www.workstepssleep.com Open in urlscan Pro
2606:4700::6812:a46 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://workstepssleep.com/
Effective URL:
https://www.workstepssleep.com/
Submission: On November 02 via api (November 2nd 2024, 3:42:42 am UTC) from US — Scanned from DE

Summary HTTP 72 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 20 domains to perform 72 HTTP transactions. The main IP is 2606:4700::6812:a46, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.workstepssleep.com.
TLS certificate: Issued by WE1 on October 30th 2024. Valid for: 3 months.

This is the only time www.workstepssleep.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700::68... 2606:4700::6812:a46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	104.18.160.117 104.18.160.117	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	52.222.232.99 52.222.232.99	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	18.66.102.106 18.66.102.106	16509 (AMAZON-02) (AMAZON-02)
13	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	13.33.187.74 13.33.187.74	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
4 11	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
2	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
1 1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	20.231.53.73 20.231.53.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.54.96.194 52.54.96.194	14618 (AMAZON-AES) (AMAZON-AES)
72	23

3 2606:4700::6812:a46 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

workstepssleep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.workstepssleep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.18.160.117 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.prod.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-99.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.102.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-106.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-74.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f99.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.231.53.73 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

q.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	website-files.com cdn.prod.website-files.com — Cisco Umbrella Rank: 6168	543 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	282 KB
8	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9307	3 KB
5	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 634 q.clarity.ms — Cisco Umbrella Rank: 6903	29 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	345 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4610	74 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1177	67 KB
3	workstepssleep.com 1 redirects workstepssleep.com www.workstepssleep.com	7 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 5653	4 KB
2	bing.net bat.bing.net — Cisco Umbrella Rank: 20475	465 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	google.de www.google.de — Cisco Umbrella Rank: 11271	174 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	76 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 348	15 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4401
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412 fonts.googleapis.com — Cisco Umbrella Rank: 30	7 KB
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 89	20 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	550 B
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
72	20

	Domain	Requested by
16	cdn.prod.website-files.com	www.workstepssleep.com cdn.prod.website-files.com
13	fonts.gstatic.com	fonts.googleapis.com
8	mc.yandex.com	3 redirects www.workstepssleep.com mc.yandex.ru
4	www.googletagmanager.com	www.workstepssleep.com www.googletagmanager.com
3	q.clarity.ms	www.clarity.ms
3	mc.yandex.ru	1 redirects www.workstepssleep.com
2	pi.pardot.com	www.workstepssleep.com pi.pardot.com
2	bat.bing.net	bat.bing.com www.workstepssleep.com
2	www.facebook.com	www.workstepssleep.com
2	www.google.de	www.workstepssleep.com
2	www.clarity.ms	www.workstepssleep.com www.clarity.ms
2	connect.facebook.net	www.workstepssleep.com connect.facebook.net
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	bat.bing.com	www.googletagmanager.com bat.bing.com
2	static.hotjar.com	www.workstepssleep.com www.googletagmanager.com
2	www.workstepssleep.com	www.workstepssleep.com
1	www.googleadservices.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	www.workstepssleep.com
1	ajax.googleapis.com	www.workstepssleep.com
1	workstepssleep.com	1 redirects
72	26

This site contains links to these domains. Also see Links.

Domain
www.worksteps.com
www.google.com
www.branding.studio

Subject Issuer	Validity	Valid
www.workstepssleep.com WE1	`2024-10-30` - `2025-01-28`	3 months	crt.sh
prod.website-files.com WE1	`2024-10-21` - `2025-01-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-10-20` - `2025-04-01`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-11` - `2024-11-09`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.de WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-27` - `2025-04-25`	6 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-05` - `2025-06-04`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.workstepssleep.com/
Frame ID: 5B0C64909E6906966E5BCAB837D5AC8D
Requests: 70 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.workstepssleep.com
Frame ID: 39E51A8E72CCF96424233DDC95A13280
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 57A058D04E1CBB4E16AB2F09B52C6CB9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DOT Sleep Apnea Test at Home | WorkSTEPS Sleep

Page URL History Show full URLs

https://workstepssleep.com/ HTTP 301
https://www.workstepssleep.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

96 %
HTTPS

50 %
IPv6

20
Domains

26
Subdomains

23
IPs

5
Countries

1504 kB
Transfer

3904 kB
Size

35
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.worksteps.com/

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/WorkSTEPS/@30.215329,-97.719824,15z/data=!4m5!3m4!1s0x0:0xd9562ce9d617f228!8m2!3d30.215329!4d-97.719824
Title: 3019 Alvin Devane Blvd. Suite 115 Austin TX 78741

Search URL Search Domain Scan URL

URL: https://www.branding.studio/
Title: by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://workstepssleep.com/ HTTP 301
https://www.workstepssleep.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10540.bexnlMV9Cqp5EcGenA7_2-udQZ3YF7VuFLOcwl0SBr_i_iM-M2qAerdz81HDcJ6R.3TYIOJZEhVUmKu2QKf47KBICJAk%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10540.-Qd8j8MbnWId83fL3_zDtf2nHt_-bd22eEMnRy5pA0irIeObUIKRVMhXDif0Zclhl0x4UdqjWmO5E4_hrOfHOR_CDciM2QOWXaQwqlRymHu8pPmbAk0XUx3fVgQB3SehikdpcCc-2VocpdgkBMMFD33oyvH9ENqVVknOcrkblg4KwnFV-1LeqwEkmqmkeEwwCpwhxO2J0aGhMLCu4VCX-F6gzUefA8PFznm27fGwAac%2C.5u1L-fedRmECLsKC1atnb6_PPe8%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10540.YJvin6HfAUaYndhcjRQA7sRD8YTr7fWqdbvMQKDRlGRhI3yM6mKcrjaGK6AVInIklTAGjrmfs83Gciz_IUQX2epARIZG-B2I7xTmo-izOqxS-JEHHcRdfRKOjEI7fsgb18k3SeR3jlKQMsCz1TOYTKc3M6DW06nsrJgtiGqAXQXhp4kFXq_vwCZKrE9yVRLDL8tvOJY5db8Ru7WQoO6Epw%2C%2C.E6UNAxDUooG41LCqwh7mIoxNA8Y%2C

Request Chain 54

https://www.googleadservices.com/pagead/conversion/688446132/wcm?cc=ZZ&dn=8774368478&cl=W0tWCLvckLcZELS1o8gC&dma=1&dma_cps=syphamo&npa=1&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774368478&cl=W0tWCLvckLcZELS1o8gC&dma=1&dma_cps=syphamo

