ambr.company Open in urlscan Pro
54.158.45.35  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6145657&time=1702464198609&url=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F%3Futm_source%3Dinstantly%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3D1811wellbeingeurope HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6145657&time=1702464198609&url=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F%3Futm_source%3Dinstantly%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3D1811wellbeingeurope&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D6145657%26time%3D1702464198609%26url%3Dhttps%253A%252F%252Fambr.company%252Fmr-yum-casestudy%252F%253Futm_source%253Dinstantly%2526amp%253Butm_medium%253Demail%2526amp%253Butm_campaign%253D1811wellbeingeurope%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6145657&time=1702464198609&url=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F%3Futm_source%3Dinstantly%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3D1811wellbeingeurope&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6145657&time=1702464198609&url=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F%3Futm_source%3Dinstantly%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3D1811wellbeingeurope&cookiesTest=true&liSync=true&e_ipv6=AQKoQKnU5gOxiQAAAYxixhlwpLQDY8OOjxxkf3vYXsJVmA6nENHQwHK8KBln71GokhzNdotHxsSI

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ambr.company/mr-yum-casestudy/	80 KB 17 KB	588ms 341ms	Document text/html	54.158.45.35 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ambr.company/mr-yum-casestudy/?utm_source=instantly&utm_medium=email&utm_campaign=1811wellbeingeurope Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.158.45.35 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-158-45-35.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 9cb21c741d6dac847b1618f2339040bc0399eb91f52eb3f7bbcdee50ca5b6f5d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control max-age=600 max-age=600 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Wed, 13 Dec 2023 10:43:18 GMT Expires Wed, 13 Dec 2023 10:53:18 GMT Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Vary Authorization, Origin X-Cache-Status MISS X-Frame-Options SAMEORIGIN
GET H2	200	main.c33a2173cace.css dvzvtsvyecfyp.cloudfront.net/static/css/	454 KB 43 KB	88ms 16ms	Stylesheet text/css	2600:9000:2447:f600:18:c518:7440:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dvzvtsvyecfyp.cloudfront.net/static/css/main.c33a2173cace.css Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&utm_medium=email&utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2447:f600:18:c518:7440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash f815d37baf19b152f8dc67d4f5246ddfd4f750e7561f39291d9105caaae6808e Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:59:06 GMT content-encoding br via 1.1 ddcfcdf22c7ea27fb2a066c5c7d99ad2.cloudfront.net (CloudFront) last-modified Thu, 07 Dec 2023 11:25:43 GMT server nginx x-amz-cf-pop AMS58-P5 age 513852 etag "6571abb7-71911" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css; charset="utf-8" access-control-allow-origin * cache-control max-age=31536000, public content-length 43940 x-amz-cf-id yYqE_JZqENwhuPUnKoi3vFGnoTwH_sY_g5BYnN9E891Azao6qpMRBA==
GET H2	200	main.1757fd30ba63.js Show response dvzvtsvyecfyp.cloudfront.net/static/js/	279 KB 74 KB	103ms 31ms	Script application/javascript	2600:9000:2447:f600:18:c518:7440:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dvzvtsvyecfyp.cloudfront.net/static/js/main.1757fd30ba63.js Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&utm_medium=email&utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2447:f600:18:c518:7440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 0e567c9ef6feab56860e06b28330f069504dfedf583dea9f6c62565cd0d8e228 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:59:06 GMT content-encoding br via 1.1 ddcfcdf22c7ea27fb2a066c5c7d99ad2.cloudfront.net (CloudFront) last-modified Thu, 07 Dec 2023 11:25:42 GMT server nginx x-amz-cf-pop AMS58-P5 age 513852 etag "6571abb6-45c75" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset="utf-8" access-control-allow-origin * cache-control max-age=31536000, public content-length 75065 x-amz-cf-id GFUgJZO0COuFx-tFx0VdXV5lOvHW0ectxzgfKHzUyotQO85VSF6GsQ==
GET H2	200	css fonts.googleapis.com/	2 KB 849 B	62ms 24ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Jost:700|Jost:400,700&display=swap Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bb38fd9b4428fb343ee4ffe205223fb1c0aa183c7a3909545937eb6c9710003a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 13 Dec 2023 10:43:18 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 13 Dec 2023 10:43:18 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 13 Dec 2023 10:43:18 GMT
