28gokKjbOo1f7lCPWlHks21B0zWyhRSgvI_Ld45vw==
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 100ms
30ms Font
font/woff2 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.workstepssleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 19:34:26 GMT
x-content-type-options: nosniff
age: 177014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 19:34:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 108ms
38ms Font
font/woff2 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.workstepssleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 19:33:21 GMT
x-content-type-options: nosniff
age: 177079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 19:33:21 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 194ms
124ms Font
font/woff2 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.workstepssleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 19:40:54 GMT
x-content-type-options: nosniff
age: 176626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 19:40:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 144ms
74ms Font
font/woff2 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.workstepssleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 23:33:16 GMT
x-content-type-options: nosniff
age: 249084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 23:33:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 154ms
84ms Font
font/woff2 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.workstepssleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 22:07:28 GMT
x-content-type-options: nosniff
age: 167832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 22:07:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 184ms
115ms Font
font/woff2 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.workstepssleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 19:34:26 GMT
x-content-type-options: nosniff
age: 177014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 19:34:26 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 228ms
158ms Font
font/woff2 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.workstepssleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 22:39:25 GMT
x-content-type-options: nosniff
age: 252315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 22:39:25 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
21 KB 222ms
153ms Font
font/woff2 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.workstepssleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 22:30:12 GMT
x-content-type-options: nosniff
age: 80068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 22:30:12 GMT

GET
H2 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 210ms
141ms Font
font/woff2 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.workstepssleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 22:36:03 GMT
x-content-type-options: nosniff
age: 252517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21796
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 22:36:03 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 199ms
130ms Font
font/woff2 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.workstepssleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 18:11:14 GMT
x-content-type-options: nosniff
age: 9206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 18:11:14 GMT

GET
H2 200 7cHqv4kjgoGqM7E3q-0s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 22 KB
22 KB 238ms
169ms Font
font/woff2 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3q-0s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f132510bc7b665bbe5fb9227b0d2daafa5513296a72f88f88d38179eded9277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.workstepssleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 02:40:57 GMT
x-content-type-options: nosniff
age: 237823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22052
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:05:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 02:40:57 GMT

GET
H2 200 7cHqv4kjgoGqM7E3j-ws51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 245ms
176ms Font
font/woff2 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3j-ws51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9bfb04a18c8be687fadacd7f67647b65113ee8d1aabcb0f410eac21681fa7ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.workstepssleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 18:16:56 GMT
x-content-type-options: nosniff
age: 8864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21416
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 18:16:56 GMT

GET
H2 200 7cHsv4kjgoGqM7E_CfPI42ouvTo.woff2
fonts.gstatic.com/s/barlow/v12/ 23 KB
23 KB 232ms
163ms Font
font/woff2 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHsv4kjgoGqM7E_CfPI42ouvTo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cca6c2dd9540ac7b8194f52ad49c3e6312705d4aa25c4cc29d68e9dbb8a3a118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.workstepssleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 19:37:35 GMT
x-content-type-options: nosniff
age: 176825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23424
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:28:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 19:37:35 GMT

GET
H2 200 modules.311bafb9406f6ba6bebc.js Show response
script.hotjar.com/ 246 KB
64 KB 74ms
27ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.311bafb9406f6ba6bebc.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1489924.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

6dd840095807404d43062ce2afdf5e14b5d1c9262dbd7d726372861b0cfbfedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 09:17:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41254
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64600
access-control-allow-origin: *
last-modified: Fri, 29 Jul 2022 09:16:08 GMT
etag: "45663d5a8b5e0ae258fd8063655953c6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: xT1m90t15kgLUEsKpaiCcl_kjNk2q0vSxuBh0X-WwPttJRva7twQOQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4QSKSP7FMR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8ZN2Z8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d733a839be6ab34efa106fb500fa62898422332323982f3206aa3979cb0259b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72396
x-xss-protection: 0
expires: Fri, 29 Jul 2022 20:44:40 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 96ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8ZN2Z8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:15:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 29 Jul 2022 21:15:12 GMT

GET
H2 200 hotjar-1626859.js Show response
static.hotjar.com/c/ 6 KB
3 KB 63ms
63ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1626859.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8ZN2Z8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