Request Chain 62

https://mc.yandex.com/watch/56719444?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5mkfsgu9w9timet0o9oco9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1491%3Acn%3A1%3Adp%3A0%3Als%3A966905010163%3Ahid%3A911755864%3Az%3A60%3Ai%3A20241102044235%3Aet%3A1730518956%3Ac%3A1%3Arn%3A307227792%3Arqn%3A1%3Au%3A1730518956856579016%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2854%3Awv%3A2%3Ads%3A54%2C103%2C360%2C3%2C831%2C0%2C%2C1900%2C0%2C%2C%2C%2C3258%3Aco%3A0%3Acpf%3A1%3Ans%3A1730518951735%3Agi%3AR0ExLjIuMTY5NzgzODM0OS4xNzMwNTE4OTU2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1730518957%3At%3ADOT%20Sleep%20Apnea%20Test%20at%20Home%20%7C%20WorkSTEPS%20Sleep&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP 302
https://mc.yandex.com/watch/56719444/1?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5mkfsgu9w9timet0o9oco9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1491%3Acn%3A1%3Adp%3A0%3Als%3A966905010163%3Ahid%3A911755864%3Az%3A60%3Ai%3A20241102044235%3Aet%3A1730518956%3Ac%3A1%3Arn%3A307227792%3Arqn%3A1%3Au%3A1730518956856579016%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2854%3Awv%3A2%3Ads%3A54%2C103%2C360%2C3%2C831%2C0%2C%2C1900%2C0%2C%2C%2C%2C3258%3Aco%3A0%3Acpf%3A1%3Ans%3A1730518951735%3Agi%3AR0ExLjIuMTY5NzgzODM0OS4xNzMwNTE4OTU2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1730518957%3At%3ADOT%20Sleep%20Apnea%20Test%20at%20Home%20%7C%20WorkSTEPS%20Sleep&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.workstepssleep.com/
Redirect Chain

https://workstepssleep.com/
https://www.workstepssleep.com/

16 KB
5 KB

518ms
361ms

Document
text/html

2606:4700::6812:a46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59a952f4affe6467b7b44da5f07d161f5d522604d57bda3b8f9edf3e9e8ee3ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 102731
cf-cache-status: DYNAMIC
cf-ray: 8dc11d7ebd10d223-FRA
content-encoding: gzip
content-type: text/html
date: Sat, 02 Nov 2024 03:42:33 GMT
last-modified: Thu, 17 Oct 2024 15:38:15 GMT
server: cloudflare
strict-transport-security: max-age=31536000
surrogate-control: max-age=2147483647
surrogate-key: www.workstepssleep.com 5d63e6792f49487250e1a27a pageId:5d75753c7a6dfa15a02606ed
vary: Accept-Encoding
x-cluster-name: eu-south-1-prod-hosting-red
x-lambda-id: f39d4492-388e-48cc-9a9b-62850bb5a7db

Redirect headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8dc11d7abd9f927d-FRA
content-type: text/html
date: Sat, 02 Nov 2024 03:42:32 GMT
location: https://www.workstepssleep.com/
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cluster-name: eu-south-1-prod-hosting-red

GET
H3 200 worksteps-sleep.webflow.120a3ebca.css
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/ 186 KB
25 KB 849ms
205ms Stylesheet
text/css 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Requested by: Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e5c04ccfe50e8bdf52e98327a2f11e57aaf6c20c714c37ee34dca8fc59d0b3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "c16989313f6c43aa083d8a9e68d5cb21"
x-amz-version-id: h0TchHN_cb68SrkWstL21O_5KzclHNpn
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:33 GMT
content-type: text/css
last-modified: Mon, 16 Sep 2024 17:16:46 GMT
vary: Accept-Encoding
x-amz-id-2: patyApFJr0gWEhpqBQDhDOvE1c/v6pVuXge9JlMxUk/RKDRtASycMZ/9jIe90a5+lezaF0hBcJcP1zHLqEgIPQ==
cache-control: public, max-age=31536000, immutable
x-amz-request-id: 4VCGZGZXXZBGHH2B
cf-ray: 8dc11d856acc4d70-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24702
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 384ms
44ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: gzip
age: 3088
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sun, 02 Nov 2025 02:51:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 02:51:05 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5437
x-xss-protection: 0
server: sffe

GET
H2 200 email-decode.min.js Show response
www.workstepssleep.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 47ms
46ms Script
application/javascript 2606:4700::6812:a46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workstepssleep.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"671bcbe9-4d7"
x-content-type-options: nosniff
cf-ray: 8dc11d816fa3d223-FRA
expires: Mon, 04 Nov 2024 03:42:33 GMT
date: Sat, 02 Nov 2024 03:42:33 GMT
content-type: application/javascript
last-modified: Fri, 25 Oct 2024 16:48:41 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
30 KB 698ms
54ms Script
application/javascript 52.222.232.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=5d63e6792f49487250e1a27a
Requested by: Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-99.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://www.workstepssleep.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age: 83591
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: YkJpxhVVnU0pJIMfWLpLDbeTw4KpoQ9CaucQzORKsq1-aW2AbHPh7A==
date: Fri, 01 Nov 2024 04:29:23 GMT
content-type: application/javascript
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
vary: Accept-Encoding
cache-control: max-age=84600, must-revalidate
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P4
server: AmazonS3

GET
H3 200 webflow.25c1bd0df.js Show response
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/js/ 985 KB
272 KB 929ms
285ms Script
text/javascript 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/js/webflow.25c1bd0df.js
Requested by: Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99ad2a58cb5e749516fac60990d3f9ba0622819e5ffeda7b537bb0b445d31a7f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "4e9af5000a63b94deb742ab2f961df70"
x-amz-version-id: igxiVaMxmXqtj1Xl03WZrLm7RfmAfoRS
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: text/javascript
last-modified: Mon, 16 Sep 2024 17:16:46 GMT
vary: Accept-Encoding
x-amz-id-2: 0pbq2NRvndNBWau3Eg85QtmO4OmiQsvJX+xCwxQ7RmmOU30UMeFTvZuM4fT7nq8z7+g5g/co8dM=
cache-control: public, max-age=31536000, immutable
x-amz-request-id: 4VCV55ZTBZQVE481
cf-ray: 8dc11d856acd4d70-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 277659
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 css
fonts.googleapis.com/ 21 KB
2 KB 599ms
33ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6549f5bc96ed2db09b6df2e6b9d3247f936c4b40773158b712ef03bf9c3d9ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 02 Nov 2024 03:42:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 02 Nov 2024 03:42:34 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 353 KB
120 KB 398ms
69ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca1f4c410f6c5b63eac7011e466e6bb97062b2e0bf4ae6660689c26ad3b5b5ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 02 Nov 2024 03:42:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 02 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 122319
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 hotjar-1489924.js Show response
static.hotjar.com/c/ 13 KB
5 KB 648ms
82ms Script
application/javascript 18.66.102.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1489924.js?sv=6

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-106.fra56.r.cloudfront.net

Software

Resource Hash

d94078b4832d21c030df577288d95e21547003a2066a486ae82f793d38243447

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/fbf84f1ad7e22eb1068eb9f24d8d5099
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: npUwI3McpclHjKM2sS40yH1Ke1pMZG-mxCDa23n78HldVIkLEcPX2Q==
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H3 200 5d6dbbfa141661aa27e80c01_worksteps%20logo.svg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 13 KB
5 KB 326ms
325ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d6dbbfa141661aa27e80c01_worksteps%20logo.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe127281e682037e8d193335ec1ef2bb4ce69afb837d6c4ed3b510128efbd106

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cache-control: max-age=31536000, must-revalidate
content-encoding: br
cf-cache-status: EXPIRED
x-amz-version-id: B9B306LMCQZYC9WN4UAmihw3VhN6ktYl
etag: W/"58c580bdd7e6e0932ce390008fbeebce"
x-amz-request-id: FVDQGF2AY5XYWKZA
cf-ray: 8dc11d884bd84d70-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: image/svg+xml
last-modified: Tue, 03 Sep 2019 01:03:55 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: vA86we4LY/5bBwdCL9UNHgoe4cwQFQsUSHeyavsaNSMsbzEMgq243a3pZGkqpJRhlrTNr2DoMnggxcgccQAli6SqwrQUk+JZnGjNWkPijrw=

GET
H3 200 5d6dd1c5b8496eeecc9a2266_flag.jpg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 5 KB
5 KB 216ms
215ms Image
image/jpeg 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d6dd1c5b8496eeecc9a2266_flag.jpg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50150c7b74487811061d3b192444b312d007ab3fc3321ccfb1a2fcf39f94f198