GET H2	200	26303665.js Show response js-eu1.hs-scripts.com/	2 KB 1 KB	159ms 45ms	Script application/javascript	172.65.208.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-scripts.com/26303665.js Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73b4ae93664626ec9878fc4a0246c1606c94a52c3de708c45fd8d84ff6aca188 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 889a7b80-7c0f-422a-a0c6-8d79d8ed86b2 x-envoy-upstream-service-time 5 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 889a7b80-7c0f-422a-a0c6-8d79d8ed86b2 last-modified Wed, 13 Dec 2023 10:41:34 GMT server cloudflare x-trace 2B900A48D9AAC5D9230AC3BCE7EFAE99DEDF5B371B000000000000000000 vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://ambr.company x-evy-trace-virtual-host all cache-control public, max-age=30 access-control-allow-credentials true x-evy-trace-served-by-pod fra04/hubapi-td/envoy-proxy-6f6888945b-6vhqs cf-ray 834d9af92dd74d67-FRA
GET H2	200	js Show response www.googletagmanager.com/gtag/	327 KB 107 KB	151ms 42ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-11387995046 Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fe491e0315d0eb22fcd0f1149370126bb1ebf1b99a035fd6d5046912cc5e2f95 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 109265 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 13 Dec 2023 10:43:18 GMT
GET H2	200	ambrgradientlogo.png unicorn-cdn.b-cdn.net/e9bd57de-a14a-4499-9320-bc46ae85f19b/	8 KB 8 KB	56ms 18ms	Image image/webp	2400:52e0:1e00::722:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://unicorn-cdn.b-cdn.net/e9bd57de-a14a-4499-9320-bc46ae85f19b/ambrgradientlogo.png Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-722 / Resource Hash 5036daf2e742db0d0f117eba858c8df6a511f2d0e3311b9727d2fa71067c6380 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT x-downloadsize 15656 cdn-edgestorageid 1078 x-bo-processingtime 0 cdn-cachedat 11/18/2023 18:22:10 cdn-pullzone 1024597 content-length 8118 x-bo-server DE-268 last-modified Sat, 18 Nov 2023 18:22:10 GMT server BunnyCDN-DE1-722 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 29 content-type image/webp cdn-cache HIT cdn-uid ac01cb10-85f6-45b7-9a7b-60b70d5d369f cache-control public, max-age=31919000 x-bo-compressionratio 48.15% cdn-requestid df5cce4db81b46f572bce60f20845a89 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	131ms 25ms	Script text/javascript	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 93374f454f6b3e1baa9c51475f0667ec072cd9bd1c3c8b23c30dcd877e4c3e8f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Wed, 13 Dec 2023 10:43:18 GMT
GET H2	200	hotjar-2839593.js Show response static.hotjar.com/c/	9 KB 4 KB	176ms 67ms	Script application/javascript	65.9.95.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2839593.js?sv=6 Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-121.prg50.r.cloudfront.net Software / Resource Hash 4ab70faceab5512f58dfa84932469ea01711e773c4bc6ff27629aaaf22e26cb5 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 etag W/662e051f75f7987afd1682d7861e3488 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id jomgZqZH87KNSxZvQBcGd_yL8W_F_PxHwVXudShIz4JIHx8D_FC75A==
GET H/1.1	200 OK	gr.js Show response app.getreditus.com/	9 KB 4 KB	153ms 42ms	Script application/javascript	54.73.26.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.getreditus.com/gr.js?_ce=90 Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-73-26-109.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash 7613ce8548bec1cfcfa01978f85e7304fdad27e85ea81991f97f409bc5a20679 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Wed, 13 Dec 2023 10:43:18 GMT Content-Encoding gzip Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702464198&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=hZsNBVzX3keuSIIuSmOq1sqUsMYOQaqOFGM%2BdBhjLSw%3D"}]} Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1702464198&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=hZsNBVzX3keuSIIuSmOq1sqUsMYOQaqOFGM%2BdBhjLSw%3D
GET H2	200	gtm.js Show response www.googletagmanager.com/	113 KB 44 KB	133ms 25ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KX3GMKJ Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 18b7bc978c30495a9885ec59d99a5e3fa6279f6ccf6d72b9ee57b2986b515952 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44456 x-xss-protection 0 last-modified Wed, 13 Dec 2023 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 13 Dec 2023 10:43:18 GMT
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/0GT3VzowJR7prJp6zd14AUXGRVGY2x5e/	108 KB 29 KB	117ms 11ms	Script text/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/0GT3VzowJR7prJp6zd14AUXGRVGY2x5e/analytics.min.js Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash fceaddf2daf0e42465882a372def9ddf76e16e4d308f1cb018ef21e91acad468 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-amz-version-id qvaBl2BZawekJaTqMZvrT5nt9ZKSY26d content-encoding br via 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront) date Wed, 13 Dec 2023 10:41:35 GMT x-amz-cf-pop FRA6-C1 age 103 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 04 Dec 2023 23:59:22 GMT server AmazonS3 etag W/"98124c7ebd3c8c8e0da95087e364e34d" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=120 vary