www.mediabrains.com Open in urlscan Pro
52.224.80.207 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://em.mediabrains.com/dc/FpRLAOF5gR-1S3wu146bt1yJ-kTJ_VpfPiUuAcZbDRPNSFYe6tgIW5Aq6rDGqXoG5j1TBQobvmLigq1OVfdSPM1JQGHNr...
Effective URL:
https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_source=lastchance-2023...
Submission: On January 05 via manual (January 5th 2023, 5:57:08 pm UTC) from IN — Scanned from DE

Summary HTTP 53 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 13 domains to perform 53 HTTP transactions. The main IP is 52.224.80.207, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.mediabrains.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 29th 2022. Valid for: a year.

This is the only time www.mediabrains.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.184.251.130 52.184.251.130	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	52.224.80.207 52.224.80.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
7	2606:4700:310... 2606:4700:3108::ac42:28e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700::68... 2606:4700::6812:7b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
2	2600:9000:206... 2600:9000:206f:5a00:3:9a1f:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:fc00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.155.221.253 35.155.221.253	16509 (AMAZON-02) (AMAZON-02)
53	20

1 52.184.251.130 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

em.mediabrains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.224.80.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.mediabrains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.mediabrains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3108::ac42:28e6 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:7b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:5a00:3:9a1f:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

notifier-configs.airbrake.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:fc00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.155.221.253 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-221-253.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	mediabrains.com em.mediabrains.com www.mediabrains.com cdn.mediabrains.com	451 KB
8	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 12755	91 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 2684 q.stripe.com — Cisco Umbrella Rank: 24056 m.stripe.com — Cisco Umbrella Rank: 2418	102 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1536 i.clarity.ms — Cisco Umbrella Rank: 11626 c.clarity.ms — Cisco Umbrella Rank: 2283	21 KB
7	calendly.com assets.calendly.com — Cisco Umbrella Rank: 27682 calendly.com — Cisco Umbrella Rank: 20917	639 KB
3	gstatic.com www.gstatic.com	350 KB
3	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 2510	23 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 3020	16 KB
2	airbrake.io notifier-configs.airbrake.io — Cisco Umbrella Rank: 10222	605 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2124 www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	114 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 444	555 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	28 KB
53	13

	Domain	Requested by
9	www.mediabrains.com	em.mediabrains.com www.mediabrains.com
8	challenges.cloudflare.com	1 redirects www.mediabrains.com challenges.cloudflare.com em.mediabrains.com
5	assets.calendly.com	www.mediabrains.com calendly.com assets.calendly.com
3	q.stripe.com	em.mediabrains.com
3	www.gstatic.com	www.recaptcha.net
3	www.recaptcha.net	assets.calendly.com www.gstatic.com www.recaptcha.net
3	js.stripe.com	assets.calendly.com js.stripe.com
3	i.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	m.stripe.network	js.stripe.com m.stripe.network
2	notifier-configs.airbrake.io	assets.calendly.com
2	calendly.com	assets.calendly.com
2	www.clarity.ms	www.mediabrains.com www.clarity.ms
2	www.googletagmanager.com	www.mediabrains.com assets.calendly.com
1	m.stripe.com	m.stripe.network
1	c.bing.com	1 redirects
1	connect.facebook.net	assets.calendly.com
1	www.google-analytics.com	assets.calendly.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.mediabrains.com	www.mediabrains.com
1	em.mediabrains.com
53	21

This site contains links to these domains. Also see Links.

Domain
directory.mytotalretail.com
www.plasticsnewsdirectory.com
vendordirectory.shrm.org
mac.mediabrains.com
www.facebook.com
www.twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
*.mediabrains.com Go Daddy Secure Certificate Authority - G2	`2022-04-29` - `2023-05-31`	a year	crt.sh
snib6cdgl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-12` - `2023-11-12`	a year	crt.sh
calendly.com Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-12-15` - `2024-01-11`	a year	crt.sh
*.airbrake.io SSL.com RSA SSL subCA	`2022-10-18` - `2023-10-18`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-15` - `2023-01-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-12` - `2023-03-09`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&mkt_tok=NDYyLUlIUC03MzcAAAGJIV7EYZdkhaExn760s8HLcwBFNgd8z9ucLMz-13mpd3gukTY3pad1bx2oTmBLbSoX55Fw5JFGa2_Hb6qeHyqHUg1n5Gkw4aM8aG51YSPgS_Ra
Frame ID: 6E9AE05B728A10133DF695AFB0EF8330
Requests: 21 HTTP requests in this frame

Frame: https://calendly.com/judith-gaa/last-chance-at-2022-pricing?embed_domain=www.mediabrains.com&embed_type=Inline&utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&hide_gdpr_banner=1&hide_landing_page_details=1&name=Anshuman%20Dutta&email=anshuman.dutta%40cognizant.com&a1=Discuss%20upgrading%20Cognizant%20in%20the%20Total%20Retail%20Directory%20at%202022%20pricing.
Frame ID: F2BE26760E610D58394CA6492042CAD5
Requests: 16 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/fv509/0x4AAAAAAAB09Nt2tohPC38p/auto/normal
Frame ID: 56837C5E099975F3B9F31D13BDC50747
Requests: 6 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=pe14bbm9c473
Frame ID: 3B27C8C6DF1AEF426C7AB0BFE7D20B3E
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 6A52697A4BFEB8A2814720FE58FE1D27
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B99A8349630E691EE767DD598841E2BA
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Total Retail Directory Advertising OfferFollow us on FaceBookFollow us on TwitterFollow us on LinkedInFollow us on YouTube

Page URL History Show full URLs

http://em.mediabrains.com/dc/FpRLAOF5gR-1S3wu146bt1yJ-kTJ_VpfPiUuAcZbDRPNSFYe6tgIW5Aq6rDGqXoG5j1TBQobv... Page URL
https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_so... Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Calendly (Appointment scheduling) Expand

Overall confidence: 100%
Detected patterns

https://assets\.calendly\.com/assets/external/widget\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

53
Requests

94 %
HTTPS

65 %
IPv6

13
Domains

21
Subdomains

20
IPs

3
Countries

1989 kB
Transfer

5145 kB
Size

14
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://directory.mytotalretail.com/
Title: Total Retail Directory

Search URL Search Domain Scan URL

URL: https://www.plasticsnewsdirectory.com/
Title: Plastics News Online Directory

Search URL Search Domain Scan URL

URL: https://vendordirectory.shrm.org/
Title: SHRM Human Resource Vendor Directory