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cf-cache-status: EXPIRED
etag: "fbceec9cd6bc58177059ae05591c418d"
x-amz-version-id: p_0K.SxN2_NcX0rLYG31lgrAQpdYBpPr
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: image/jpeg
last-modified: Tue, 03 Sep 2019 02:36:54 GMT
vary: Accept-Encoding
x-amz-id-2: NxkHep7CxfTEClKY1dniv79qbDnwFXIduUY8hAxx5b2ikUTQgu4qJyWhKjL6L+2AyvL8s7HRoaJDAYaxXoPgxg==
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: FVDMQ8HXJ23X717K
cf-ray: 8dc11d884bd94d70-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4730
server: cloudflare

GET
H3 200 5d6dd2397155881cab14a5b3_proud-icon.svg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 25 KB
9 KB 232ms
230ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d6dd2397155881cab14a5b3_proud-icon.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a518d969920f8ba9b097fb6df14ebb27f518d2f52d869a6c05b0885a6e66db6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cache-control: max-age=31536000, must-revalidate
content-encoding: br
cf-cache-status: EXPIRED
x-amz-version-id: oEgrTu8NzxTOZhYrfFGKp.DmANrXe6RI
etag: W/"2674431e639fab28e514b53817408a40"
x-amz-request-id: FVDQJV1X3667WYBJ
cf-ray: 8dc11d884bda4d70-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: image/svg+xml
last-modified: Tue, 03 Sep 2019 02:38:50 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: 6bGXWFstpDFvli/ORr6SoCNRW5nicefZg7JOP0Pp6/lNJDVG/kxYnj4DlhuJzoMLLEwBS3ZJvA1mtbEAJVnRLQ==

GET
H3 200 5d7450c334bd3610f2e2c8cf_icon-phone.svg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 2 KB
2 KB 217ms
216ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d7450c334bd3610f2e2c8cf_icon-phone.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4a76db7b8bf20c95f3a421e3b9472f9ff7bdaa8355d8722a3ca39ac7bf357f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cache-control: max-age=31536000, must-revalidate
content-encoding: br
cf-cache-status: EXPIRED
x-amz-version-id: IhG8DvwacyOKWEJyepVWjCKhgOC7Vos3
etag: W/"d546f8e711944321bc10f27251952802"
x-amz-request-id: FVDQZ103C99X1HVG
cf-ray: 8dc11d886bdf4d70-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: image/svg+xml
last-modified: Sun, 08 Sep 2019 00:52:21 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: 4sVyZSCtnqeCX8QHHkyD2/e3DgGAzVlZyKQu+jjAkGdvdVq8k2qnDDcKNWiis31g1IO+QrTuSI0eo1IEkAOwxdOUkFDIbM7b

GET
H3 200 5da63465bb438c92603205b4_icon-home--black.svg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 1 KB
872 B 309ms
308ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5da63465bb438c92603205b4_icon-home--black.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91886641331de72ecd7d406d2d95fdb0a015108e4b61a08914f15f10e65db29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cache-control: max-age=31536000, must-revalidate
content-encoding: br
cf-cache-status: EXPIRED
x-amz-version-id: MEYBxa3kMIUGWZJHSqtjyL3jO24iJDXe
etag: W/"1569198c4480759d98a6f98edac92eba"
x-amz-request-id: FVDR1PNE5KD4RXJ6
cf-ray: 8dc11d886be04d70-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2019 21:04:39 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: diodu7zy+PJsZOT5tAWGeZkzrRs2jcOaluxDtgXAi4OKOf7e5LqHax/FWiiDGUeb9DjKT8iABtUWViNa6F0k57GpbK6FLdSW0ReJ0Drw+W4=

GET
H3 200 5d8110363510c9333505fbd3_image--hero--home.jpg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 88 KB
88 KB 513ms
511ms Image
image/jpeg 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d8110363510c9333505fbd3_image--hero--home.jpg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f041697b282dae297547fc755f50f39f4f3ce9b56ee9eb088cbf08f2f8419a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cf-cache-status: EXPIRED
etag: "2c4c486b419f7d95ccf1e587aa9ae597"
x-amz-version-id: 9KWrwIQFoPZiY5HLmSkRn.o2yPxUZWZZ
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: image/jpeg
last-modified: Tue, 17 Sep 2019 16:56:23 GMT
vary: Accept-Encoding
x-amz-id-2: 52uqw+mz74YS+ogk2lMtHwMlp6sYN8zvMEUIzo65Mb5nKXAlg8srqLbShaWdiGt8Oe7MDy3+abf6asOQ7VzPGDa1WkzgMRxF
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: FVDR292M58W2QASH
cf-ray: 8dc11d886be14d70-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 89914
server: cloudflare

GET
H3 200 5d6f06f900df071a6c44fa6d_fda-approved-icon.svg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 14 KB
5 KB 161ms
160ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d6f06f900df071a6c44fa6d_fda-approved-icon.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe4cb0bcd615e43c11b51b4ca7d7aa2c7f2f167a7d2b5559281fa2126f437c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cache-control: max-age=31536000, must-revalidate
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: o2ih.Zboou4ef06phBzBnmy0w456KTS3
etag: W/"d76fa95898b0c0d996e8ed0730276c85"
x-amz-request-id: EDJP845BX3BTB98G
cf-ray: 8dc11d886be34d70-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: image/svg+xml
last-modified: Wed, 04 Sep 2019 00:36:10 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: XK19MdPgjbAwUU7mZh0jTHz3l951uVoM49R6ySzeoiwBxjhSPmRE49o9S1MiTOPqIB2FXPxC1/0=

GET
H3 200 5ddd890f167ced3d3a613e0a_dot-compliant--logo.svg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 13 KB
5 KB 210ms
209ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5ddd890f167ced3d3a613e0a_dot-compliant--logo.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9535567cf78680a6df04468cdc4e2ae4bb61755f4395d6caa009eff97cecac1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cache-control: max-age=31536000, must-revalidate
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: I_c.pcGQPOrqYl0RyBtzD8gUjwrkGfm7
etag: W/"6866e3d8e1b7ad5f8dc4cd10c2500f4e"
x-amz-request-id: 7DNGB32KZTFK65TT
cf-ray: 8dc11d886be44d70-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: image/svg+xml
last-modified: Tue, 26 Nov 2019 20:20:33 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: BN6Wxe5kzwuKMvpDUVyGMTCWTpS5wlkbOWPLtfLItyg9xdF7hjSF5dAXog5sdomemJIjUL0D+WE=

GET
H3 200 5d77bc6b9fadddea5f291932_st-christopher-logo.png
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 39 KB
39 KB 228ms
227ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d77bc6b9fadddea5f291932_st-christopher-logo.png
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38a5b436a9e4f740073a985ddaec0bf5a40e428b919c6e5fc669f4758fa858fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cf-cache-status: EXPIRED
etag: "4bea9656c651340df2605694dd1843b7"
x-amz-version-id: GPlRLg8KW9giyQqXDnPngdr9v5U1MJvP
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: image/png
last-modified: Tue, 10 Sep 2019 15:08:28 GMT
vary: Accept-Encoding
x-amz-id-2: Uq1wjct2T1JwL3AVGKldVH8X7CSELHX95La32NRaflYd5u/4aO+yUntJOq72aYg35yUlHUNWD14SAsu9PhG04M3aYvn1Pz9tEd9yIvcEmp4=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: FVDRCQYTFNPPHE09
cf-ray: 8dc11d886be54d70-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39688
server: cloudflare