Accept-Encoding x-amz-cf-id W0m6MNIVPYT0oESUQz8lzxEZEZImJRlWst433hIAFn7Z0BNsRxA4Sg==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	114ms 10ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 13 Dec 2023 10:43:18 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug nsJkYe6haVuIQQkQ6lp7c85eWhmufChfh8oVgYX5/0HFVhAHhMRTk/EdNzJBiif40UYlnrQrupmtXxGDlelX3g== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	stat.js Show response www.clickcease.com/monitor/	142 KB 43 KB	130ms 26ms	Script application/javascript	2600:9000:2127:5800:15:a0d3:77c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.clickcease.com/monitor/stat.js Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:5800:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-amz-version-id Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y content-encoding gzip via 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront) date Wed, 13 Dec 2023 10:43:18 GMT x-content-type-options nosniff content-security-policy frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests; x-amz-cf-pop PRG50-C1 age 13 x-amz-server-side-encryption AES256 strict-transport-security max-age=31536000; includeSubDomains x-cache Hit from cloudfront referrer-policy no-referrer-when-downgrade last-modified Tue, 12 Sep 2023 09:05:15 GMT server AmazonS3 etag W/"e112b8bf96f23bc2970347a3c98e37fc" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript permissions-policy microphone 'none'; camera 'none'; x-amz-cf-id 37O1v5iHMyA8Iy9d7poulqvKR-4JEvBLMHGiNidp1N2foVljaMoKKQ==
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	1 KB 807 B	111ms 9ms	Script application/javascript	2a02:26f0:480:f::213:7edd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 9d59318dbc0445735297ba2e769e2bc60358a0abfafe66f503ddc0a09610c28b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 11 Dec 2023 09:10:47 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=25617 accept-ranges bytes content-length 597
GET H2	200	/ unicorn-cdn.b-cdn.net/e32d1ed4-24b0-4362-9122-5ddbe521e1f7/	138 KB 139 KB	18ms 17ms	Image image/jpeg	2400:52e0:1e00::722:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://unicorn-cdn.b-cdn.net/e32d1ed4-24b0-4362-9122-5ddbe521e1f7/ Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-722 / Resource Hash 760fb46cf51d1685f0fd69a9720cb9125597e1e0fc091e21ac167f6793bebb33 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT cdn-edgestorageid 1054 x-amz-storage-class INTELLIGENT_TIERING cdn-cachedat 12/11/2023 08:08:38 cdn-pullzone 1024597 x-image-height 1305 content-disposition inline; filename=glenn-carstens-peters-npxXWgQ33ZQ-unsplash.jpg content-length 141660 x-image-width 1961 last-modified Mon, 06 Mar 2023 13:12:56 GMT server BunnyCDN-DE1-722 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "c998970b39372c9e1930f7678dc44a73" access-control-allow-methods HEAD, GET, OPTIONS content-type image/jpeg access-control-allow-origin * cdn-cache HIT cdn-uid ac01cb10-85f6-45b7-9a7b-60b70d5d369f cache-control public, max-age=31919000 cdn-requestid 54cabd4ecd2f9945145308359077697b accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	92zatBhPNqw73oTd4g.woff2 fonts.gstatic.com/s/jost/v15/	26 KB 27 KB	123ms 25ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/jost/v15/92zatBhPNqw73oTd4g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Jost:700|Jost:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ambr.company accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 19:01:25 GMT x-content-type-options nosniff age 142913 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26620 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:39:33 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 10 Dec 2024 19:01:25 GMT
GET H2	200	mr-yum.png unicorn-cdn.b-cdn.net/c15d0e60-e8ac-448b-916b-5308bc64b548/	7 KB 7 KB	29ms 28ms	Image image/webp	2400:52e0:1e00::722:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://unicorn-cdn.b-cdn.net/c15d0e60-e8ac-448b-916b-5308bc64b548/mr-yum.png Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-722 / Resource Hash c8c7a7c9e853acdd2680ecb4c5b3514c556a905042118229c660027f304433bf Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT x-downloadsize 39313 cdn-edgestorageid 1054 x-bo-processingtime 3 cdn-cachedat 12/11/2023 08:08:38 cdn-pullzone 1024597 content-length 6896 x-bo-server DE-139 last-modified Mon, 11 Dec 2023 08:08:38 GMT server BunnyCDN-DE1-722 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 147 content-type image/webp cdn-cache HIT cdn-uid ac01cb10-85f6-45b7-9a7b-60b70d5d369f cache-control public, max-age=31919000 x-bo-compressionratio 82.46% cdn-requestid cba6523c0814c83973ce98b79f20a8b2 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	1f4ca.svg dvzvtsvyecfyp.cloudfront.net/static/img/twemoji/	872 B 778 B	15ms 14ms	Image image/svg+xml	2600:9000:2447:f600:18:c518:7440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dvzvtsvyecfyp.cloudfront.net/static/img/twemoji/1f4ca.svg Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2447:f600:18:c518:7440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 0d2b3df370bc26eeaba561ec30a4360b71558bd669f86fb1d1db286fe1a0ea39 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 09:10:44 GMT content-encoding gzip via 1.1 ddcfcdf22c7ea27fb2a066c5c7d99ad2.cloudfront.net (CloudFront) last-modified Thu, 07 Dec 2023 11:25:42 GMT server nginx x-amz-cf-pop AMS58-P5 age 437554 etag "6571abb6-368" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, public content-length 392 x-amz-cf-id Vl6vVf4h7HVEPyw1Pd5Y5w6fh3l-KCfBl3K9SUDaABewTTR5miGNhg==