Search URL Search Domain Scan URL

URL: https://mac.mediabrains.com/
Title: Customer login

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MediaBrains
Title: .cls-1 { fill: #7d8794; } .cls-2 { fill: none; stroke: #7d8794; stroke-miterlimit: 10; } Follow us on FaceBook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/mediabrains
Title: .cls-1 { fill: #7d8794; } .cls-2 { fill: none; stroke: #7d8794; stroke-miterlimit: 10; } Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mediabrains-inc-/
Title: .cls-1 { fill: #7d8794; } .cls-2 { fill: none; stroke: #7d8794; stroke-miterlimit: 10; } Follow us on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCHkGBlVoXxvioDka2hCQ7tw
Title: .cls-1 { fill: #7d8794; } .cls-2 { fill: none; stroke: #7d8794; stroke-miterlimit: 10; } Follow us on YouTube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://em.mediabrains.com/dc/FpRLAOF5gR-1S3wu146bt1yJ-kTJ_VpfPiUuAcZbDRPNSFYe6tgIW5Aq6rDGqXoG5j1TBQobvmLigq1OVfdSPM1JQGHNrzUyFRYBcEL4gV4LGiBgLi-nIz0QTsf8ALga2vfmqH2b4C_9PSdKO9EuJrN1jjaX1V79BfqjQ8_AbBxErYmRDp0IlKJNO-YymnEQTOrQQI7Ynm6vG5e4yiW13aBJdPmoze6KSzcwEcg8WTTetCyBIldSBEaLUggo6vXp/NDYyLUlIUC03MzcAAAGJIV7EYYnE0jTv-YgduGJTipZ3wyY1yjOyrCpAUk44NX9JK40ZAW-DGkpI4o662geibI2xDKk= Page URL
https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&mkt_tok=NDYyLUlIUC03MzcAAAGJIV7EYZdkhaExn760s8HLcwBFNgd8z9ucLMz-13mpd3gukTY3pad1bx2oTmBLbSoX55Fw5JFGa2_Hb6qeHyqHUg1n5Gkw4aM8aG51YSPgS_Ra Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/2aa155d5/api.js

Request Chain 52

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=99B6CBEAC4B74F3C8342EF5DB9949E75&RedC=c.clarity.ms&MXFR=2C5A2CCD8249683A38033E5D86496637 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=99B6CBEAC4B74F3C8342EF5DB9949E75&MUID=3B08B5104D7D68E22572A7804C7D69BA

53 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 302
Found NDYyLUlIUC03MzcAAAGJIV7EYYnE0jTv-YgduGJTipZ3wyY1yjOyrCpAUk44NX9JK40ZAW-DGkpI4o662geibI2xDKk=
em.mediabrains.com/dc/FpRLAOF5gR-1S3wu146bt1yJ-kTJ_VpfPiUuAcZbDRPNSFYe6tgIW5Aq6rDGqXoG5j1TBQobvmLigq1OVfdSPM1JQGHNrzUyFRYBcEL4gV4LGiBgLi-nIz0QTsf8ALga2vfmqH2b4C_9PSdKO9EuJrN1jjaX1V79BfqjQ8_AbBxErYm... 668 B
1 KB 957ms
308ms Document
text/html 52.184.251.130
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://em.mediabrains.com/dc/FpRLAOF5gR-1S3wu146bt1yJ-kTJ_VpfPiUuAcZbDRPNSFYe6tgIW5Aq6rDGqXoG5j1TBQobvmLigq1OVfdSPM1JQGHNrzUyFRYBcEL4gV4LGiBgLi-nIz0QTsf8ALga2vfmqH2b4C_9PSdKO9EuJrN1jjaX1V79BfqjQ8_AbBxErYmRDp0IlKJNO-YymnEQTOrQQI7Ynm6vG5e4yiW13aBJdPmoze6KSzcwEcg8WTTetCyBIldSBEaLUggo6vXp/NDYyLUlIUC03MzcAAAGJIV7EYYnE0jTv-YgduGJTipZ3wyY1yjOyrCpAUk44NX9JK40ZAW-DGkpI4o662geibI2xDKk=

Protocol

HTTP/1.1

Server

52.184.251.130 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

adobe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-pmiCml03E+USuk2KoWT2TaCRLpRq7628PzF4Dh4k6bE=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
content-length: 668
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-pmiCml03E+USuk2KoWT2TaCRLpRq7628PzF4Dh4k6bE=';object-src 'none';form-action:'none';frame-src:'none'
content-type: text/html;charset=UTF-8
date: Thu, 05 Jan 2023 17:57:01 GMT
referrer-policy: strict-origin
server: adobe
x-frame-options: SAMEORIGIN
x-request-id: cc378cf33c6960df

GET
H2 200 Primary Request 139157 Show response
www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/ 24 KB
8 KB 388ms
152ms Document
text/html 52.224.80.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&mkt_tok=NDYyLUlIUC03MzcAAAGJIV7EYZdkhaExn760s8HLcwBFNgd8z9ucLMz-13mpd3gukTY3pad1bx2oTmBLbSoX55Fw5JFGa2_Hb6qeHyqHUg1n5Gkw4aM8aG51YSPgS_Ra

Requested by

Host: em.mediabrains.com
URL: http://em.mediabrains.com/dc/FpRLAOF5gR-1S3wu146bt1yJ-kTJ_VpfPiUuAcZbDRPNSFYe6tgIW5Aq6rDGqXoG5j1TBQobvmLigq1OVfdSPM1JQGHNrzUyFRYBcEL4gV4LGiBgLi-nIz0QTsf8ALga2vfmqH2b4C_9PSdKO9EuJrN1jjaX1V79BfqjQ8_AbBxErYmRDp0IlKJNO-YymnEQTOrQQI7Ynm6vG5e4yiW13aBJdPmoze6KSzcwEcg8WTTetCyBIldSBEaLUggo6vXp/NDYyLUlIUC03MzcAAAGJIV7EYYnE0jTv-YgduGJTipZ3wyY1yjOyrCpAUk44NX9JK40ZAW-DGkpI4o662geibI2xDKk=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.224.80.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

13e742ae90f40d23f5c6f0a36d5defae801528333a74d9011a53400d79a5c083

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://em.mediabrains.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 17:57:02 GMT
pragma: no-cache
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

GET
H2 200 main.min.css
www.mediabrains.com/css/ 192 KB
43 KB 103ms
102ms Stylesheet
text/css 52.224.80.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediabrains.com/css/main.min.css?v=XwmMyBxZc6UqZs6u5zkgOdyexTbqE9nrxAkuUWqK3cM

Requested by

Host: www.mediabrains.com
URL: https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&mkt_tok=NDYyLUlIUC03MzcAAAGJIV7EYZdkhaExn760s8HLcwBFNgd8z9ucLMz-13mpd3gukTY3pad1bx2oTmBLbSoX55Fw5JFGa2_Hb6qeHyqHUg1n5Gkw4aM8aG51YSPgS_Ra

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.224.80.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5f098cc81c5973a52a66ceaee7392039dc9ec536ea13d9ebc4092e516a8addc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&mkt_tok=NDYyLUlIUC03MzcAAAGJIV7EYZdkhaExn760s8HLcwBFNgd8z9ucLMz-13mpd3gukTY3pad1bx2oTmBLbSoX55Fw5JFGa2_Hb6qeHyqHUg1n5Gkw4aM8aG51YSPgS_Ra
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Thu, 05 Jan 2023 17:57:02 GMT
last-modified: Wed, 04 Jan 2023 15:17:27 GMT
server: Microsoft-IIS/10.0
etag: "1d9204fa792dc81"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 TotalRetailResourceGuide_pubhome.gif
cdn.mediabrains.com/directorylogos/ 6 KB
6 KB 163ms
8ms Image
image/gif 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mediabrains.com/directorylogos/TotalRetailResourceGuide_pubhome.gif
Requested by: Host: www.mediabrains.com
URL: https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&mkt_tok=NDYyLUlIUC03MzcAAAGJIV7EYZdkhaExn760s8HLcwBFNgd8z9ucLMz-13mpd3gukTY3pad1bx2oTmBLbSoX55Fw5JFGa2_Hb6qeHyqHUg1n5Gkw4aM8aG51YSPgS_Ra
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD3) /
Resource Hash: f7759eb89a570e8148d3325ffdf0e6a73d9241a7f9d232bd8814655709820e48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediabrains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 05 Jan 2023 17:57:03 GMT
last-modified: Wed, 27 Jun 2018 19:45:00 GMT
server: ECAcc (frc/4CD3)
content-md5: RuvpGsyomxJ88q65UOcknw==
age: 514260
etag: 0x8D5DC6678231856
x-ms-meta-cbmodifiedtime: Wed, 26 Aug 2015 16:05:34 GMT
x-cache: HIT
content-type: image/gif
x-ms-request-id: 56bdb17f-601e-0077-5481-1cd708000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 6183