GET
H3 200 5d6f089b2fd62f7efb20d352_itamar-logo.png
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 16 KB
17 KB 293ms
290ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d6f089b2fd62f7efb20d352_itamar-logo.png
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e04946174f0e5ac6cb9a086d1cf1c5ba78acd69e37c5af2da88deef0a993a3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cf-cache-status: EXPIRED
etag: "32dd8bc05b77cab8c89de6e8b1fa427d"
x-amz-version-id: Oz75TodVNulyGel8CkFxnVZ5CxFDYd5N
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: image/png
last-modified: Wed, 04 Sep 2019 00:43:09 GMT
vary: Accept-Encoding
x-amz-id-2: vYDF4l9JRx9Oj3/JceFr30HSktcLm//XnDn94Avwyh2EWnq/bIhHtm0/n/Xfj7OI5856a51BcfqlFeo7+WNjhQ==
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: FVDW854M5FBKEGBH
cf-ray: 8dc11d886be64d70-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16596
server: cloudflare

GET
H3 200 5d642223346aae6ee37d046e_link-arrow--blue.svg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 592 B
741 B 175ms
172ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d642223346aae6ee37d046e_link-arrow--blue.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 948ffb316a7caaafb40aab087d9a47d610d0fe75f3a805069b6c0f3f65c2e3d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cache-control: max-age=31536000, must-revalidate
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: bOEoeviLhstjR35Xe4en.pGHUsyBoFbR
etag: W/"fe0dc0be171153665259db5d146bfcc4"
x-amz-request-id: 7DNYAZM6BGTDDNQS
cf-ray: 8dc11d886be74d70-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Aug 2019 18:17:08 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: /fkbldcU7eIsqOx6UzpIRGZjk27Hvlv8O1mSgZexg3yVNkrmgXr4AnxEAEIQhJ/j3g7T2gjb5sWxvUN1Vh9SVFXWmvCWC99Y

GET
H3 200 5d706f219b8d7b049889af48_image-banner--sleep-apnea.jpg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 64 KB
64 KB 325ms
322ms Image
image/jpeg 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d706f219b8d7b049889af48_image-banner--sleep-apnea.jpg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62d426aa4f9781734b55b0e380a4c36bba6891bc5573f8ac254971c71361e7ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cf-cache-status: EXPIRED
etag: "e9c863fde1a136b472acc9cdfa2fb598"
x-amz-version-id: q4ikXdOCoCqh19gTAUwLgaOm994HMhJS
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: image/jpeg
last-modified: Thu, 05 Sep 2019 02:12:50 GMT
vary: Accept-Encoding
x-amz-id-2: 6qx/TuqW88lCLIcRYs0Hoa6l1mPjdj0UjYmf4iNH5z79f1EzDgjcBYVffZIHIl/fZ6ze8iy/unj4Irk3YjzrAvlUwGe+IsMf
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: FVDS7YGPWPCDS2VH
cf-ray: 8dc11d886be84d70-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 65522
server: cloudflare

GET
H3 200 5d640349afd53f3d241fa0b2_WorkSTEPS-logo.svg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 13 KB
5 KB 307ms
304ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d640349afd53f3d241fa0b2_WorkSTEPS-logo.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c65593fd2a50e479ba7db2b1b41ad7f5318c425e00a433d76b8537a31f2ac74d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cache-control: max-age=31536000, must-revalidate
content-encoding: br
cf-cache-status: EXPIRED
x-amz-version-id: k5LwZov1_ujlXXFAjHJ_qdb6UrSyacqf
etag: W/"375c8b677e718aaabfab344ff8f1d808"
x-amz-request-id: FVDP5YW6BAFXH2WX
cf-ray: 8dc11d886be94d70-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:34 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Aug 2019 16:05:31 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: v+raM3ReYzeucJmAM5AlQAC0gJhRWLxiT/bFJ7aTUNPzIGhtSBUfwV9Tv4acso/wT2Yr3XrTJeM=

GET
H3 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 195ms
79ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 217348
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:20:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:20:07 GMT
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21724
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 192ms
77ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 217352
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:20:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:20:03 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 191ms
76ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 365414
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 28 Oct 2025 22:12:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 22:12:21 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
20 KB 246ms
132ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 216477
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:34:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:34:38 GMT
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20960
x-xss-protection: 0
server: sffe

GET
H3 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 244ms
130ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 215834
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:45:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:45:21 GMT
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21796
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 243ms
145ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 333815
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 06:59:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 06:59:00 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v32/ 20 KB
20 KB 263ms
165ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 217301
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:20:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:20:54 GMT
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20144
x-xss-protection: 0
server: sffe

GET
H2 200 modules.625495a901d247c3e8d4.js Show response
script.hotjar.com/ 221 KB
55 KB 321ms
64ms Script
application/javascript 13.33.187.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.625495a901d247c3e8d4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1489924.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-74.fra60.r.cloudfront.net

Software

Resource Hash

c0d57eff0936a57e0c8d6bc93314585c734e5ade88d6de970e1e305ae5d87224

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "862c1be6e71cd836a43ce679991261fd"
age: 387569
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: CSffT0plcFoHj591m3Acs6RghO7A7GPg4J2cH3xKwI5KXVf15AO0AA==
date: Mon, 28 Oct 2024 16:03:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Oct 2024 16:02:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 840e16b680c94fee8c48b15e01dda782.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56056
x-amz-cf-pop: FRA60-P9

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 159ms
157ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 360333
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 28 Oct 2025 23:37:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 23:37:02 GMT
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18492
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 158ms
156ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 217337
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:20:18 GMT
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18436
x-xss-protection: 0
server: sffe

GET
H3 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 160ms
158ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 216939
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:26:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:26:56 GMT
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21144
x-xss-protection: 0
server: sffe

GET
H3 200 7cHqv4kjgoGqM7E3q-0s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 22 KB
22 KB 163ms
160ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3q-0s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

1f132510bc7b665bbe5fb9227b0d2daafa5513296a72f88f88d38179eded9277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 216492
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:34:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:34:23 GMT
last-modified: Tue, 19 Apr 2022 19:05:17 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22052
x-xss-protection: 0
server: sffe

GET
H3 200 7cHqv4kjgoGqM7E3j-ws51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 163ms
161ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3j-ws51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

f9bfb04a18c8be687fadacd7f67647b65113ee8d1aabcb0f410eac21681fa7ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 528626
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 27 Oct 2025 00:52:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 00:52:09 GMT
last-modified: Tue, 19 Apr 2022 18:56:36 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21416
x-xss-protection: 0
server: sffe

GET
H3 200 7cHsv4kjgoGqM7E_CfPI42ouvTo.woff2
fonts.gstatic.com/s/barlow/v12/ 23 KB
23 KB 164ms
162ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHsv4kjgoGqM7E_CfPI42ouvTo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

cca6c2dd9540ac7b8194f52ad49c3e6312705d4aa25c4cc29d68e9dbb8a3a118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 215892
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:44:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:44:23 GMT
last-modified: Tue, 19 Apr 2022 19:28:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23424
x-xss-protection: 0
server: sffe