60017c10f464e4c030053fa2f9f8b6f25f75b463f9406ef4f5539789a9c15e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:40 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
etag: W/7c7f7f98f37c981dbd5091315c2cefec
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: Q4QFWPjYoTRweNZm4-AdfvL6RZ7qgR1yaSmBIWaDG6UeSDudwmSnug==
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 89ms
38ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8ZN2Z8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5923
date: Fri, 29 Jul 2022 19:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 29 Jul 2022 21:05:57 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 134ms
68ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8ZN2Z8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 58BA9CA4BF7F4690A456BBEE5CE2B85B Ref B: FRAEDGE1410 Ref C: 2022-07-29T20:44:40Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 29 Jul 2022 20:44:39 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 109ms
60ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8ZN2Z8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Jul 2022 20:44:40 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 205 KB
71 KB 326ms
155ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1b180241b262c5bd3dc07342b4bff2d11660801a558354699513cbc52cb79280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:40 GMT
content-encoding: br
last-modified: Fri, 29 Jul 2022 10:22:34 GMT
etag: "62e38aba-118ed"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71917
expires: Fri, 29 Jul 2022 21:44:40 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 106ms
43ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dda961c684bb8f6a9e1d37502469bc063b1d90b4966c81ea03f07079a6036a59

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26528
x-xss-protection: 0
pragma: public
x-fb-debug: KcYw4c6hwYrr6LVL2hoq2P3YYk7afq9CqMWpIF346ctxklvKBRX18uTDFnEHypM/YsiXSrR0jy7Af3essxr0QA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 29 Jul 2022 20:44:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
352 B 94ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4QSKSP7FMR&gtm=2oe7r0&_p=1101434337&_z=ccd.v9B&cid=1118528207.1659127481&ul=en-us&sr=1600x1200&_s=1&sid=1659127480&sct=1&seg=0&dl=https%3A%2F%2Fwww.workstepssleep.com%2F&dt=DOT%20home%20sleep%20apnea%20testing%20and%20treatment%20for%20commercial%20drivers&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4QSKSP7FMR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 20:44:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.workstepssleep.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
21 KB 52ms
18ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 11:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21020
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 22:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 11:22:27 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 58ms
25ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1101434337&t=pageview&_s=1&dl=https%3A%2F%2Fwww.workstepssleep.com%2F&ul=en-us&de=UTF-8&dt=DOT%20home%20sleep%20apnea%20testing%20and%20treatment%20for%20commercial%20drivers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=362301198&gjid=997217546&cid=1118528207.1659127481&tid=UA-38843168-2&_gid=598468883.1659127481&_r=1&gtm=2wg7r0W8ZN2Z8&z=1779953036

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workstepssleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 20:44:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.workstepssleep.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-0004cb77850b00d4aa7e1e08ff61e8f0.html Show response
vars.hotjar.com/ Frame 068B 2 KB
1 KB 65ms
23ms Document
text/html 18.66.139.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1489924.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-84.fra60.r.cloudfront.net

Software

Resource Hash

cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.workstepssleep.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1233153
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 14:12:07 GMT
etag: "d2caf2e569940c65a88268a169f3facf"
last-modified: Fri, 15 Jul 2022 14:11:55 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
x-amz-cf-id: ojirltEgbfusFtCMinhrss43GSctmJEaLjClVK-6NmyHfBESyDyV2Q==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/688446132/ 2 KB
2 KB 74ms
31ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/688446132/?random=1659127480878&cv=9&fst=1659127480878&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7r0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.workstepssleep.com%2F&tiba=DOT%20home%20sleep%20apnea%20testing%20and%20treatment%20for%20commercial%20drivers&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50c85bfc46a5bb153ca9354506f41513025a84e7765108045b7e4a4141b1bd81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 20:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1048
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 695077184371748 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 214ms
192ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/695077184371748?v=2.9.69&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0636eba071bea59aa6b9e7ce6bbb79d474c30b0b79c0ec4ea759f6f2b6382d4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: If/ZcuDCi2GWDXHQutq7y9lsayAJHODUqkdHOYP5ZVcsPH0HnwWINQbbjRRlV5DEprhuEeaCggs1Rs5Niyt2/A==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 29 Jul 2022 20:44:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1659127481094
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 56087623.js Show response
bat.bing.com/p/action/ 1 KB
844 B 372ms
372ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56087623.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6313a537f55d71311f7e903ee87f3a21256f622658d226c0d9fef4e2a3780c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4ACA76716C644698B843356EB65245C8 Ref B: FRAEDGE1410 Ref C: 2022-07-29T20:44:40Z
date: Fri, 29 Jul 2022 20:44:40 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 668