GET
H2 200 widget.js Show response
assets.calendly.com/assets/external/ 44 KB
16 KB 392ms
354ms Script
application/javascript 2606:4700:3108::ac42:28e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86321659b430d61d1c232e225e927b7f052fa61669e5afc15044f75740d04429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediabrains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:57:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 23 Dec 2022 17:25:36 GMT
cf-bgj: minify
server: cloudflare
age: 166
etag: W/"c30e8b97d12c7710012f00f92bcd9de5"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=300
cf-ray: 784e18174c3f5c44-FRA
expires: Fri, 06 Jan 2023 17:57:03 GMT

GET
H2 200 content.svg
www.mediabrains.com/images/products/listing-plans/ 132 KB
132 KB 180ms
179ms Image
image/svg+xml 52.224.80.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mediabrains.com/images/products/listing-plans/content.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.224.80.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

31223061d466930fe59521cbe9a49785638df3f1b76648d7a3ac168d09f88524

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&mkt_tok=NDYyLUlIUC03MzcAAAGJIV7EYZdkhaExn760s8HLcwBFNgd8z9ucLMz-13mpd3gukTY3pad1bx2oTmBLbSoX55Fw5JFGa2_Hb6qeHyqHUg1n5Gkw4aM8aG51YSPgS_Ra
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Thu, 05 Jan 2023 17:57:02 GMT
last-modified: Wed, 04 Jan 2023 15:14:55 GMT
server: Microsoft-IIS/10.0
etag: "1d9204f4cfa8f10"
x-powered-by: ASP.NET
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 134800

GET
H2 200 reviews.svg
www.mediabrains.com/images/products/listing-plans/ 39 KB
40 KB 180ms
178ms Image
image/svg+xml 52.224.80.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mediabrains.com/images/products/listing-plans/reviews.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.224.80.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c1773172d72f2b5f5bae361aec17e2f5aa1a6b46d21e0833bd373726de81a594

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&mkt_tok=NDYyLUlIUC03MzcAAAGJIV7EYZdkhaExn760s8HLcwBFNgd8z9ucLMz-13mpd3gukTY3pad1bx2oTmBLbSoX55Fw5JFGa2_Hb6qeHyqHUg1n5Gkw4aM8aG51YSPgS_Ra
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Thu, 05 Jan 2023 17:57:02 GMT
last-modified: Wed, 04 Jan 2023 15:14:55 GMT
server: Microsoft-IIS/10.0
etag: "1d9204f4cf81c20"
x-powered-by: ASP.NET
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 40352

GET
H2 200 audience-report.svg
www.mediabrains.com/images/products/listing-plans/ 154 KB
154 KB 180ms
179ms Image
image/svg+xml 52.224.80.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mediabrains.com/images/products/listing-plans/audience-report.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.224.80.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

eab92c36e6b7771a9c60d55d69380aa85f7f09a39d777e20a02cfda49c6b0a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&mkt_tok=NDYyLUlIUC03MzcAAAGJIV7EYZdkhaExn760s8HLcwBFNgd8z9ucLMz-13mpd3gukTY3pad1bx2oTmBLbSoX55Fw5JFGa2_Hb6qeHyqHUg1n5Gkw4aM8aG51YSPgS_Ra
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Thu, 05 Jan 2023 17:57:02 GMT
last-modified: Wed, 04 Jan 2023 15:14:55 GMT
server: Microsoft-IIS/10.0
etag: "1d9204f4cfae79d"
x-powered-by: ASP.NET
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 157213

GET
H2 200 site.min.js Show response
www.mediabrains.com/js/ 217 KB
67 KB 93ms
93ms Script
application/javascript 52.224.80.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediabrains.com/js/site.min.js?v=B0HQYY5IwAYS40jN5bK08LMDWr2nnrzkkKMQmWmU0tE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.224.80.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0741d0618e48c00612e348cde5b2b4f0b3035abda79ebce490a310996994d2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&mkt_tok=NDYyLUlIUC03MzcAAAGJIV7EYZdkhaExn760s8HLcwBFNgd8z9ucLMz-13mpd3gukTY3pad1bx2oTmBLbSoX55Fw5JFGa2_Hb6qeHyqHUg1n5Gkw4aM8aG51YSPgS_Ra
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Thu, 05 Jan 2023 17:57:02 GMT
last-modified: Wed, 04 Jan 2023 15:17:56 GMT
server: Microsoft-IIS/10.0
etag: "1d9204fb8d989b5"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/2aa155d5/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js
https://challenges.cloudflare.com/turnstile/v0/b/2aa155d5/api.js

11 KB
4 KB

38ms
37ms

Script
application/javascript

2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/2aa155d5/api.js
Requested by: Host: www.mediabrains.com
URL: https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&mkt_tok=NDYyLUlIUC03MzcAAAGJIV7EYZdkhaExn760s8HLcwBFNgd8z9ucLMz-13mpd3gukTY3pad1bx2oTmBLbSoX55Fw5JFGa2_Hb6qeHyqHUg1n5Gkw4aM8aG51YSPgS_Ra
Protocol: H2
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef989fb4fbbbd10967fe7495d8bc8a3911f2674e06987a5ae7bd858936108b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediabrains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:57:03 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 784e1817a84d9a2f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location: /turnstile/v0/b/2aa155d5/api.js
date: Thu, 05 Jan 2023 17:57:03 GMT
cache-control: max-age=300, public
server: cloudflare
cf-ray: 784e1817881a9a2f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary: accept-encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 73ms
33ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5P4LM7057P

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07769be3017dab913d62365b9156617514762dacab350de095aaa2972bf80ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediabrains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:57:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76905
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 17:57:03 GMT

GET
H2 200 da9pe88dj9 Show response
www.clarity.ms/tag/ 693 B
1 KB 176ms
98ms Script
application/x-javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/da9pe88dj9
Requested by: Host: www.mediabrains.com
URL: https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&mkt_tok=NDYyLUlIUC03MzcAAAGJIV7EYZdkhaExn760s8HLcwBFNgd8z9ucLMz-13mpd3gukTY3pad1bx2oTmBLbSoX55Fw5JFGa2_Hb6qeHyqHUg1n5Gkw4aM8aG51YSPgS_Ra
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 52ee72850a3be248a292f14b94b2a74ea03ca88ec48d545c68ef0c9de52e6913

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediabrains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: application/x-javascript
date: Thu, 05 Jan 2023 17:57:02 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0bw+3YwAAAAAXymrxKzn9QrAE7z7mW3MeRlJBMzFFREdFMDMxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-c/s/0.7.1/ 55 KB
19 KB 10ms
10ms Script
application/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-c/s/0.7.1/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/da9pe88dj9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediabrains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:57:02 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0Tsa1YwAAAACtBO00ZDYJQ4FnKJ89I+tPRlJBMjMxMDUwNDE3MDE5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d913c18f6c839e"
x-azure-ref: 0bw+3YwAAAAApkQNGKIRXQYxro9MbnSqPRlJBMzFFREdFMDMxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H2 204 collect Show response
i.clarity.ms/ 0
167 B 330ms
101ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.mediabrains.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://www.mediabrains.com
date: Thu, 05 Jan 2023 17:57:03 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 orange-checkmark.png
www.mediabrains.com/images/products/banner/ 589 B
677 B 93ms
93ms Image
image/png 52.224.80.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mediabrains.com/images/products/banner/orange-checkmark.png