POST
H3 200 collect
www.google.com/ccm/ 0
0 294ms
97ms Ping
text/plain 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.workstepssleep.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1049079892.1730518955&auid=1614479848.1730518955&npa=1&gtm=45He4au0v9130100097za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&tft=1730518955156&tfd=3421&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 395 KB
128 KB 80ms
80ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4QSKSP7FMR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa8d4d181a85e7d22544811d64dc89f5b260a81e228eba967ca9d0e0e0cf099a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 02 Nov 2024 03:42:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 03:42:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 130961
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 1115ms
197ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 050F6B37D15E40F8829D9D407FE8349B Ref B: FRA31EDGE0415 Ref C: 2024-11-02T03:42:36Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Sat, 02 Nov 2024 03:42:35 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 hotjar-1626859.js Show response
static.hotjar.com/c/ 15 KB
6 KB 80ms
79ms Script
application/javascript 18.66.102.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1626859.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-106.fra56.r.cloudfront.net

Software

Resource Hash

788cb0ab279a32fb51a70f4e8f8b2bd8d9e5a8f396968c11e35b99b636c11bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/a3c47fe040f9e3a72d57325e5cf7ca0b
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: e_YFt-h01phBI82IRpgLY_SrG2BKmEjbtG6g426YGJKhiMGtA1tuDg==
date: Sat, 02 Nov 2024 03:42:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 297ms
18ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: gzip
age: 746
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sat, 02 Nov 2024 05:30:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 03:30:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 282 KB
97 KB 73ms
71ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-688446132&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37085ff922b92b0bfc55cdb031ef07fd14a1049d780ff04532e1825d74356e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 02 Nov 2024 03:42:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 03:42:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 02 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98899
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 loader.js Show response
www.gstatic.com/wcm/ 6 KB
2 KB 191ms
64ms Script
text/javascript 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: br
age: 1196
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Sat, 02 Nov 2024 04:22:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 03:22:39 GMT
last-modified: Wed, 20 Mar 2024 23:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 2133
x-xss-protection: 0
server: sffe

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 209 KB
73 KB 457ms
167ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d041f0987d7ae7195f81d637cf8f18ae42ead4b2ca2aa4c61cfdf447257cb554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
etag: "6724ff83-11ef7"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Sat, 02 Nov 2024 04:42:35 GMT
access-control-allow-origin: *
content-length: 73463
date: Sat, 02 Nov 2024 03:42:35 GMT
content-type: application/javascript
last-modified: Fri, 01 Nov 2024 16:19:15 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 261ms
97ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-lEaGmmiI' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:35 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-lEaGmmiI' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=23, mss=1232, tbw=4464, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 5uI0O+xido/HcQE0/ajCz8dnGob7hpjwl46XiCOAdxZ7LVC/fjtCHxm4Del44FWvBoAXQCsoVmMjua41KzG9Iw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer: 0
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 jbnb7sg15a Show response
www.clarity.ms/tag/ 604 B
859 B 1053ms
230ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jbnb7sg15a?ref=gtm2
Requested by: Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7136b2d4b6c6578e70142f3e0655e6962b22a42bb17a02d7d102905e425d9410

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 604
date: Sat, 02 Nov 2024 03:42:36 GMT
content-type: application/x-javascript
x-azure-ref: 20241102T034236Z-r1687d95c99wsdhverfvh6hygc000000075000000000drps

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 39E5 0
0 726ms
80ms Document
text/html 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.workstepssleep.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Nov 2024 03:42:35 GMT
expires: Sun, 02 Nov 2025 03:42:35 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 call-tracking_9.js Show response
www.gstatic.com/call-tracking/ 62 KB
20 KB 56ms
56ms Script
text/javascript 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_9.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: br
age: 216881
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:27:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:27:54 GMT
last-modified: Mon, 22 Jan 2024 22:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
accept-ranges: bytes
content-length: 20777
x-xss-protection: 0
server: sffe

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 663ms
195ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4QSKSP7FMR&gtm=45je4au0v885017063z89130100097za200zb9130100097&_p=1730518954059&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=1697838349.1730518956&ul=de-de&sr=1600x1200&_ng=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730518955&sct=1&seg=0&dl=https%3A%2F%2Fwww.workstepssleep.com%2F&dt=DOT%20Sleep%20Apnea%20Test%20at%20Home%20%7C%20WorkSTEPS%20Sleep&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3877
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4QSKSP7FMR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.workstepssleep.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 03:42:36 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
550 B 655ms
187ms Ping
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-4QSKSP7FMR&cid=1697838349.1730518956&gtm=45je4au0v885017063z89130100097za200zb9130100097&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4QSKSP7FMR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.workstepssleep.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 03:42:36 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 662ms
202ms Image
image/gif 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-4QSKSP7FMR&cid=1697838349.1730518956&gtm=45je4au0v885017063z89130100097za200zb9130100097&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&tag_exp=101823848~101878899~101878944~101925629&z=279391540

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 02 Nov 2024 03:42:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
426 B 51ms
50ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1055006668&t=pageview&_s=1&dl=https%3A%2F%2Fwww.workstepssleep.com%2F&ul=de-de&de=UTF-8&dt=DOT%20Sleep%20Apnea%20Test%20at%20Home%20%7C%20WorkSTEPS%20Sleep&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2008329473&gjid=835504881&cid=1697838349.1730518956&tid=UA-38843168-2&_gid=1178892487.1730518956&_r=1&_slc=1&gtm=45He4au0n81NKVBWTNv9130100097za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&npa=1&z=384645423

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.workstepssleep.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 03:42:35 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.workstepssleep.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H3 200 695077184371748 Show response
connect.facebook.net/signals/config/ 74 KB
15 KB 435ms
434ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/695077184371748?v=2.9.176&r=stable&domain=www.workstepssleep.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

99eb54dc3dd5061d84e71cc765a5028b482aa5af22e536e81ee2f8dea85b3461

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-5lzLRLMC' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:36 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-5lzLRLMC' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=70, mss=1232, tbw=70288, tp=65, tpl=0, uplat=361, ullat=0
pragma: public
x-fb-debug: GtJSaH+lIm+B1/MiitBboKp/a7d0OUmKRssKAaChJdGMYx53DJWKgoD3mNTcyiWxzbff63CnVmsV5xxTeN0RLg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10540.bexnlMV9Cqp5EcGenA7_2-udQZ3YF7VuFLOcwl0SBr_i_iM-M2qAerdz81HDcJ6R.3TYIOJZEhVUmKu2QKf47KBICJAk%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10540.-Qd8j8MbnWId83fL3_zDtf2nHt_-bd22eEMnRy5pA0irIeObUIKRVMhXDif0Zclhl0x4UdqjWmO5E4_hrOfHOR_CDciM2QOWXaQwqlRymHu8pPmbAk0XUx3fVgQB3SehikdpcCc-2V...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10540.YJvin6HfAUaYndhcjRQA7sRD8YTr7fWqdbvMQKDRlGRhI3yM6mKcrjaGK6AVInIklTAGjrmfs83Gciz_IUQX2epARIZG-B2I7xTmo-izOqxS-...