GET H2	200	1f50e.svg dvzvtsvyecfyp.cloudfront.net/static/img/twemoji/	453 B 623 B	16ms 15ms	Image image/svg+xml	2600:9000:2447:f600:18:c518:7440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dvzvtsvyecfyp.cloudfront.net/static/img/twemoji/1f50e.svg Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2447:f600:18:c518:7440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 046dfa6a2f728366e86475c43a060898ffcd1fa9ac954c16ce792347dbb76532 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 13:05:08 GMT content-encoding br via 1.1 ddcfcdf22c7ea27fb2a066c5c7d99ad2.cloudfront.net (CloudFront) last-modified Thu, 07 Dec 2023 11:25:42 GMT server nginx x-amz-cf-pop AMS58-P5 age 509890 etag "6571abb6-1c5" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, public content-length 238 x-amz-cf-id qL9DOW0pqzy5TWpCVLCK4fP6G8BMtVom3ZvE7QK1-y7pPiwSlSFdlw==
GET H2	200	1f4a0.svg dvzvtsvyecfyp.cloudfront.net/static/img/twemoji/	1 KB 781 B	17ms 16ms	Image image/svg+xml	2600:9000:2447:f600:18:c518:7440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dvzvtsvyecfyp.cloudfront.net/static/img/twemoji/1f4a0.svg Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2447:f600:18:c518:7440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 6c9744675712855ebe41229a8da55da071ea697355b88c3a3c82960aa300d92b Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:59:47 GMT content-encoding br via 1.1 ddcfcdf22c7ea27fb2a066c5c7d99ad2.cloudfront.net (CloudFront) last-modified Thu, 07 Dec 2023 11:25:42 GMT server nginx x-amz-cf-pop AMS58-P5 age 513811 etag "6571abb6-506" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, public content-length 396 x-amz-cf-id ODgZEKgrmdbl5PTOpmoWOj5NeeWG1L-GZ2eOpOHU4BrIUlxcfllXOw==
GET H2	200	laura-headshot.png unicorn-cdn.b-cdn.net/058b3dc3-5dc1-42a1-a867-5a4a75bccdbb/	2 KB 2 KB	28ms 28ms	Image image/webp	2400:52e0:1e00::722:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://unicorn-cdn.b-cdn.net/058b3dc3-5dc1-42a1-a867-5a4a75bccdbb/laura-headshot.png?width=50&height=50 Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-722 / Resource Hash 86a28c6e60ef44aaa696dce65d2702655748868507432164c894bde4b1e48773 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT x-downloadsize 44828 cdn-edgestorageid 755 x-bo-processingtime 2 cdn-cachedat 12/11/2023 08:08:39 cdn-pullzone 1024597 content-length 1604 x-bo-server DE-95 last-modified Mon, 11 Dec 2023 08:08:38 GMT server BunnyCDN-DE1-722 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 340 content-type image/webp cdn-cache HIT cdn-uid ac01cb10-85f6-45b7-9a7b-60b70d5d369f cache-control public, max-age=31919000 x-bo-compressionratio 96.42% cdn-requestid dee890236bfd15456525bbe779bc7558 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	1f64c.svg dvzvtsvyecfyp.cloudfront.net/static/img/twemoji/	2 KB 1 KB	18ms 17ms	Image image/svg+xml	2600:9000:2447:f600:18:c518:7440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dvzvtsvyecfyp.cloudfront.net/static/img/twemoji/1f64c.svg Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2447:f600:18:c518:7440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 66adec66d144eb8eefb3c16e7e672246462dbf9686524d9ff4c3ff56306269ac Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:59:43 GMT content-encoding br via 1.1 ddcfcdf22c7ea27fb2a066c5c7d99ad2.cloudfront.net (CloudFront) last-modified Thu, 07 Dec 2023 11:25:42 GMT server nginx x-amz-cf-pop AMS58-P5 age 513815 etag "6571abb6-7eb" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, public content-length 774 x-amz-cf-id Y6_I2d1Ivhot119WJ-I2yZe-LyA6c1YjfHhvolIr3zUfpIZh3WFZfA==
GET H2	200	insight.old.min.js Show response snap.licdn.com/li.lms-analytics/	31 KB 12 KB	10ms 10ms	Script application/javascript	2a02:26f0:480:f::213:7edd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.old.min.js Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 04 Dec 2023 13:47:15 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=20039 accept-ranges bytes content-length 12150
GET H2	200	settings Show response cdn.segment.com/v1/projects/0GT3VzowJR7prJp6zd14AUXGRVGY2x5e/	546 B 1 KB	36ms 8ms	Fetch application/json	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/v1/projects/0GT3VzowJR7prJp6zd14AUXGRVGY2x5e/settings Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/0GT3VzowJR7prJp6zd14AUXGRVGY2x5e/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash bbe51231b115fb6417aad5ff4697a19ca77bd789941e15b0993bbbf5166a6eca Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 08:20:12 GMT x-amz-version-id viaWCN153uYmqVmAHmW2dojeMChaUlbw via 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 8587 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 546 last-modified Tue, 04 Jul 2023 07:47:11 GMT server AmazonS3 etag "133f23105e83de9d3ec17318e2363ec9" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=10800 accept-ranges bytes x-amz-cf-id nRyYnjLJVA3aixGj69OpP5g5vjUyymHVc_aFfasSdXYF-Mdr51rGhQ==