Requested by

Host: www.mediabrains.com
URL: https://www.mediabrains.com/css/main.min.css?v=XwmMyBxZc6UqZs6u5zkgOdyexTbqE9nrxAkuUWqK3cM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.224.80.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

adac714f8213eb3cf6cf2733b39a69ff3ecae2028c5bda037dc21d58db9ea89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediabrains.com/css/main.min.css?v=XwmMyBxZc6UqZs6u5zkgOdyexTbqE9nrxAkuUWqK3cM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Thu, 05 Jan 2023 17:57:03 GMT
last-modified: Wed, 04 Jan 2023 15:14:55 GMT
server: Microsoft-IIS/10.0
etag: "1d9204f4cf883cd"
x-powered-by: ASP.NET
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 589

POST
H2 200 / Show response
www.mediabrains.com/lp/click-lead/518/173/745895/eaa30489-319f-4d3c-8c5a-eaa03ba975ee/139157/ 4 B
189 B 170ms
169ms Fetch
application/json 52.224.80.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediabrains.com/lp/click-lead/518/173/745895/eaa30489-319f-4d3c-8c5a-eaa03ba975ee/139157/

Requested by

Host: www.mediabrains.com
URL: https://www.mediabrains.com/js/site.min.js?v=B0HQYY5IwAYS40jN5bK08LMDWr2nnrzkkKMQmWmU0tE

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.224.80.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

RequestVerificationToken: CfDJ8I2Zzxi2CSpJrs05aZ4-T8DNVuqD6geSdmfcJVstM9DcaF9JTS94cOSbJmEpD8x5tvlrqudtjXwvJX-eadizx-Ycgd84LwS88_5EMWuYnAi6iT9HPbrsjqZMbkAh6qSc4kTGRErSddfqfFXr8QvuOPQ
Referer: https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&mkt_tok=NDYyLUlIUC03MzcAAAGJIV7EYZdkhaExn760s8HLcwBFNgd8z9ucLMz-13mpd3gukTY3pad1bx2oTmBLbSoX55Fw5JFGa2_Hb6qeHyqHUg1n5Gkw4aM8aG51YSPgS_Ra
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Thu, 05 Jan 2023 17:57:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json; charset=utf-8

POST
H2 200 / Show response
www.mediabrains.com/lp/track-metadata/518/745895/eaa30489-319f-4d3c-8c5a-eaa03ba975ee/ 4 B
166 B 175ms
175ms Fetch
application/json 52.224.80.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediabrains.com/lp/track-metadata/518/745895/eaa30489-319f-4d3c-8c5a-eaa03ba975ee/

Requested by

Host: www.mediabrains.com
URL: https://www.mediabrains.com/js/site.min.js?v=B0HQYY5IwAYS40jN5bK08LMDWr2nnrzkkKMQmWmU0tE

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.224.80.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

RequestVerificationToken: CfDJ8I2Zzxi2CSpJrs05aZ4-T8DNVuqD6geSdmfcJVstM9DcaF9JTS94cOSbJmEpD8x5tvlrqudtjXwvJX-eadizx-Ycgd84LwS88_5EMWuYnAi6iT9HPbrsjqZMbkAh6qSc4kTGRErSddfqfFXr8QvuOPQ
Referer: https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&mkt_tok=NDYyLUlIUC03MzcAAAGJIV7EYZdkhaExn760s8HLcwBFNgd8z9ucLMz-13mpd3gukTY3pad1bx2oTmBLbSoX55Fw5JFGa2_Hb6qeHyqHUg1n5Gkw4aM8aG51YSPgS_Ra
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/json

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Thu, 05 Jan 2023 17:57:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 last-chance-at-2022-pricing Show response
calendly.com/judith-gaa/ Frame F2BE 148 KB
19 KB 457ms
444ms Document
text/html 2606:4700:3108::ac42:28e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calendly.com/judith-gaa/last-chance-at-2022-pricing?embed_domain=www.mediabrains.com&embed_type=Inline&utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&hide_gdpr_banner=1&hide_landing_page_details=1&name=Anshuman%20Dutta&email=anshuman.dutta%40cognizant.com&a1=Discuss%20upgrading%20Cognizant%20in%20the%20Total%20Retail%20Directory%20at%202022%20pricing.

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/external/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5124d0ce9aae8570822f725c506b8f5642ef170243d85de4efa98d9c9ac9c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.mediabrains.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784e181a19195c44-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 17:57:04 GMT
link: <https://assets.calendly.com/assets/booking/css/booking-1d56034c.css>; rel=preload; as=style; nopush
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-request-id: c75948fee2d2d106f0ce35e87a6815c0
x-runtime: 0.165583

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/fv509/0x4AAAAAAAB09Nt2tohPC38p/auto/ Frame 5683 19 KB
7 KB 23ms
23ms Document
text/html 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/fv509/0x4AAAAAAAB09Nt2tohPC38p/auto/normal
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67faa426ce847e25aec107a21aaaa1d7db3c8ba7e9d82f0e868f2208fba1cba7

Request headers

Referer: https://www.mediabrains.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 784e181a0db79b82-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 17:57:03 GMT
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
350 B 47ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5P4LM7057P&gtm=2oebu0&_p=228986966&cid=1479515637.1672941424&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672941423&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediabrains.com%2Flp%2Flast-chance%2F173%2F745895%2FEAA30489-319F-4D3C-8C5A-EAA03BA975EE%2F139157%3Futm_source%3Dlastchance-2023-email-c%26utm_medium%3Demail%26utm_campaign%3Dlastchance-2023%26mkt_tok%3DNDYyLUlIUC03MzcAAAGJIV7EYZdkhaExn760s8HLcwBFNgd8z9ucLMz-13mpd3gukTY3pad1bx2oTmBLbSoX55Fw5JFGa2_Hb6qeHyqHUg1n5Gkw4aM8aG51YSPgS_Ra&dr=http%3A%2F%2Fem.mediabrains.com%2F&dt=Total%20Retail%20Directory%20Advertising%20Offer&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5P4LM7057P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediabrains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 17:57:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mediabrains.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 5683 55 KB
25 KB 19ms
19ms Script
application/javascript 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=784e181a0db79b82
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/fv509/0x4AAAAAAAB09Nt2tohPC38p/auto/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8e8d2ce0797ab983bb4748d6f627393cb3d151d5eec2ffb6410541a07ce84e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/fv509/0x4AAAAAAAB09Nt2tohPC38p/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:57:03 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 784e181a4e259b82-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 c3ae29208bfe73d Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.05962447174830379:1672939097:HOSlZjNFczIjEgzzRPUnw2IsMRqKKUieCXN5u0Yxw3s/784e181a0db79b82/ Frame 5683 114 KB
53 KB 97ms
97ms XHR
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.05962447174830379:1672939097:HOSlZjNFczIjEgzzRPUnw2IsMRqKKUieCXN5u0Yxw3s/784e181a0db79b82/c3ae29208bfe73d
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=784e181a0db79b82
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebe556b0beae81b7add35294a229dbadcec12bc0848f239dac25917bd5db3b6f