43 B
583 B

116ms
83ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10540.YJvin6HfAUaYndhcjRQA7sRD8YTr7fWqdbvMQKDRlGRhI3yM6mKcrjaGK6AVInIklTAGjrmfs83Gciz_IUQX2epARIZG-B2I7xTmo-izOqxS-JEHHcRdfRKOjEI7fsgb18k3SeR3jlKQMsCz1TOYTKc3M6DW06nsrJgtiGqAXQXhp4kFXq_vwCZKrE9yVRLDL8tvOJY5db8Ru7WQoO6Epw%2C%2C.E6UNAxDUooG41LCqwh7mIoxNA8Y%2C

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
date: Sat, 02 Nov 2024 03:42:36 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000
location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10540.YJvin6HfAUaYndhcjRQA7sRD8YTr7fWqdbvMQKDRlGRhI3yM6mKcrjaGK6AVInIklTAGjrmfs83Gciz_IUQX2epARIZG-B2I7xTmo-izOqxS-JEHHcRdfRKOjEI7fsgb18k3SeR3jlKQMsCz1TOYTKc3M6DW06nsrJgtiGqAXQXhp4kFXq_vwCZKrE9yVRLDL8tvOJY5db8Ru7WQoO6Epw%2C%2C.E6UNAxDUooG41LCqwh7mIoxNA8Y%2C
x-xss-protection: 1; mode=block
date: Sat, 02 Nov 2024 03:42:36 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
456 B 173ms
169ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6724ff83-2b"
expires: Sat, 02 Nov 2024 04:42:35 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Sat, 02 Nov 2024 03:42:35 GMT
content-type: image/gif
last-modified: Fri, 01 Nov 2024 16:19:15 GMT

GET
H3

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/688446132/wcm?cc=ZZ&dn=8774368478&cl=W0tWCLvckLcZELS1o8gC&dma=1&dma_cps=syphamo&npa=1&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774368478&cl=W0tWCLvckLcZELS1o8gC&dma=1&dma_cps=syphamo

80 B
111 B

79ms
78ms

XHR
application/json

172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774368478&cl=W0tWCLvckLcZELS1o8gC&dma=1&dma_cps=syphamo

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: private
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 87
date: Sat, 02 Nov 2024 03:42:36 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

Redirect headers

location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774368478&cl=W0tWCLvckLcZELS1o8gC&dma=1&dma_cps=syphamo
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.workstepssleep.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 02 Nov 2024 03:42:36 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 245ms
65ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=695077184371748&ev=PageView&dl=https%3A%2F%2Fwww.workstepssleep.com&rl=&if=false&ts=1730518956164&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmgoogletagmanager&ec=0&o=12316&fbp=fb.1.1730518956149.612266290536280861&pm=1&hrl=9dff7d&ler=empty&cdl=API_unavailable&it=1730518955639&coo=false&cs_cc=1&cas=3181502665226305&rqm=GET

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1297, tbw=2941, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 02 Nov 2024 03:42:36 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 520ms
340ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=695077184371748&ev=PageView&dl=https%3A%2F%2Fwww.workstepssleep.com&rl=&if=false&ts=1730518956164&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmgoogletagmanager&ec=0&o=12316&fbp=fb.1.1730518956149.612266290536280861&pm=1&hrl=9dff7d&ler=empty&cdl=API_unavailable&it=1730518955639&coo=false&cs_cc=1&cas=3181502665226305&rqm=FGET

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432522322090100003"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:36 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: Rmtb7rMV0QmhT4joAVz3wQYQmpHNG3wdtvyPuJmrL2BKNgD09DyrzqqlR0anS8gJTjiShvVqA6jz8eVnk4x36Q==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432522322090100003", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=12, mss=1297, tbw=3259, tp=-1, tpl=-1, uplat=280, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame 57A0 0
0 349ms
81ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.workstepssleep.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1435
content-type: text/html
date: Sat, 02 Nov 2024 03:42:36 GMT
etag: "6724ff83-59b"
expires: Sat, 02 Nov 2024 04:42:36 GMT
last-modified: Fri, 01 Nov 2024 16:19:15 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.49/ 64 KB
27 KB 106ms
104ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.49/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jbnb7sg15a?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

x-azure-ref: 20241102T034236Z-r1687d95c99wsdhverfvh6hygc000000075000000000drqu
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: 31d87e8a-401e-0078-04a5-288d23000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 02 Nov 2024 03:42:36 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 01:20:43 GMT

GET
H2 200 56087623.js Show response
bat.bing.com/p/action/ 362 B
425 B 82ms
81ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56087623.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

28168751a3267ac9c5f88003ac159fc70033e01cd6667833e52a4ef19e0f5b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 64EB1CB95DBB4A2B89CB226D92FB60EB Ref B: FRA31EDGE0415 Ref C: 2024-11-02T03:42:36Z
x-cache: CONFIG_NOCACHE
date: Sat, 02 Nov 2024 03:42:35 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

POST
H2 204 0
bat.bing.net/actionp/ 0
120 B 458ms
92ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=56087623&tm=gtm002&Ver=2&mid=2fee7630-b18c-4178-800b-d50e26f599be&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EA7573C838FB4E8DB85D272C7930ECBD Ref B: FRA31EDGE0117 Ref C: 2024-11-02T03:42:36Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sat, 02 Nov 2024 03:42:36 GMT

GET
H2 204 0
bat.bing.net/action/ 0
345 B 457ms
91ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=56087623&tm=gtm002&Ver=2&mid=2fee7630-b18c-4178-800b-d50e26f599be&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=DOT%20Sleep%20Apnea%20Test%20at%20Home%20%7C%20WorkSTEPS%20Sleep&p=https%3A%2F%2Fwww.workstepssleep.com%2F&r=&lt=3258&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=271389
Requested by: Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8F0BD691107C4BA3A570BD3D288C40E0 Ref B: FRA31EDGE0117 Ref C: 2024-11-02T03:42:36Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sat, 02 Nov 2024 03:42:36 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/56719444/
Redirect Chain

https://mc.yandex.com/watch/56719444?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5mkfsgu9w9timet0o9oco9n%3Afu%3A0%3Aen%3Autf...
https://mc.yandex.com/watch/56719444/1?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5mkfsgu9w9timet0o9oco9n%3Afu%3A0%3Aen%3Au...

622 B
826 B

86ms
77ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/56719444/1?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5mkfsgu9w9timet0o9oco9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1491%3Acn%3A1%3Adp%3A0%3Als%3A966905010163%3Ahid%3A911755864%3Az%3A60%3Ai%3A20241102044235%3Aet%3A1730518956%3Ac%3A1%3Arn%3A307227792%3Arqn%3A1%3Au%3A1730518956856579016%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2854%3Awv%3A2%3Ads%3A54%2C103%2C360%2C3%2C831%2C0%2C%2C1900%2C0%2C%2C%2C%2C3258%3Aco%3A0%3Acpf%3A1%3Ans%3A1730518951735%3Agi%3AR0ExLjIuMTY5NzgzODM0OS4xNzMwNTE4OTU2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1730518957%3At%3ADOT%20Sleep%20Apnea%20Test%20at%20Home%20%7C%20WorkSTEPS%20Sleep&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

b57c4e21fceb55ad584a8a2a7fd12deda1d69f6cd632de0cdbcdf3536bc87555

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Sat, 02-Nov-2024 03:42:36 GMT
access-control-allow-origin: https://www.workstepssleep.com
content-length: 622
date: Sat, 02 Nov 2024 03:42:36 GMT
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
last-modified: Sat, 02-Nov-2024 03:42:36 GMT

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/56719444/1?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5mkfsgu9w9timet0o9oco9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1491%3Acn%3A1%3Adp%3A0%3Als%3A966905010163%3Ahid%3A911755864%3Az%3A60%3Ai%3A20241102044235%3Aet%3A1730518956%3Ac%3A1%3Arn%3A307227792%3Arqn%3A1%3Au%3A1730518956856579016%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2854%3Awv%3A2%3Ads%3A54%2C103%2C360%2C3%2C831%2C0%2C%2C1900%2C0%2C%2C%2C%2C3258%3Aco%3A0%3Acpf%3A1%3Ans%3A1730518951735%3Agi%3AR0ExLjIuMTY5NzgzODM0OS4xNzMwNTE4OTU2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1730518957%3At%3ADOT%20Sleep%20Apnea%20Test%20at%20Home%20%7C%20WorkSTEPS%20Sleep&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 02-Nov-2024 03:42:36 GMT
access-control-allow-origin: https://www.workstepssleep.com
x-xss-protection: 1; mode=block
date: Sat, 02 Nov 2024 03:42:36 GMT
last-modified: Sat, 02-Nov-2024 03:42:36 GMT