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6145657&time=1702464198609&url=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F%3Futm_source%3Dinstantly%26amp%3Butm_medium%3Demail%26amp%3Butm_ca... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6145657&time=1702464198609&url=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F%3Futm_source%3Dinstantly%26amp%3Butm_medium%3Demail%26amp%3Butm_ca... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D6145657%26time%3D1702464198609%26url%3Dhttps%253A%252F%252Fambr.company%252Fmr-yu... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6145657&time=1702464198609&url=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F%3Futm_source%3Dinstantly%26amp%3Butm_medium%3Demail%26amp%3Butm_ca... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6145657&time=1702464198609&url=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F%3Futm_source%3Dinstantly%26amp%3Butm_medium%3Demail%26amp%3Butm_c...	0 266 B	163ms 118ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6145657&time=1702464198609&url=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F%3Futm_source%3Dinstantly%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3D1811wellbeingeurope&cookiesTest=true&liSync=true&e_ipv6=AQKoQKnU5gOxiQAAAYxixhlwpLQDY8OOjxxkf3vYXsJVmA6nENHQwHK8KBln71GokhzNdotHxsSI Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: DFC530ED06224D00B2CAC8454A6FF228 Ref B: AMS04EDGE1721 Ref C: 2023-12-13T10:43:19Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAYMYdXVoC42OyjXHd67VA== Redirect headers date Wed, 13 Dec 2023 10:43:18 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 805CB98F29B34B9D80AE7B3E7E4C1BAB Ref B: FRAEDGE1710 Ref C: 2023-12-13T10:43:18Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6145657&time=1702464198609&url=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F%3Futm_source%3Dinstantly%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3D1811wellbeingeurope&cookiesTest=true&liSync=true&e_ipv6=AQKoQKnU5gOxiQAAAYxixhlwpLQDY8OOjxxkf3vYXsJVmA6nENHQwHK8KBln71GokhzNdotHxsSI x-li-proto http/2 content-length 0 x-li-uuid AAYMYdXTRceIwZPzwCWOVQ==
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/	504 KB 202 KB	49ms 13ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ambr.company/ Origin https://ambr.company accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 12 Dec 2023 10:38:51 GMT content-encoding gzip x-content-type-options nosniff age 86667 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 206640 x-xss-protection 0 last-modified Mon, 04 Dec 2023 17:08:31 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 11 Dec 2024 10:38:51 GMT
GET H2	200	3742356216051018 Show response connect.facebook.net/signals/config/	142 KB 36 KB	74ms 70ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/3742356216051018?v=2.9.138&r=stable&domain=ambr.company Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c8b5cd3762ec3b876a2ffea493fb448393c980fbd1b23c6265a13fbd4e8aa7c6 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 13 Dec 2023 10:43:18 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug 8euIBnjTIK/2Bw7T42cx/45po++wm9VB+ys7w7FMxErPe9sq3BoD2yjuwtjkif7satL2dsGP/+B+h70DvtTdJQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	26303665.js Show response js-eu1.hs-analytics.net/analytics/1702464000000/	66 KB 21 KB	100ms 57ms	Script text/javascript	172.65.238.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-analytics.net/analytics/1702464000000/26303665.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/26303665.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21c3f91be06586f84a77a148d87c29d23268ef01455a5224b2b090d98d9f8d95 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT content-encoding br cf-cache-status MISS x-amz-request-id 1CEF8RNWR65VGHP1 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 57056603-8ba1-4c72-91ae-cdc1f906cd32 x-envoy-upstream-service-time 17 x-amz-id-2 JmR7EuYpzQvV+KDQQslNOFxpzsvp1rDnwIHfiSFtEJtHNOfnfXKSy7W6ziBaucQxbe1fag00Tt4= x-evy-trace-listener listener_https x-request-id 57056603-8ba1-4c72-91ae-cdc1f906cd32 x-evy-trace-route-configuration listener_https/all last-modified Wed, 15 Nov 2023 17:26:24 GMT server cloudflare etag W/"b7a7dbb11eba9ebf9efafdd8c1ad12ed" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/analytics-js-proxy-td/envoy-proxy-86f67f8584-7lprz cache-control max-age=300,public access-control-allow-credentials false cf-ray 834d9af9dfe130ed-FRA expires Wed, 13 Dec 2023 10:48:18 GMT