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/fv509/0x4AAAAAAAB09Nt2tohPC38p/auto/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
CF-Challenge: c3ae29208bfe73d
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 05 Jan 2023 17:57:03 GMT
content-encoding: br
cf_chl_gen: fZXsgmobjQnSL8zUDd4PGIWgVBJDpDEa0jiXfszwhtn+DdwiGkvh0zj/omO/fTsYBx8F3auWqaKBUwyb8nmz+qKk7w8xRHwBCPgvhqdiCJoCx8f6JEXeQYBGgC1AwdJN8L26zZLok4ggTTuFlChXVSEbvIPRCDyDliCC1qhXqqKSf0QM/prkrNplmhmMo07veN6B1/rWPSns0bCLLJARGJBuVp+nz6Y1idv90o67hRxlDvXk0VWelqnWTn6Ayo8DUzS/N2UQRq8uK/3SB1pBO/qhe6bj15s9svVC9QKT110J/6wOafffcrra9kKhC4tXohNmaL9+PUU4rmP4EZpJwDJF//bsgw7Km+Kw5GXLg0Yp/aUB3IAWf/Ib2QRTlgsT$xjUM/tJIXcG/9GF1xG5wiw==
server: cloudflare
cf-ray: 784e181b38569b82-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 booking-1d56034c.css
assets.calendly.com/assets/booking/css/ Frame F2BE 325 KB
168 KB 339ms
338ms Stylesheet
text/css 2606:4700:3108::ac42:28e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/booking/css/booking-1d56034c.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7d62f6500da447d46fecfdc2c044c313854564fa819c30d33823e2d1a06158d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:57:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 8298
cf-polished: origSize=353812
last-modified: Thu, 05 Jan 2023 15:33:33 GMT
cf-bgj: minify
server: cloudflare
etag: W/"4ea3788263ef8bba335373abe10d1fe0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 784e181cfdf15c44-FRA
expires: Fri, 06 Jan 2023 17:57:04 GMT

GET
H2 200 booking-runtime-c113812c.js Show response
assets.calendly.com/assets/booking/js/ Frame F2BE 10 KB
3 KB 177ms
177ms Script
application/javascript 2606:4700:3108::ac42:28e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/booking/js/booking-runtime-c113812c.js

Requested by

Host: calendly.com
URL: https://calendly.com/judith-gaa/last-chance-at-2022-pricing?embed_domain=www.mediabrains.com&embed_type=Inline&utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&hide_gdpr_banner=1&hide_landing_page_details=1&name=Anshuman%20Dutta&email=anshuman.dutta%40cognizant.com&a1=Discuss%20upgrading%20Cognizant%20in%20the%20Total%20Retail%20Directory%20at%202022%20pricing.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93fe3a43068e2c7a8d967bec1aa7d6decb8d84cf3c88a14d62c1877426e9c0f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:57:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 8305
cf-polished: origSize=19551
last-modified: Thu, 05 Jan 2023 15:33:33 GMT
cf-bgj: minify
server: cloudflare
etag: W/"6ed6852a3c87776945bc49b4ade56a61"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 784e181d2e355c44-FRA
expires: Fri, 06 Jan 2023 17:57:04 GMT

GET
H2 200 booking-555b6d5d.js Show response
assets.calendly.com/assets/booking/js/ Frame F2BE 2 MB
423 KB 321ms
321ms Script
application/javascript 2606:4700:3108::ac42:28e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/booking/js/booking-555b6d5d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c25883729820f77afa7a22983ad0cce630250d2d2473e9b5f834b0d38ebbb22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:57:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 8305
cf-polished: origSize=1585602
last-modified: Thu, 05 Jan 2023 15:33:33 GMT
cf-bgj: minify
server: cloudflare
etag: W/"6dead6e059d58d85e052a4ce952e83d9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 784e181d3e545c44-FRA
expires: Fri, 06 Jan 2023 17:57:04 GMT

GET
H2 200 v3 Show response
js.stripe.com/ Frame F2BE 411 KB
99 KB 79ms
9ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-555b6d5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b0e1816850e3642cce276f3081818763916a2649d5d05999e6821b4e4587c302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 17:57:04 GMT
via: 1.1 varnish
age: 3
x-cache: HIT
content-length: 101036
x-request-id: 28ebf9c5-479a-41e0-b461-8b351a1f18dc
x-served-by: cache-fra-eddf8230093-FRA
last-modified: Thu, 05 Jan 2023 00:01:01 GMT
server: Fastly
etag: "36103910381132454f0e39b8403bf523"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 en-a7538753.chunk.js Show response
assets.calendly.com/assets/booking/js/locales/ Frame F2BE 25 KB
9 KB 364ms
364ms Script
application/javascript 2606:4700:3108::ac42:28e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/booking/js/locales/en-a7538753.chunk.js

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-runtime-c113812c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d0f1a05ef913a5d77851fe212364a3d36fbd32d13f17563fdcd491e379c80ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:57:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 20:25:53 GMT
cf-bgj: minify
server: cloudflare
age: 1977953
etag: W/"d62fc14dae257fd86bf553483ceb9d7a"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=31536000
cf-ray: 784e18205c275c44-FRA
expires: Fri, 06 Jan 2023 17:57:05 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 98ms
98ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.mediabrains.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://www.mediabrains.com
date: Thu, 05 Jan 2023 17:57:04 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 config.json Show response
notifier-configs.airbrake.io/2020-06-18/config/90109/ Frame F2BE 218 B
605 B 8ms
8ms Fetch
binary/octet-stream 2600:9000:206f:5a00:3:9a1f:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://notifier-configs.airbrake.io/2020-06-18/config/90109/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.5&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&language=JavaScript
Requested by: Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-555b6d5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:3:9a1f:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8acee54f6a0177511da9094fe528e7a359d5acc11e062cd7d370be3051ecd961

Request headers

Accept: application/json
Cache-Control: no-cache,no-store
Referer: https://calendly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:17 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 02 Dec 2022 22:01:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 4729
etag: "539c4cea4ea951c45968ba49186e20a9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 218
x-amz-cf-id: MohhtHiBsf_3NR_c5tBrnSOfas6RUWGzpm6sxvGmik1UbrfvvICH6A==

OPTIONS
H2 200 config.json
notifier-configs.airbrake.io/2020-06-18/config/90109/ Frame 0
0 424ms
372ms Preflight 2600:9000:206f:5a00:3:9a1f:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://notifier-configs.airbrake.io/2020-06-18/config/90109/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.5&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&language=JavaScript
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:3:9a1f:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control
Access-Control-Request-Method: GET
Origin: https://calendly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: cache-control
access-control-allow-methods: GET
access-control-allow-origin: *
content-length: 0
date: Thu, 05 Jan 2023 17:57:06 GMT
server: AmazonS3
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-amz-cf-id: YJ-DN7lNH7afNwYSrHzKbprw7PzlRKyZ2lKbWS77dhy_ooCs5ieWlg==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront