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
286 B 391ms
126ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://www.workstepssleep.com/

Response headers

Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin: https://www.workstepssleep.com
Date: Sat, 02 Nov 2024 03:42:37 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 453ms
150ms Script
application/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: max-age=63072000
content-encoding: gzip
etag: "15f4-gzip"
Connection: keep-alive
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
expires: Mon, 02 Nov 2026 03:42:37 GMT
accept-ranges: bytes
Content-Length: 1988
Date: Sat, 02 Nov 2024 03:42:37 GMT
Content-Type: application/javascript
last-modified: Fri, 01 Nov 2024 05:32:37 GMT
vary: Accept-Encoding,User-Agent

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
286 B 382ms
139ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://www.workstepssleep.com/

Response headers

Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin: https://www.workstepssleep.com
Date: Sat, 02 Nov 2024 03:42:37 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 5d786d14f539c2ccea89e71b_w-fav.png
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 861 B
1 KB 239ms
238ms Other
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d786d14f539c2ccea89e71b_w-fav.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c902f4ee78e5b163673e7b12219798188bfc6b55368f3b8f5d620b0feefb0273

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cf-cache-status: EXPIRED
etag: "29e2df69c282e0d5d73c7aefe9e6ca98"
x-amz-version-id: cX71ITf4S.1pQ4bfocr7_DzWmWlrskkw
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 03:42:37 GMT
content-type: image/png
last-modified: Wed, 11 Sep 2019 03:42:13 GMT
vary: Accept-Encoding
x-amz-id-2: WKSjZJ6otrOiJsF03cueCyhz9ojmOyw7H3ZkasZMXPSNCT4C486BI6melhUvf/o16iHnRygJJxiUyl9+dMIjKL9VBOaZRd95
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: MSXZMB40VHZJR8SX
cf-ray: 8dc11d98db514d70-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 861
server: cloudflare

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 259 B
1 KB 454ms
453ms Script
text/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1610&account_id=739103&title=DOT%20Sleep%20Apnea%20Test%20at%20Home%20%7C%20WorkSTEPS%20Sleep&url=https%3A%2F%2Fwww.workstepssleep.com%2F&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-96-194.compute-1.amazonaws.com

Software

Resource Hash

acbabec8c501beba92a606520da30ac66cdc2e88afa40a61cca71303c8a74959

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-pardot-rsp: 0/0/1
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
Connection: keep-alive
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 197
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date: Sat, 02 Nov 2024 03:42:37 GMT
Content-Type: text/javascript; charset=utf-8
vary: Accept-Encoding,User-Agent

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
286 B 124ms
123ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://www.workstepssleep.com/

Response headers

Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin: https://www.workstepssleep.com
Date: Sat, 02 Nov 2024 03:42:38 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 200 56719444
mc.yandex.com/webvisor/ 43 B
0 172ms
166ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/56719444?wv-part=1&wv-type=7&wmode=0&wv-hit=911755864&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&rn=580475026&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1730518959%3Aw%3A1600x1200%3Av%3A1491%3Az%3A60%3Ai%3A20241102044239%3Au%3A1730518956856579016%3Avf%3A1f7b5mkfsgu9w9timet0o9oco9n%3Ast%3A1730518959&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 02-Nov-2024 03:42:39 GMT
access-control-allow-origin: https://www.workstepssleep.com
content-length: 43
date: Sat, 02 Nov 2024 03:42:39 GMT
x-xss-protection: 1; mode=block
content-type: image/gif
last-modified: Sat, 02-Nov-2024 03:42:39 GMT

POST
H2 200 56719444
mc.yandex.com/webvisor/ 43 B
0 87ms
85ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/56719444?wv-part=1&wv-type=7&wmode=0&wv-hit=911755864&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&rn=122467349&browser-info=we%3A1%3Aet%3A1730518960%3Aw%3A1600x1200%3Av%3A1491%3Az%3A60%3Ai%3A20241102044239%3Au%3A1730518956856579016%3Avf%3A1f7b5mkfsgu9w9timet0o9oco9n%3Ast%3A1730518960&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 02-Nov-2024 03:42:39 GMT
access-control-allow-origin: https://www.workstepssleep.com
content-length: 43
x-xss-protection: 1; mode=block
date: Sat, 02 Nov 2024 03:42:39 GMT
last-modified: Sat, 02-Nov-2024 03:42:39 GMT
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.prod.website-files.com/	1970-01-21 00:42:00	Name: __cf_bm Value: _pxPAoFS5v3nqYm1YJUUbBznVubeWnEkniVLjjJ8XgU-1730518954-1.0.1.1-GWxlIvsv35yo3pxz6e84jcLzQFFC9wmo62MTk5N9Al6mCXxBrCzZl08Br_v_EeqMZP_bY7U9M1yNTiDrud2wcw
.workstepssleep.com/	1970-01-21 02:51:34	Name: _gcl_au Value: 1.1.1614479848.1730518955
.workstepssleep.com/	1970-01-21 10:17:58	Name: _ga_4QSKSP7FMR Value: GS1.1.1730518955.1.0.1730518955.60.0.0
.workstepssleep.com/	1970-01-21 10:17:58	Name: _ga Value: GA1.2.1697838349.1730518956
.workstepssleep.com/	1970-01-21 00:43:25	Name: _gid Value: GA1.2.1178892487.1730518956
.workstepssleep.com/	1970-01-21 00:41:59	Name: _gat_UA-38843168-2 Value: 1
.yandex.ru/	1970-01-21 09:27:34	Name: yashr Value: 8003639041730518955
.workstepssleep.com/	1970-01-21 09:27:34	Name: _hjSessionUser_1489924 Value: eyJpZCI6IjMxMTBkM2YzLWIwODItNTFlMC05ZWMyLTFkM2QwYWNkZGEyZSIsImNyZWF0ZWQiOjE3MzA1MTg5NTU2OTgsImV4aXN0aW5nIjp0cnVlfQ==
.workstepssleep.com/	1970-01-21 00:42:00	Name: _hjSession_1489924 Value: eyJpZCI6IjBhMzNiZDUwLTlkZTctNGI4Yy1hNWU5LTgzOTIzNzAzMTEwMyIsImMiOjE3MzA1MTg5NTU3MDAsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.workstepssleep.com/	1970-01-21 09:27:34	Name: _ym_uid Value: 1730518956856579016
.workstepssleep.com/	1970-01-21 09:27:34	Name: _ym_d Value: 1730518956
.mc.yandex.com/	1970-01-21 00:41:59	Name: sync_cookie_csrf Value: 158899477fake
.yandex.com/	1970-01-21 10:17:58	Name: i Value: oZDHTonZKGbYU2Ir/ZcJ6/CXJgh0sw/cNAKuCiMHg60bsmas0nuXczF1XEFAdzDnU3+yeUc3V9bCZUVmZjwQZt/7b8k=
.yandex.com/	1970-01-21 09:27:34	Name: yandexuid Value: 6077538031730518955
.yandex.com/	1970-01-21 09:27:34	Name: yashr Value: 3901218651730518955
.workstepssleep.com/	1970-01-21 00:43:10	Name: _ym_isad Value: 2
.workstepssleep.com/	1970-01-21 02:51:34	Name: _fbp Value: fb.1.1730518956149.612266290536280861
.mc.yandex.ru/	1970-01-21 00:41:59	Name: sync_cookie_csrf Value: 4192246657fake
.mc.yandex.com/	1970-01-21 00:43:25	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 10:17:58	Name: yandexuid Value: 6077538031730518955
.yandex.ru/	1970-01-21 10:17:58	Name: yuidss Value: 6077538031730518955
.yandex.ru/	1970-01-21 10:17:58	Name: i Value: oZDHTonZKGbYU2Ir/ZcJ6/CXJgh0sw/cNAKuCiMHg60bsmas0nuXczF1XEFAdzDnU3+yeUc3V9bCZUVmZjwQZt/7b8k=
.yandex.ru/	1970-01-21 10:17:58	Name: yp Value: 1730605356.yu.9928717001730518955
.yandex.ru/	1970-01-21 09:27:34	Name: ymex Value: 1733110956.oyu.9928717001730518955
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2327149071730518956
.yandex.com/	1970-01-21 09:27:34	Name: yuidss Value: 6077538031730518955
.yandex.com/	1970-01-21 09:27:34	Name: ymex Value: 1762054956.yrts.1730518956
.yandex.com/	1970-01-21 09:27:34	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 10:17:58	Name: bh Value: KgI/MGCsv5a5Bg==
.workstepssleep.com/	1970-01-21 00:42:00	Name: _ym_visorc Value: w
.pardot.com/	1970-01-21 10:17:58	Name: visitor_id738103 Value: 1948505635
.pardot.com/	1970-01-21 10:17:58	Name: visitor_id738103-hash Value: 19ea06abd98f3d967feb60aba66294e91b7e14f9fce029483b3ac88dd25d80131432178d3e4b3fe3022130085a842146c3beb9ab
pi.pardot.com/	1970-01-21 00:42:00	Name: lpv738103 Value: aHR0cHM6Ly93d3cud29ya3N0ZXBzc2xlZXAuY29tLw%3D%3D
www.workstepssleep.com/	1970-01-21 10:17:58	Name: visitor_id738103 Value: 1948505635
www.workstepssleep.com/	1970-01-21 10:17:58	Name: visitor_id738103-hash Value: 19ea06abd98f3d967feb60aba66294e91b7e14f9fce029483b3ac88dd25d80131432178d3e4b3fe3022130085a842146c3beb9ab