GET H2	200	collectedforms.js Show response js-eu1.hscollectedforms.net/	69 KB 25 KB	74ms 31ms	Script application/javascript	172.65.192.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hscollectedforms.net/collectedforms.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/26303665.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ad17c7d661733bbf1cfe9bc6e85033bfed43c87c94cb72ba02f484adf1593c0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://ambr.company/ Origin https://ambr.company accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT x-amz-version-id qOShuUL.zI.RMIWwukZE0taADNX_1wuf via 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status EXPIRED x-amz-cf-pop FRA56-P2 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id c18e2d33-3617-4c05-8a87-30fdb40c4a26 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.444/bundles/project.js&cfRay=834d9af9d9920487-FRA x-cache Hit from cloudfront cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod content-encoding br x-envoy-upstream-service-time 7 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id c18e2d33-3617-4c05-8a87-30fdb40c4a26 last-modified Mon, 04 Dec 2023 12:10:50 UTC server cloudflare etag W/"109b7665e389a0b17fbf732bf7a02089" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all x-hs-cache-status HIT cache-control s-maxage=600, max-age=300 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-695bcd6f7f-bbx95 cf-ray 834d9af9d9920487-FRA x-amz-cf-id l7OIdQdBVszLRjT4jUknlxKmf02HTawLD9pZaGScwbaMhYa-NTJjIg== x-hs-target-asset collected-forms-embed-js/static-1.444/bundles/project.js
GET H2	200	banner.js Show response js-eu1.hs-banner.com/v2/26303665/	66 KB 20 KB	79ms 41ms	Script text/javascript	172.65.202.201 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-banner.com/v2/26303665/banner.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/26303665.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b6d9a2889c4fad94acc48cb6b37e118fd63ce5e0ea8a9a775617c2059a3a209e Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT x-amz-version-id 4zsBWPpvLYpJYW3X_Ut2aBnK09UYp5u2 content-encoding br cf-cache-status REVALIDATED x-amz-request-id 7ME8RMX4BK0234PH x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 73e976c2-73bf-4f80-87c3-ef96e9829690 x-envoy-upstream-service-time 42 x-amz-id-2 2jBntYeW293IYlLafRJfwU4IHYkcbdghxM032Di1dFww89ZV4YSO4F6N25vqQasiEBDhEvArwTI= x-evy-trace-listener listener_https x-request-id 73e976c2-73bf-4f80-87c3-ef96e9829690 x-evy-trace-route-configuration listener_https/all last-modified Wed, 18 Oct 2023 17:41:21 GMT server cloudflare etag W/"f1219a9e942ebc4ef401bdb06851249d" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://ambr.company x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod fra04/analytics-js-proxy-td/envoy-proxy-54d97ddf9c-srs49 vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 834d9af9da9b9189-FRA expires Wed, 13 Dec 2023 10:48:18 GMT
GET H2	200	fb.js Show response js-eu1.hsadspixel.net/	6 KB 4 KB	54ms 20ms	Script application/javascript	172.65.219.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hsadspixel.net/fb.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/26303665.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df998f2ab79818d229edfab989eb187dd3d94f0f40377fde4f5f97e08b691ecf Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT x-amz-version-id XlFw32Cnxu8ZjnNH.SH7ungVy3g8LtQG via 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT x-amz-cf-pop FRA56-P2 age 332 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.501/bundles/pixels-release.js&cfRay=834d92da8c621959-FRA x-cache Hit from cloudfront x-hubspot-correlation-id 549589a9-43d0-477b-bbaa-99ad4ca54b9c cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod content-encoding br x-envoy-upstream-service-time 3 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 549589a9-43d0-477b-bbaa-99ad4ca54b9c last-modified Mon, 04 Dec 2023 14:19:28 UTC server cloudflare etag W/"ed930579444c6c7c0292363361667508" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status MISS x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-695bcd6f7f-vfprp cf-ray 834d9af9d9373a61-FRA x-amz-cf-id 7vFOxTs7s_kIqZ-zQsr3fVG9BS4yh5_tKnCLtHHyXALXAmyLXv6ZjA== x-hs-target-asset adsscriptloaderstatic/static-1.501/bundles/pixels-release.js
GET H2	200	js Show response www.googletagmanager.com/gtag/	321 KB 105 KB	33ms 33ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-11387995046&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KX3GMKJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fb99b4985d60481737eae03bb3c7e9429fcba16c06453a88be5abe14398f223c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 107061 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 13 Dec 2023 10:43:18 GMT