GET
H3 401 rCeEvBZ1ilVwH4W Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/784e181a0db79b82/1672941423902/05b88548660df1a31a071fe355ba273289d5f9634790a424382d6916989f18d2/ Frame 5683 1 B
645 B 18ms
18ms Fetch
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/784e181a0db79b82/1672941423902/05b88548660df1a31a071fe355ba273289d5f9634790a424382d6916989f18d2/rCeEvBZ1ilVwH4W
Requested by: Host: em.mediabrains.com
URL: http://em.mediabrains.com/dc/FpRLAOF5gR-1S3wu146bt1yJ-kTJ_VpfPiUuAcZbDRPNSFYe6tgIW5Aq6rDGqXoG5j1TBQobvmLigq1OVfdSPM1JQGHNrzUyFRYBcEL4gV4LGiBgLi-nIz0QTsf8ALga2vfmqH2b4C_9PSdKO9EuJrN1jjaX1V79BfqjQ8_AbBxErYmRDp0IlKJNO-YymnEQTOrQQI7Ynm6vG5e4yiW13aBJdPmoze6KSzcwEcg8WTTetCyBIldSBEaLUggo6vXp/NDYyLUlIUC03MzcAAAGJIV7EYYnE0jTv-YgduGJTipZ3wyY1yjOyrCpAUk44NX9JK40ZAW-DGkpI4o662geibI2xDKk=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/fv509/0x4AAAAAAAB09Nt2tohPC38p/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:57:05 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gBbiFSGYN8aMaBx_jVbonMonV-WNHkKQkOC1pFpifGNIAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsB5nom4zwoHcXXx79Cbx3F4SdBJj3Q5Pwn0Xh_n-smKfZN2CSGKT8mXLLCEWU4RHHKBAC65vrdBScNgbROkyFrmmj2iO8254s6iUlWjWT_g_Ha0Kjz8gNDfuTRbQmfgbO6nLGJUKtIEepeA-qUCEALsKropvwOf-D6P0Ev9Chxqi6Qou9QLLv2lD3IsKB2x3hB_ve5dSpRn1o-YHKWxAehalc5Ua_0uu4tLUTscrl734rL7ZztFtfB-poE4u58KpiAc_QoBMyNyKAhJ4xscSlkscOud1lYx9-U-YCk3Ar4C8K1N1VTDMv4NBcd6wOfrLqlj-tZuj0bgRdmxDb420VQIDAQAB, max-age=15
server: cloudflare
cf-ray: 784e1822c84e9b82-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 4_kO1Ygd3cl_sna
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/784e181a0db79b82/1672941423908/ Frame 5683 61 B
166 B 16ms
16ms Image
image/png 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/784e181a0db79b82/1672941423908/4_kO1Ygd3cl_sna
Requested by: Host: www.mediabrains.com
URL: https://www.mediabrains.com/lp/last-chance/173/745895/EAA30489-319F-4D3C-8C5A-EAA03BA975EE/139157?utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&mkt_tok=NDYyLUlIUC03MzcAAAGJIV7EYZdkhaExn760s8HLcwBFNgd8z9ucLMz-13mpd3gukTY3pad1bx2oTmBLbSoX55Fw5JFGa2_Hb6qeHyqHUg1n5Gkw4aM8aG51YSPgS_Ra
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80aba6fdeb70a4ef87ebaf3244010da4408206845805f7e1911522202e8e4b98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/fv509/0x4AAAAAAAB09Nt2tohPC38p/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:57:05 GMT
server: cloudflare
cf-ray: 784e1822f8ab9b82-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/png

GET
H2 200 enterprise.js Show response
www.recaptcha.net/recaptcha/ Frame F2BE 977 B
1 KB 142ms
50ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-555b6d5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

27a561b3e673bf4271c967eab99b4fdbc0e132868aea1a5a437e0f347a97fce8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 616
x-xss-protection: 1; mode=block
expires: Thu, 05 Jan 2023 17:57:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame F2BE 49 KB
20 KB 52ms
15ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-555b6d5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 17:50:44 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 381
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 05 Jan 2023 19:50:44 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame F2BE 103 KB
28 KB 62ms
17ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-555b6d5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Jan 2023 17:57:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: +aL/uoJLCZMFatOsgPmQj+XlQwCXSEr9tEawI0nHE190Vs31U38adcyfb4z+FEmcK+fL3udIlVo7Jqq9YvwAPw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame F2BE 96 KB
38 KB 53ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-555b6d5d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16c274e4ee9ffefff1bb522fb43d8b684399cb91994cff8dc243a6fa2c46e106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:57:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39154
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 17:34:58 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Jan 2023 17:57:05 GMT

GET
DATA 200
OK truncated
/ Frame F2BE 37 KB
37 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d41624e9721619a0dbe00d0fd9c0175a8f97c484aab61117db7246f69b7de9ba

Request headers

Referer
Origin: https://calendly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame F2BE 52 KB
52 KB Font
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0fc4d52bd5a04f47b6d26363e771b2d819496c81b59dd324c56dabdbd02edab

Request headers

Referer
Origin: https://calendly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/ttf

GET
DATA 200
OK truncated
/ Frame F2BE 45 KB
45 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ea98b82eb62795846fed9452c40531d668dd519e29633c196905d6f5af8d846

Request headers

Referer
Origin: https://calendly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff

GET
H2 200 range Show response
calendly.com/api/booking/event_types/746723d1-4ddf-410a-845a-e98247878176/calendar/ Frame F2BE 21 KB
1 KB 1086ms
1085ms XHR
application/json 2606:4700:3108::ac42:28e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calendly.com/api/booking/event_types/746723d1-4ddf-410a-845a-e98247878176/calendar/range?timezone=UTC&diagnostics=false&range_start=2023-01-05&range_end=2023-01-31&embed_domain=www.mediabrains.com&embed_type=Inline

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-555b6d5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d247f6228bc6e36811661d3fd25f854ec724e36b19c54fb7342977527bdbae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json, text/plain, */*
Referer: https://calendly.com/judith-gaa/last-chance-at-2022-pricing?embed_domain=www.mediabrains.com&embed_type=Inline&utm_source=lastchance-2023-email-c&utm_medium=email&utm_campaign=lastchance-2023&hide_gdpr_banner=1&hide_landing_page_details=1&name=Anshuman%20Dutta&email=anshuman.dutta%40cognizant.com&a1=Discuss%20upgrading%20Cognizant%20in%20the%20Total%20Retail%20Directory%20at%202022%20pricing.&month=2023-01
X-CSRF-Token: ZIyg3W1PPyCJv6f5nXHqV-IgOmVgbDiUZGb9u07SceSR-zp03_9Pq1qCb0Kwnixisvqd55TNKNHOo3O8w2aAlA
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-runtime: 0.813255
date: Thu, 05 Jan 2023 17:57:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
etag: W/"3d247f6228bc6e36811661d3fd25f854"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 784e182389335c44-FRA
x-request-id: 4b571ffc6b3415e784822c45e479dc2a

POST
H3 200 c3ae29208bfe73d Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.05962447174830379:1672939097:HOSlZjNFczIjEgzzRPUnw2IsMRqKKUieCXN5u0Yxw3s/784e181a0db79b82/ Frame 5683 900 B
1 KB 70ms
70ms XHR
text/html 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.05962447174830379:1672939097:HOSlZjNFczIjEgzzRPUnw2IsMRqKKUieCXN5u0Yxw3s/784e181a0db79b82/c3ae29208bfe73d
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=784e181a0db79b82
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f30562da8852fcab87f2b7f66e27aaa78fde24fc02435af82380830f802e1c28