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bat.bing.com
bat.bing.net
cdn.prod.website-files.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
pi.pardot.com
q.clarity.ms
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
workstepssleep.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.workstepssleep.com
104.18.160.117
13.33.187.74
142.250.184.195
142.250.186.68
157.240.253.1
172.217.18.3
172.217.23.99
18.66.102.106
20.231.53.73
2001:4860:4802:32::36
216.58.206.34
2606:4700::6812:a46
2620:1ec:33::10
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2008
2a00:1450:4001:827::200a
2a00:1450:4001:82f::200a
2a00:1450:400c:c09::9d
2a02:6b8::1:119
2a03:2880:f176:181:face:b00c:0:25de
52.222.232.99
52.54.96.194
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
0f041697b282dae297547fc755f50f39f4f3ce9b56ee9eb088cbf08f2f8419a6
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f132510bc7b665bbe5fb9227b0d2daafa5513296a72f88f88d38179eded9277
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28168751a3267ac9c5f88003ac159fc70033e01cd6667833e52a4ef19e0f5b65
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
37085ff922b92b0bfc55cdb031ef07fd14a1049d780ff04532e1825d74356e89
38a5b436a9e4f740073a985ddaec0bf5a40e428b919c6e5fc669f4758fa858fc
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
50150c7b74487811061d3b192444b312d007ab3fc3321ccfb1a2fcf39f94f198
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59a952f4affe6467b7b44da5f07d161f5d522604d57bda3b8f9edf3e9e8ee3ab
62d426aa4f9781734b55b0e380a4c36bba6891bc5573f8ac254971c71361e7ce
6549f5bc96ed2db09b6df2e6b9d3247f936c4b40773158b712ef03bf9c3d9ff7
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55
6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad
7136b2d4b6c6578e70142f3e0655e6962b22a42bb17a02d7d102905e425d9410
788cb0ab279a32fb51a70f4e8f8b2bd8d9e5a8f396968c11e35b99b636c11bdf
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7e5c04ccfe50e8bdf52e98327a2f11e57aaf6c20c714c37ee34dca8fc59d0b3c
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8e04946174f0e5ac6cb9a086d1cf1c5ba78acd69e37c5af2da88deef0a993a3e
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
948ffb316a7caaafb40aab087d9a47d610d0fe75f3a805069b6c0f3f65c2e3d2
9535567cf78680a6df04468cdc4e2ae4bb61755f4395d6caa009eff97cecac1c
99ad2a58cb5e749516fac60990d3f9ba0622819e5ffeda7b537bb0b445d31a7f
99eb54dc3dd5061d84e71cc765a5028b482aa5af22e536e81ee2f8dea85b3461
a518d969920f8ba9b097fb6df14ebb27f518d2f52d869a6c05b0885a6e66db6e
a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa8d4d181a85e7d22544811d64dc89f5b260a81e228eba967ca9d0e0e0cf099a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
acbabec8c501beba92a606520da30ac66cdc2e88afa40a61cca71303c8a74959
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b4a76db7b8bf20c95f3a421e3b9472f9ff7bdaa8355d8722a3ca39ac7bf357f6
b57c4e21fceb55ad584a8a2a7fd12deda1d69f6cd632de0cdbcdf3536bc87555
c0d57eff0936a57e0c8d6bc93314585c734e5ade88d6de970e1e305ae5d87224
c65593fd2a50e479ba7db2b1b41ad7f5318c425e00a433d76b8537a31f2ac74d
c902f4ee78e5b163673e7b12219798188bfc6b55368f3b8f5d620b0feefb0273
ca1f4c410f6c5b63eac7011e466e6bb97062b2e0bf4ae6660689c26ad3b5b5ae
cca6c2dd9540ac7b8194f52ad49c3e6312705d4aa25c4cc29d68e9dbb8a3a118
d041f0987d7ae7195f81d637cf8f18ae42ead4b2ca2aa4c61cfdf447257cb554
d91886641331de72ecd7d406d2d95fdb0a015108e4b61a08914f15f10e65db29
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
d94078b4832d21c030df577288d95e21547003a2066a486ae82f793d38243447
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfe4cb0bcd615e43c11b51b4ca7d7aa2c7f2f167a7d2b5559281fa2126f437c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9bfb04a18c8be687fadacd7f67647b65113ee8d1aabcb0f410eac21681fa7ef
fe127281e682037e8d193335ec1ef2bb4ce69afb837d6c4ed3b510128efbd106

www.workstepssleep.com Open in urlscan Pro 2606:4700::6812:a46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

96 %HTTPS

50 %IPv6

20 Domains

26 Subdomains

23 IPs

5 Countries

1504 kBTransfer

3904 kBSize

35 Cookies

3 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.workstepssleep.com Open in urlscan Pro
2606:4700::6812:a46 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

96 %
HTTPS

50 %
IPv6

20
Domains

26
Subdomains

23
IPs

5
Countries

1504 kB
Transfer

3904 kB
Size

35
Cookies

72 HTTP transactions
0 data transactions