GET H2	200	modules.3a21fc8f657f3b8e388d.js Show response script.hotjar.com/	219 KB 55 KB	65ms 16ms	Script application/javascript	18.65.39.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.3a21fc8f657f3b8e388d.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2839593.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-37.ams1.r.cloudfront.net Software / Resource Hash 6ada98a3a91822b5e0f1a0523c302abcb41a512142e6cf92f61e598db9095961 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 12 Dec 2023 10:19:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 490623df85c571a18ba7da1511cc969e.cloudfront.net (CloudFront) x-amz-cf-pop AMS1-P1 age 87852 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55538 last-modified Tue, 12 Dec 2023 10:18:14 GMT etag "17ef78973b50641a4ae2770942cf511c" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id wBdaRgSbGq7KTDn8OWUIsPlGLmnNfcuTUOj88iUx3lXSFdpbkCOpTA==
POST H2	200	p Show response api.segment.io/v1/	21 B 172 B	554ms 181ms	Fetch application/json	35.155.246.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/p Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/0GT3VzowJR7prJp6zd14AUXGRVGY2x5e/analytics.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.155.246.37 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-155-246-37.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ambr.company/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ambr.company date Wed, 13 Dec 2023 10:43:19 GMT strict-transport-security max-age=31536000 content-length 21 vary Origin content-type application/json
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11387995046/	3 KB 2 KB	89ms 54ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11387995046/?random=1702464198690&cv=11&fst=1702464198690&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9169402836&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F%3Futm_source%3Dinstantly%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3D1811wellbeingeurope&hn=www.googleadservices.com&frm=0&tiba=How%20Mr%20Yum%20used%20Ambr%20to%20increase%20psychological%20safety&auid=501727377.1702464199&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-11387995046 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 232ca2880791a90771bfbbea4f92b6fe25dbaf26be1f5f1f65ad79eac7f8c76d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Wed, 13 Dec 2023 10:43:18 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1349 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 252 B	54ms 17ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-LEQV1D8NHF&gtm=45be3bt0v9169402836&_p=1702464198473&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1601953951.1702464199&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702464198&sct=1&seg=0&dl=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F%3Futm_source%3Dinstantly%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3D1811wellbeingeurope&dt=How%20Mr%20Yum%20used%20Ambr%20to%20increase%20psychological%20safety&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=935 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-11387995046 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Wed, 13 Dec 2023 10:43:18 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ambr.company cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 252 B	63ms 19ms	Ping text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LEQV1D8NHF&cid=1601953951.1702464199&gtm=45be3bt0v9169402836&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-11387995046 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Wed, 13 Dec 2023 10:43:18 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ambr.company cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	76ms 39ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LEQV1D8NHF&cid=1601953951.1702464199&gtm=45be3bt0v9169402836&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2112415870 Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Wed, 13 Dec 2023 10:43:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 92F2	41 KB 26 KB	39ms 39ms	Document text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOdP8hAAAAACzFafxohGt9k1x-r0wRt_jlNpPD&co=aHR0cHM6Ly9hbWJyLmNvbXBhbnk6NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=lxkm7njxxmiy Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 5fb260c1ea4c5b22a0f12e99b143a9b239e120196fced68228f58f11e493ef4d Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce--n2bvaYqivzEHj-ZVBe0wQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ambr.company/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce--n2bvaYqivzEHj-ZVBe0wQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 13 Dec 2023 10:43:18 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	/ www.facebook.com/tr/	0 185 B	27ms 8ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=3742356216051018&ev=PageView&dl=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F%3Futm_source%3Dinstantly%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3D1811wellbeingeurope&rl=&if=false&ts=1702464198732&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702464198730.183690291&cs_est=true&ler=empty&it=1702464198625&coo=false&rqm=GET Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 13 Dec 2023 10:43:18 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	json Show response forms-eu1.hscollectedforms.net/collected-forms/v1/config/	116 B 429 B	35ms 24ms	XHR application/json	172.65.192.