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/fv509/0x4AAAAAAAB09Nt2tohPC38p/auto/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
CF-Challenge: c3ae29208bfe73d
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 05 Jan 2023 17:57:05 GMT
content-encoding: br
server: cloudflare
cf_chl_out: Wp9qHoPEubxKYt896N6/EzPNLq02G5hMHJesv6NJgY9TbQ+NCVDo/yOyp9hRubs6luTVD1Bi3jssGEf/6npl2g==$cs3tW25KXcrxsQJbN4pwDw==
content-type: text/html; charset=UTF-8
cf_chl_out_s: 5QpfV2V8eirsIP/SoofpjPcqhUdNjprWqTNUEFR4EwWAQWza11XbgCC+ycK1j5oWg04Supa85cBp+5yKB4DJ3f1wNYEXTKMTLHt1jC7HiYeBYAyfOdozDXf1ewahaoORnOEFt0FK/7nkhq1ekW0ObO5wUDqTiFPRKlbNn4bJL8L6P+UqD6jhQCliGORb1Uci7uO0nrdmu4VghALIQ6QMR+0XbhYfZQ+DP/b41vZrJ02Xy7fOPKEKTEyhYEvNTqiGG82KPMzQmCJnxM72EZ7TPgFmi7QsecE8mog/gmEDLDG/yMIKjljZbXPGJgEUYPii6VY3TIPBF36Sw7Cr6FvhmAj7eAdsj3Mo1x5jOe7QVSWCkEcliPbJ21wyym0c3xQFrhd8+ENOtTaH4b4IqM9REUjQ1Q6qsnVskyf+ynuJz58UEPBztWzIRSpblHpVKhrflwHBAhN9ryhzd0f+1Xpv8w==$ur/bVHBeAdUhxL+fWJPuzw==
cf-ray: 784e18247bdf9b82-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame F2BE 407 KB
163 KB 53ms
16ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://calendly.com/
Origin: https://calendly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 17:53:45 GMT

GET
H3 200 anchor Show response
www.recaptcha.net/recaptcha/enterprise/ Frame 3B27 42 KB
22 KB 119ms
60ms Document
text/html 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=pe14bbm9c473

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c900bed841769d108ab0353db724b6a416b8dea02ed6a96d723672beb0bf65c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ahMaw7TpScj2VApsfpx2qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://calendly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22146
content-security-policy: script-src 'report-sample' 'nonce-ahMaw7TpScj2VApsfpx2qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 17:57:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 3B27 52 KB
24 KB 44ms
14ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=pe14bbm9c473

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 17:53:49 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 3B27 407 KB
163 KB 42ms
13ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 17:53:45 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame 3B27 102 B
134 B 51ms
51ms Other
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=pe14bbm9c473
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 05 Jan 2023 17:57:05 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 6A52 200 B
808 B 7ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://calendly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 153878
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 17:57:05 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 10623
x-content-type-options: nosniff
x-request-id: dd78bc51-2466-4cb2-937d-ea3c025a27a3
x-served-by: cache-fra-eddf8230093-FRA

POST
H2 200 csp-report
q.stripe.com/ Frame 6A52 0
570 B 555ms
176ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 05 Jan 2023 17:57:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6A52 0
570 B 553ms
174ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 05 Jan 2023 17:57:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6A52 631 B
465 B 10ms
9ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 17:57:05 GMT
via: 1.1 varnish
age: 4571535
x-cache: HIT
content-length: 332
x-request-id: dccb33cd-c38e-4f2f-ae0e-8bce7138a0a2
x-served-by: cache-fra-eddf8230093-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9397

GET
H2 200 inner.html Show response
m.stripe.network/ Frame B99A 930 B
2 KB 98ms
13ms Document
text/html 2600:9000:2057:fc00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:fc00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 289
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 17:52:21 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id: MaLnK4FADBxIB1vDDedHSra9AqcmiEuezPdYo2fq7oWOijFoIgadZQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame B99A 0
345 B 434ms
173ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 17:57:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame B99A 86 KB
14 KB 10ms
10ms Script
text/javascript 2600:9000:2057:fc00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:fc00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 17:53:56 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 191
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: V9bl3pUjZh5LwNiwTawEskHtAZxGGqrWPZtPs_b6H2xlYJd0cbpRFw==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=99B6CBEAC4B74F3C8342EF5DB9949E75&RedC=c.clarity.ms&MXFR=2C5A2CCD8249683A38033E5D86496637
https://c.clarity.ms/c.gif?CtsSyncId=99B6CBEAC4B74F3C8342EF5DB9949E75&MUID=3B08B5104D7D68E22572A7804C7D69BA

42 B
368 B

34ms
34ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=99B6CBEAC4B74F3C8342EF5DB9949E75&MUID=3B08B5104D7D68E22572A7804C7D69BA
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediabrains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 17:57:05 GMT
last-modified: Mon, 12 Dec 2022 18:28:34 GMT
server: Microsoft-IIS/10.0
etag: "ea79178b57ed91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 17:57:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4B060F59A26343A487851F6E0CE44E96 Ref B: FRAEDGE1917 Ref C: 2023-01-05T17:57:06Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=99B6CBEAC4B74F3C8342EF5DB9949E75&MUID=3B08B5104D7D68E22572A7804C7D69BA
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame B99A 156 B
523 B 563ms
178ms XHR
application/json 35.155.221.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.155.221.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-221-253.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