GET
H2 204 0
bat.bing.com/action/ 0
175 B 43ms
43ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56087623&tm=gtm002&Ver=2&mid=152855a5-1243-45f5-9c90-bb381937c533&sid=44dcbf600f7f11edba25756bb957b39b&vid=44dcc2c00f7f11eda850e787ce9e6a38&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=DOT%20home%20sleep%20apnea%20testing%20and%20treatment%20for%20commercial%20drivers&p=https%3A%2F%2Fwww.workstepssleep.com%2F&r=&lt=1009&evt=pageLoad&sv=1&rn=978536

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 588906699F1B4B9EB08D54A1AE3CCCA3 Ref B: FRAEDGE1410 Ref C: 2022-07-29T20:44:40Z
date: Fri, 29 Jul 2022 20:44:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/688446132/wcm?cc=ZZ&dn=8774368478&cl=o0HfCMng3bYBELS1o8gC&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774368478&cl=o0HfCMng3bYBELS1o8gC

80 B
565 B

90ms
33ms

XHR
application/json

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774368478&cl=o0HfCMng3bYBELS1o8gC

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

timing-allow-origin: *
date: Fri, 29 Jul 2022 20:44:40 GMT
x-content-type-options: nosniff
server: cafe
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774368478&cl=o0HfCMng3bYBELS1o8gC
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.workstepssleep.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 148ms
58ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-38843168-2&cid=1118528207.1659127481&jid=362301198&gjid=997217546&_gid=598468883.1659127481&_u=YADAAEAAAAAAAC~&z=1198551763

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workstepssleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 29 Jul 2022 20:44:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.workstepssleep.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1489924/ 148 B
323 B 184ms
47ms XHR
application/json 52.51.216.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1489924/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.311bafb9406f6ba6bebc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.216.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-216-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c9d4bf2b35d1dd9ac94b5f8b06e69b5b8acdc0e41d372770ecfd37eca82d61ca

Request headers

Referer: https://www.workstepssleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 /
www.google.com/pagead/1p-user-list/688446132/ 42 B
548 B 168ms
44ms Image
image/gif 2a00:1450:4014:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/688446132/?random=1659127480878&cv=9&fst=1659124800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7r0&sendb=1&frm=0&url=https%3A%2F%2Fwww.workstepssleep.com%2F&tiba=DOT%20home%20sleep%20apnea%20testing%20and%20treatment%20for%20commercial%20drivers&async=1&fmt=3&is_vtc=1&random=2407741193&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 20:44:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/688446132/ 42 B
227 B 145ms
36ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/688446132/?random=1659127480878&cv=9&fst=1659124800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7r0&sendb=1&frm=0&url=https%3A%2F%2Fwww.workstepssleep.com%2F&tiba=DOT%20home%20sleep%20apnea%20testing%20and%20treatment%20for%20commercial%20drivers&async=1&fmt=3&is_vtc=1&random=2407741193&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 20:44:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 68ms
55ms Image
image/gif 2a00:1450:4014:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-38843168-2&cid=1118528207.1659127481&jid=362301198&_u=YADAAEAAAAAAAC~&z=1813669663

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 20:44:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 46ms
46ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-38843168-2&cid=1118528207.1659127481&jid=362301198&_u=YADAAEAAAAAAAC~&z=1813669663