100e44430c87df7f158633841d5d8269ecb89162d7309891c9cf4f0c0c9f4db5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 05 Jan 2023 17:57:06 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 204 collect
i.clarity.ms/ 0
0 98ms
97ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.mediabrains.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://www.mediabrains.com
date: Thu, 05 Jan 2023 17:57:07 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.mediabrains.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.p9z6pNWALFM Value: CfDJ8I2Zzxi2CSpJrs05aZ4-T8DMu_QJjzT6ndWEFJQYjIWlmWJhoIZNlUvtdcJdHUQFzoL1hNjjkYWl0K7a3zTbxK4_7mW2pRVW45qibgrT6sydBK-Efd_dNIjMjZt7CpDcnUuDiyUdQK-waNPjBs0aQII
.challenges.cloudflare.com/	1970-01-20 08:42:23	Name: __cf_bm Value: Py0gPEmEPObXyeBH04M2zBibBiEx6KqXhcmU234DmLQ-1672941423-0-AXznYudXhbQ3XyF4iKgWfpwHN/xX86wzf2TOaVbWCE5KDtMsYR3XI/JDj164o3cuZ4FerbAKiLMnLWlUqvhXm1s=
www.clarity.ms/	1970-01-20 17:27:57	Name: CLID Value: 90c4e8d0cb9b4c9392bbd4eee04e5123.20230105.20240105
.calendly.com/	1970-01-20 08:42:23	Name: __cf_bm Value: rVEZTWMcTXfB9siyfPT3aJYWe9SR7Z01s9dGsNOcv5E-1672941423-0-AWp1GBSaTTvQvTZkAAIPD/JhxFEoMIENebsIe7i9Bk1AOt8vH1aFuDRU5tas2OynPr8zTrpmNNDBOoWbdjCZe8Q=
.mediabrains.com/	1970-01-20 17:27:57	Name: _clck Value: f47hx1\|1\|f80\|1
.mediabrains.com/	1970-01-20 18:18:21	Name: _ga_5P4LM7057P Value: GS1.1.1672941423.1.0.1672941423.0.0.0
.mediabrains.com/	1970-01-20 18:18:21	Name: _ga Value: GA1.1.1479515637.1672941424
.mediabrains.com/	1970-01-20 08:43:47	Name: _clsk Value: ujhgut\|1672941423891\|1\|1\|i.clarity.ms/collect
.calendly.com/	1969-12-31 23:59:59	Name: __cfruid Value: 150ccc62d2f2c464fdb0101e199bdcbf4c26fb68-1672941424
.c.bing.com/	1970-01-20 18:03:57	Name: SRM_B Value: 3B08B5104D7D68E22572A7804C7D69BA
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 18:03:57	Name: MUID Value: 3B08B5104D7D68E22572A7804C7D69BA
.c.clarity.ms/	1970-01-20 08:42:22	Name: ANONCHK Value: 0
m.stripe.com/	1970-01-20 18:18:21	Name: m Value: e9b27cae-e790-49d7-927f-fd2cda366fce4985d0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: http://em.mediabrains.com/dc/FpRLAOF5gR-1S3wu146bt1yJ-kTJ_VpfPiUuAcZbDRPNSFYe6tgIW5Aq6rDGqXoG5j1TBQobvmLigq1OVfdSPM1JQGHNrzUyFRYBcEL4gV4LGiBgLi-nIz0QTsf8ALga2vfmqH2b4C_9PSdKO9EuJrN1jjaX1V79BfqjQ8_AbBxErYmRDp0IlKJNO-YymnEQTOrQQI7Ynm6vG5e4yiW13aBJdPmoze6KSzcwEcg8WTTetCyBIldSBEaLUggo6vXp/NDYyLUlIUC03MzcAAAGJIV7EYYnE0jTv-YgduGJTipZ3wyY1yjOyrCpAUk44NX9JK40ZAW-DGkpI4o662geibI2xDKk= Message: The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: http://em.mediabrains.com/dc/FpRLAOF5gR-1S3wu146bt1yJ-kTJ_VpfPiUuAcZbDRPNSFYe6tgIW5Aq6rDGqXoG5j1TBQobvmLigq1OVfdSPM1JQGHNrzUyFRYBcEL4gV4LGiBgLi-nIz0QTsf8ALga2vfmqH2b4C_9PSdKO9EuJrN1jjaX1V79BfqjQ8_AbBxErYmRDp0IlKJNO-YymnEQTOrQQI7Ynm6vG5e4yiW13aBJdPmoze6KSzcwEcg8WTTetCyBIldSBEaLUggo6vXp/NDYyLUlIUC03MzcAAAGJIV7EYYnE0jTv-YgduGJTipZ3wyY1yjOyrCpAUk44NX9JK40ZAW-DGkpI4o662geibI2xDKk= Message: The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/784e181a0db79b82/1672941423902/05b88548660df1a31a071fe355ba273289d5f9634790a424382d6916989f18d2/rCeEvBZ1ilVwH4W Message: Failed to load resource: the server responded with a status of 401 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-pmiCml03E+USuk2KoWT2TaCRLpRq7628PzF4Dh4k6bE=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.calendly.com
c.bing.com
c.clarity.ms
calendly.com
cdn.mediabrains.com
challenges.cloudflare.com
connect.facebook.net
em.mediabrains.com
i.clarity.ms
js.stripe.com
m.stripe.com
m.stripe.network
notifier-configs.airbrake.io
q.stripe.com
region1.google-analytics.com
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.mediabrains.com
www.recaptcha.net
151.101.192.176
20.234.93.27
2001:4860:4802:32::36
2600:9000:2057:fc00:19:7d10:bd80:93a1
2600:9000:206f:5a00:3:9a1f:ef40:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:3108::ac42:28e6
2606:4700::6812:7b9
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200e
2a00:1450:400d:802::2003
2a03:2880:f02d:12:face:b00c:0:3
35.155.221.253
52.167.85.21
52.184.251.130
52.224.80.207
54.187.159.182
0741d0618e48c00612e348cde5b2b4f0b3035abda79ebce490a310996994d2d1
07769be3017dab913d62365b9156617514762dacab350de095aaa2972bf80ebf
100e44430c87df7f158633841d5d8269ecb89162d7309891c9cf4f0c0c9f4db5
13e742ae90f40d23f5c6f0a36d5defae801528333a74d9011a53400d79a5c083
16c274e4ee9ffefff1bb522fb43d8b684399cb91994cff8dc243a6fa2c46e106
1c900bed841769d108ab0353db724b6a416b8dea02ed6a96d723672beb0bf65c
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
27a561b3e673bf4271c967eab99b4fdbc0e132868aea1a5a437e0f347a97fce8
2d0f1a05ef913a5d77851fe212364a3d36fbd32d13f17563fdcd491e379c80ae
31223061d466930fe59521cbe9a49785638df3f1b76648d7a3ac168d09f88524
3d247f6228bc6e36811661d3fd25f854ec724e36b19c54fb7342977527bdbae9
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
52ee72850a3be248a292f14b94b2a74ea03ca88ec48d545c68ef0c9de52e6913
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5f098cc81c5973a52a66ceaee7392039dc9ec536ea13d9ebc4092e516a8addc3
67faa426ce847e25aec107a21aaaa1d7db3c8ba7e9d82f0e868f2208fba1cba7
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
80aba6fdeb70a4ef87ebaf3244010da4408206845805f7e1911522202e8e4b98
86321659b430d61d1c232e225e927b7f052fa61669e5afc15044f75740d04429
8acee54f6a0177511da9094fe528e7a359d5acc11e062cd7d370be3051ecd961
8ea98b82eb62795846fed9452c40531d668dd519e29633c196905d6f5af8d846
8ef989fb4fbbbd10967fe7495d8bc8a3911f2674e06987a5ae7bd858936108b0
93fe3a43068e2c7a8d967bec1aa7d6decb8d84cf3c88a14d62c1877426e9c0f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c25883729820f77afa7a22983ad0cce630250d2d2473e9b5f834b0d38ebbb22
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
adac714f8213eb3cf6cf2733b39a69ff3ecae2028c5bda037dc21d58db9ea89a
b0e1816850e3642cce276f3081818763916a2649d5d05999e6821b4e4587c302
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
c0fc4d52bd5a04f47b6d26363e771b2d819496c81b59dd324c56dabdbd02edab
c1773172d72f2b5f5bae361aec17e2f5aa1a6b46d21e0833bd373726de81a594
d41624e9721619a0dbe00d0fd9c0175a8f97c484aab61117db7246f69b7de9ba
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d62f6500da447d46fecfdc2c044c313854564fa819c30d33823e2d1a06158d
eab92c36e6b7771a9c60d55d69380aa85f7f09a39d777e20a02cfda49c6b0a79
ebe556b0beae81b7add35294a229dbadcec12bc0848f239dac25917bd5db3b6f
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f30562da8852fcab87f2b7f66e27aaa78fde24fc02435af82380830f802e1c28
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f5124d0ce9aae8570822f725c506b8f5642ef170243d85de4efa98d9c9ac9c7a
f7759eb89a570e8148d3325ffdf0e6a73d9241a7f9d232bd8814655709820e48
f8e8d2ce0797ab983bb4748d6f627393cb3d151d5eec2ffb6410541a07ce84e0

www.mediabrains.com Open in urlscan Pro 52.224.80.207 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

94 %HTTPS

65 %IPv6

13 Domains

21 Subdomains

20 IPs

3 Countries

1989 kBTransfer

5145 kBSize

14 Cookies

8 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mediabrains.com Open in urlscan Pro
52.224.80.207 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

94 %
HTTPS

65 %
IPv6

13
Domains

21
Subdomains

20
IPs

3
Countries

1989 kB
Transfer

5145 kB
Size

14
Cookies

53 HTTP transactions
3 data transactions