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 20:44:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9714.CIB_YC0kQ21H4mJiCZqmhh2WCoIcJJMyhTkgK4uTAbvRmWalTOVD4mOnPG_BKnId.Jf2bSOOQnGgts1WVdS4pqZ45XsM%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9714.72rCy7MPNatArr5xikfhrb7DoRHKl9loz2MeFMYJulaEntgqxH6FGBTMDEUbvrBtbYKLvflwIYUn5s4ujHs1tw%2C%2C.FOtmrxDebCKdy_rBnYRswfMEjlA%2C

75 B
75 B

70ms
69ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9714.72rCy7MPNatArr5xikfhrb7DoRHKl9loz2MeFMYJulaEntgqxH6FGBTMDEUbvrBtbYKLvflwIYUn5s4ujHs1tw%2C%2C.FOtmrxDebCKdy_rBnYRswfMEjlA%2C

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9714.72rCy7MPNatArr5xikfhrb7DoRHKl9loz2MeFMYJulaEntgqxH6FGBTMDEUbvrBtbYKLvflwIYUn5s4ujHs1tw%2C%2C.FOtmrxDebCKdy_rBnYRswfMEjlA%2C
date: Fri, 29 Jul 2022 20:44:41 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
160 B 88ms
88ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
last-modified: Fri, 29 Jul 2022 10:22:34 GMT
etag: "62e38aba-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 29 Jul 2022 21:44:41 GMT

POST
H2 405 null Show response
www.workstepssleep.com/ 556 B
824 B 286ms
286ms XHR
text/html 34.251.201.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.workstepssleep.com/null
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.251.201.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-201-224.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 642651086272483fb113dd3eb474ed9c31d0104d1ab48c644dff32b51bd2e9d3

Request headers

Referer: https://www.workstepssleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryWA9CbQtVTFBRB8mc

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
via: 1.1 varnish, 1.1 varnish
server: openresty
x-timer: S1659127481.196493,VS0,VE237
x-served-by: cache-iad-kiad7000104-IAD, cache-dub4324-DUB
vary: x-wf-forwarded-proto
x-cache: MISS, MISS
content-type: text/html
accept-ranges: bytes
x-cluster-name: eu-west-1-prod-edge-blue
content-length: 556
x-cache-hits: 0, 0

GET
H2 200 56087623 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 228ms
134ms Script
application/x-javascript 2620:1ec:27::cafe:1375
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/56087623
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/56087623.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1375 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: dde63d13ce8b3b1a18446837e74c3c71712020ccf0d8ca54d6321d00a913f51d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:40 GMT
x-powered-by: ASP.NET
x-azure-ref: 0uUbkYgAAAADBvECD+buzQq7EuUmNGl9SVklFRURHRTA3MTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2

200

1 Show response
mc.yandex.com/watch/56719444/
Redirect Chain

https://mc.yandex.com/watch/56719444?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A819%3Afu%3A0%3Aen%3Au...
https://mc.yandex.com/watch/56719444/1?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A819%3Afu%3A0%3Aen%3...

357 B
439 B

81ms
81ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/56719444/1?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A819%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A89711597060%3Ahid%3A820709915%3Az%3A0%3Ai%3A20220729204441%3Aet%3A1659127481%3Ac%3A1%3Arn%3A610511536%3Arqn%3A1%3Au%3A1659127481640283749%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1659127479777%3Ads%3A0%2C91%2C50%2C1%2C123%2C0%2C%2C736%2C0%2C%2C%2C%2C1008%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1659127481%3At%3ADOT%20home%20sleep%20apnea%20testing%20and%20treatment%20for%20commercial%20drivers&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

001fb2e77ab9e28d512dd1d71a5000054a8b1c33af8960dd595b7b8e0a8f73ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 20:44:41 GMT
x-content-type-options: nosniff
last-modified: Fri, 29-Jul-2022 20:44:41 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.workstepssleep.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Fri, 29-Jul-2022 20:44:41 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Jul 2022 20:44:41 GMT
last-modified: Fri, 29-Jul-2022 20:44:41 GMT
location: /watch/56719444/1?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A819%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A89711597060%3Ahid%3A820709915%3Az%3A0%3Ai%3A20220729204441%3Aet%3A1659127481%3Ac%3A1%3Arn%3A610511536%3Arqn%3A1%3Au%3A1659127481640283749%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1659127479777%3Ads%3A0%2C91%2C50%2C1%2C123%2C0%2C%2C736%2C0%2C%2C%2C%2C1008%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1659127481%3At%3ADOT%20home%20sleep%20apnea%20testing%20and%20treatment%20for%20commercial%20drivers&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.workstepssleep.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 29-Jul-2022 20:44:41 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus/s/0.6.36/ 52 KB
23 KB 132ms
131ms Script
application/javascript 2620:1ec:27::cafe:1375
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus/s/0.6.36/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56087623
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1375 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 20:44:41 GMT
content-encoding: br
etag: "1d8a0e15023e426"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0uUbkYgAAAAD7EeF5A9eNR7Jo0eyzBQT6VklFRURHRTA3MTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges: bytes
content-length: 23009
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 367ms
115ms Script
application/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: 3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 20:44:42 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Fri, 29 Jul 2022 05:18:31 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1946
expires: Sun, 28 Jul 2024 20:44:42 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=FA2E8F59BD124DF8B0BFECF552B715F3&RedC=c.clarity.ms&MXFR=2AE1FA389B1D666019FBEBC89F1D687B
https://c.clarity.ms/c.gif?CtsSyncId=FA2E8F59BD124DF8B0BFECF552B715F3&MUID=0B9E0D845E6E63F61EDF1C745F0562D5

42 B
369 B

43ms
42ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=FA2E8F59BD124DF8B0BFECF552B715F3&MUID=0B9E0D845E6E63F61EDF1C745F0562D5
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 20:44:41 GMT
last-modified: Thu, 28 Jul 2022 20:41:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "82531c78c2a2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 29 Jul 2022 20:44:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 559784C1A96E400396B2718CC1A71DE0 Ref B: FRAEDGE1410 Ref C: 2022-07-29T20:44:41Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=FA2E8F59BD124DF8B0BFECF552B715F3&MUID=0B9E0D845E6E63F61EDF1C745F0562D5
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 204 collect Show response
d.clarity.ms/ 0
181 B 328ms
106ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.36/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.workstepssleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: https://www.workstepssleep.com
date: Fri, 29 Jul 2022 20:44:41 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 259 B
1 KB 601ms
600ms Script
text/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1610&account_id=739103&title=DOT%20home%20sleep%20apnea%20testing%20and%20treatment%20for%20commercial%20drivers&url=https%3A%2F%2Fwww.workstepssleep.com%2F&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-96-194.compute-1.amazonaws.com

Software

PardotServer /

Resource Hash

47c88cb214afba555a7f4353fd96738c9cad87b44cf0175fbf35eac76846f234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstepssleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 29 Jul 2022 20:44:42 GMT
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
vary: Accept-Encoding,User-Agent
Connection: keep-alive
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Content-Length: 197
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 405 null Show response
www.workstepssleep.com/ 556 B
824 B 218ms
216ms XHR
text/html 34.251.201.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.workstepssleep.com/null
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.251.201.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-201-224.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 642651086272483fb113dd3eb474ed9c31d0104d1ab48c644dff32b51bd2e9d3

Request headers

Referer: https://www.workstepssleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryt6WWyPaexbDQtHpW

Response headers

date: Fri, 29 Jul 2022 20:44:42 GMT
via: 1.1 varnish, 1.1 varnish
server: openresty
x-timer: S1659127483.726509,VS0,VE150
x-served-by: cache-iad-kiad7000124-IAD, cache-dub4344-DUB
vary: x-wf-forwarded-proto
x-cache: MISS, MISS
content-type: text/html
accept-ranges: bytes
x-cluster-name: eu-west-1-prod-edge-blue
content-length: 556
x-cache-hits: 0, 0

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 110ms
110ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.36/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.workstepssleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: https://www.workstepssleep.com
date: Fri, 29 Jul 2022 20:44:42 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H2 200 56719444 Show response
mc.yandex.com/webvisor/ 43 B
145 B 152ms
151ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/56719444?wmode=0&wv-part=1&wv-hit=820709915&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&rn=145843238&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1659127484%3Aw%3A1600x1200%3Av%3A850%3Az%3A0%3Ai%3A20220729204443%3Au%3A1659127481640283749%3Avf%3A1hc9dnhfark502dexbw1k%3Awe%3A1%3Ast%3A1659127484&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workstepssleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 20:44:44 GMT
last-modified: Fri, 29-Jul-2022 20:44:44 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.workstepssleep.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 29-Jul-2022 20:44:44 GMT

POST
H2 200 56719444 Show response
mc.yandex.com/webvisor/ 43 B
73 B 79ms
78ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/56719444?wmode=0&wv-part=1&wv-hit=820709915&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&rn=847247801&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1659127484%3Aw%3A1600x1200%3Av%3A850%3Az%3A0%3Ai%3A20220729204444%3Au%3A1659127481640283749%3Avf%3A1hc9dnhfark502dexbw1k%3Awe%3A1%3Ast%3A1659127484&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workstepssleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 20:44:44 GMT
last-modified: Fri, 29-Jul-2022 20:44:44 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.workstepssleep.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 29-Jul-2022 20:44:44 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 130ms
129ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.36/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.workstepssleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: https://www.workstepssleep.com
date: Fri, 29 Jul 2022 20:44:44 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.workstepssleep.com/	1970-01-20 07:01:43	Name: _gcl_au Value: 1.1.298320926.1659127481
.workstepssleep.com/	1970-01-20 22:23:19	Name: _ga_4QSKSP7FMR Value: GS1.1.1659127480.1.0.1659127480.0
.bing.com/	1970-01-20 14:13:43	Name: MUID Value: 0B9E0D845E6E63F61EDF1C745F0562D5
.workstepssleep.com/	1970-01-20 22:23:19	Name: _ga Value: GA1.2.1118528207.1659127481
.workstepssleep.com/	1970-01-20 04:53:33	Name: _gid Value: GA1.2.598468883.1659127481
.workstepssleep.com/	1970-01-20 04:52:07	Name: _gat_UA-38843168-2 Value: 1
.workstepssleep.com/	1970-01-20 04:53:33	Name: _uetsid Value: 44dcbf600f7f11edba25756bb957b39b
.workstepssleep.com/	1970-01-20 14:13:43	Name: _uetvid Value: 44dcc2c00f7f11eda850e787ce9e6a38
.workstepssleep.com/	1970-01-20 13:37:43	Name: _hjSessionUser_1489924 Value: eyJpZCI6IjU0OWVhNDhiLWRkMjMtNTI2Yy04NTVmLWM0ZGE0ZjAxYWNkMSIsImNyZWF0ZWQiOjE2NTkxMjc0ODA4MzAsImV4aXN0aW5nIjpmYWxzZX0=
.workstepssleep.com/	1970-01-20 04:52:09	Name: _hjFirstSeen Value: 1
www.workstepssleep.com/	1970-01-20 04:52:07	Name: _hjIncludedInSessionSample Value: 1
.workstepssleep.com/	1970-01-20 04:52:09	Name: _hjSession_1489924 Value: eyJpZCI6IjNlMWUzMDg0LTM0NjYtNGUyOC1hOWYxLTAzZDFhYzNhZWI1MCIsImNyZWF0ZWQiOjE2NTkxMjc0ODA5NDIsImluU2FtcGxlIjp0cnVlfQ==
www.workstepssleep.com/	1970-01-20 04:52:07	Name: _hjIncludedInPageviewSample Value: 1
.workstepssleep.com/	1970-01-20 04:52:09	Name: _hjAbsoluteSessionInProgress Value: 0
.doubleclick.net/	1970-01-20 04:52:08	Name: test_cookie Value: CheckForPermission
.workstepssleep.com/	1970-01-20 13:37:43	Name: _ym_uid Value: 1659127481640283749
.workstepssleep.com/	1970-01-20 13:37:43	Name: _ym_d Value: 1659127481
.workstepssleep.com/	1970-01-20 07:01:43	Name: _fbp Value: fb.1.1659127481160.582313363
.mc.yandex.com/	1970-01-20 04:52:08	Name: sync_cookie_csrf Value: 2609025163fake
.workstepssleep.com/	1970-01-20 04:53:19	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 04:52:08	Name: sync_cookie_csrf Value: 3640174489fake
.yandex.com/	1970-01-20 13:37:43	Name: yandexuid Value: 805512491659127481
.yandex.com/	1970-01-20 13:37:43	Name: yuidss Value: 805512491659127481
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 24038361659127481
.yandex.com/	1970-01-23 20:28:07	Name: i Value: 7l7Wo3xUc2J/ETOiePKWxZl53eY3HZbFffinFLdeFt5WedYHmFLkJSmnM8tmyuD4LlKnjWMWSoimAnukMC2FyCFMidk=
.yandex.com/	1970-01-20 13:37:43	Name: ymex Value: 1690663481.yrts.1659127481#1690663481.yrtsi.1659127481
www.clarity.ms/	1970-01-20 13:37:43	Name: CLID Value: 3f47c4aad81349ee9eec5107caec3b6b.20220729.20230729
.workstepssleep.com/	1970-01-20 04:52:09	Name: _ym_visorc Value: w
.workstepssleep.com/	1970-01-20 13:37:43	Name: _clck Value: 119gywv\|1\|f3k\|0
.c.bing.com/	1970-01-20 14:13:43	Name: SRM_B Value: 0B9E0D845E6E63F61EDF1C745F0562D5
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 14:13:43	Name: MUID Value: 0B9E0D845E6E63F61EDF1C745F0562D5
.c.clarity.ms/	1970-01-20 04:52:08	Name: ANONCHK Value: 0
.workstepssleep.com/	1970-01-20 04:53:33	Name: _clsk Value: 1dydv0f\|1659127482117\|1\|1\|d.clarity.ms/collect
.pardot.com/	1970-01-23 20:28:07	Name: visitor_id738103 Value: 1350307858
.pardot.com/	1970-01-23 20:28:07	Name: visitor_id738103-hash Value: 8dbf8e0d46bf8e9bb52d97305a378333c3a48e948d6ea73ec4824bf08c6b626db259d292e4f3f7e65fb51deb2069d04065653a16
pi.pardot.com/	1970-01-20 04:52:09	Name: lpv738103 Value: aHR0cHM6Ly93d3cud29ya3N0ZXBzc2xlZXAuY29tLw%3D%3D
www.workstepssleep.com/	1970-01-23 20:28:07	Name: visitor_id738103 Value: 1350307858
www.workstepssleep.com/	1970-01-23 20:28:07	Name: visitor_id738103-hash Value: 8dbf8e0d46bf8e9bb52d97305a378333c3a48e948d6ea73ec4824bf08c6b626db259d292e4f3f7e65fb51deb2069d04065653a16

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9714.72rCy7MPNatArr5xikfhrb7DoRHKl9loz2MeFMYJulaEntgqxH6FGBTMDEUbvrBtbYKLvflwIYUn5s4ujHs1tw%2C%2C.FOtmrxDebCKdy_rBnYRswfMEjlA%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://www.workstepssleep.com/null Message: Failed to load resource: the server responded with a status of 405 ()
network	error	URL: https://www.workstepssleep.com/null Message: Failed to load resource: the server responded with a status of 405 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
d.clarity.ms
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
global-uploads.webflow.com
googleads.g.doubleclick.net
in.hotjar.com
mc.yandex.com
mc.yandex.ru
pi.pardot.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.workstepssleep.com
142.250.185.194
18.66.139.84
18.66.97.49
20.234.93.27
2001:4860:4802:34::36
2620:1ec:27::cafe:1375
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:813::200a
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c1b::9c
2a00:1450:4014:80e::2004
2a00:1450:4014:80f::2003
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
34.251.201.224
40.76.174.66
52.222.232.99
52.222.236.13
52.222.236.74
52.51.216.125
52.54.96.194
001fb2e77ab9e28d512dd1d71a5000054a8b1c33af8960dd595b7b8e0a8f73ea
0f041697b282dae297547fc755f50f39f4f3ce9b56ee9eb088cbf08f2f8419a6
1b180241b262c5bd3dc07342b4bff2d11660801a558354699513cbc52cb79280
1f132510bc7b665bbe5fb9227b0d2daafa5513296a72f88f88d38179eded9277
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
332d7a42bee3156d7d453d8bc21127a45c737c248678eff6347a2a93a40672a2
38a5b436a9e4f740073a985ddaec0bf5a40e428b919c6e5fc669f4758fa858fc
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
459b4649a6d5d11b018c94eeb2ef2f2589aa1ed095dc8a93216d04f3ff20a961
47c88cb214afba555a7f4353fd96738c9cad87b44cf0175fbf35eac76846f234
50150c7b74487811061d3b192444b312d007ab3fc3321ccfb1a2fcf39f94f198
50c85bfc46a5bb153ca9354506f41513025a84e7765108045b7e4a4141b1bd81
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59ee8cc8c6989b52b09072e19092ad4a779eb351a352c25ea5b6672ce0b26ce4
60017c10f464e4c030053fa2f9f8b6f25f75b463f9406ef4f5539789a9c15e69
62d426aa4f9781734b55b0e380a4c36bba6891bc5573f8ac254971c71361e7ce
6313a537f55d71311f7e903ee87f3a21256f622658d226c0d9fef4e2a3780c5c
642651086272483fb113dd3eb474ed9c31d0104d1ab48c644dff32b51bd2e9d3
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
6dd840095807404d43062ce2afdf5e14b5d1c9262dbd7d726372861b0cfbfedb
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7d733a839be6ab34efa106fb500fa62898422332323982f3206aa3979cb0259b
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8e04946174f0e5ac6cb9a086d1cf1c5ba78acd69e37c5af2da88deef0a993a3e
90598d4c3129cce1f185ebc67771f02510ace39160f0ba0db07860335ba4f44e
948ffb316a7caaafb40aab087d9a47d610d0fe75f3a805069b6c0f3f65c2e3d2
9535567cf78680a6df04468cdc4e2ae4bb61755f4395d6caa009eff97cecac1c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a518d969920f8ba9b097fb6df14ebb27f518d2f52d869a6c05b0885a6e66db6e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b4a76db7b8bf20c95f3a421e3b9472f9ff7bdaa8355d8722a3ca39ac7bf357f6
c65593fd2a50e479ba7db2b1b41ad7f5318c425e00a433d76b8537a31f2ac74d
c9d4bf2b35d1dd9ac94b5f8b06e69b5b8acdc0e41d372770ecfd37eca82d61ca
cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489
cca6c2dd9540ac7b8194f52ad49c3e6312705d4aa25c4cc29d68e9dbb8a3a118
cd873f7d37f5cf26addad6ac7bee44ba9f8eaff154553750130751f0f288e197
d91886641331de72ecd7d406d2d95fdb0a015108e4b61a08914f15f10e65db29
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dda961c684bb8f6a9e1d37502469bc063b1d90b4966c81ea03f07079a6036a59
dde63d13ce8b3b1a18446837e74c3c71712020ccf0d8ca54d6321d00a913f51d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfe4cb0bcd615e43c11b51b4ca7d7aa2c7f2f167a7d2b5559281fa2126f437c7
e3994dd4f97d27d9e3f022d3c3a31e0016a96049fa5dac641df910d97555bd9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0636eba071bea59aa6b9e7ce6bbb79d474c30b0b79c0ec4ea759f6f2b6382d4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9bfb04a18c8be687fadacd7f67647b65113ee8d1aabcb0f410eac21681fa7ef
fe127281e682037e8d193335ec1ef2bb4ce69afb837d6c4ed3b510128efbd106
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

www.workstepssleep.com Open in urlscan Pro 34.251.201.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

95 %HTTPS

58 %IPv6

18 Domains

28 Subdomains

26 IPs

5 Countries

1124 kBTransfer

2648 kBSize

39 Cookies

3 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.workstepssleep.com Open in urlscan Pro
34.251.201.224 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

95 %
HTTPS

58 %
IPv6

18
Domains

28
Subdomains

26
IPs

5
Countries

1124 kB
Transfer

2648 kB
Size

39
Cookies

73 HTTP transactions
0 data transactions