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=26303665&utk= Requested by Host: js-eu1.hscollectedforms.net URL: https://js-eu1.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a54bf18ce85ee938442fa2b72621d9c8b9ade0a5a8b0648a74cb321daedd53d Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json, text/plain, */* Referer https://ambr.company/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id dd41e11a-6095-4608-97f2-45a31ad28ae9 x-envoy-upstream-service-time 7 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id dd41e11a-6095-4608-97f2-45a31ad28ae9 server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://ambr.company x-evy-trace-virtual-host all cache-control max-age=0 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-695bcd6f7f-vfprp access-control-max-age 180 x-robots-tag none access-control-allow-headers * cf-ray 834d9afa4a3c0487-FRA
GET H2	200	json Show response api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/	117 B 1 KB	51ms 31ms	XHR application/json	2a06:98c1:3200::90:1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=26303665 Requested by Host: js-eu1.hsadspixel.net URL: https://js-eu1.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3200::90:1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7671ca06049f8ca08ede0b61b5d70396106bfc3c85cfafa79d8fb64288053a15 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 955187ce-2d84-4ab4-90e6-2fbbb77b9d42 content-encoding br x-envoy-upstream-service-time 10 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 955187ce-2d84-4ab4-90e6-2fbbb77b9d42 server cloudflare x-trace 2B2FFC5DE3CDABC7779209C31807E7AA918D8008CC000000000000000000 vary origin access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://ambr.company x-evy-trace-virtual-host all access-control-max-age 180 access-control-allow-credentials false x-evy-trace-served-by-pod fra04/hubapi-td/envoy-proxy-6f6888945b-hpfkd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1iJBSyeTlFK1ItzatidkZQQziTD0GkFhyWHJ9GPWle2rjwJhPJncg3gqBV%2BFelqz39QahRTdA04IThNvZqlkCHOR8A%2FlMi6e2C0a6Cbazt4Gm1IdHk1rn7QriOjwi8h%2BDgwB%2FbjIUqfVGX1ulDuWA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 834d9afa5fdc9ba6-FRA access-control-allow-headers *
POST H2	200	/ Show response content.hotjar.io/	56 B 161 B	138ms 63ms	XHR application/json	18.203.9.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://content.hotjar.io/?gzip=1 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.3a21fc8f657f3b8e388d.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.9.136 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-203-9-136.eu-west-1.compute.amazonaws.com Software / Resource Hash 1db1892ad77eb1e76826120a7676eba827953f1d26c24d8021242bb79e5db022 Request headers Referer https://ambr.company/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers access-control-allow-origin * date Wed, 13 Dec 2023 10:43:18 GMT content-length 56 vary Origin content-type application/json
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame 92F2	55 KB 24 KB	42ms 14ms	Stylesheet text/css	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOdP8hAAAAACzFafxohGt9k1x-r0wRt_jlNpPD&co=aHR0cHM6Ly9hbWJyLmNvbXBhbnk6NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=lxkm7njxxmiy Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 00:06:25 GMT content-encoding gzip x-content-type-options nosniff age 38213 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 04 Dec 2023 17:08:31 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 12 Dec 2024 00:06:25 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame 92F2	504 KB 202 KB	49ms 20ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOdP8hAAAAACzFafxohGt9k1x-r0wRt_jlNpPD&co=aHR0cHM6Ly9hbWJyLmNvbXBhbnk6NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=lxkm7njxxmiy Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 12 Dec 2023 10:38:51 GMT content-encoding gzip x-content-type-options nosniff age 86667 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 206640 x-xss-protection 0 last-modified Mon, 04 Dec 2023 17:08:31 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 11 Dec 2024 10:38:51 GMT
GET H/1.1	200 OK	counters.gif forms-eu1.hsforms.com/embed/v3/	35 B 1016 B	74ms 30ms	Image image/gif	172.65.232.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1 Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Wed, 13 Dec 2023 10:43:18 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff CF-Cache-Status DYNAMIC x-evy-trace-route-service-name envoyset-translator X-HubSpot-Correlation-Id 4a85a047-14d0-4261-bc05-9747592c1153 x-envoy-upstream-service-time 3 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 4a85a047-14d0-4261-bc05-9747592c1153 Server cloudflare X-Trace 2B5D15132850DA05D765BC4C516695943791CE280D000000000000000000 Vary origin Content-Type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/star-hubspot-td/envoy-proxy-749c979cdb-h6dfx Access-Control-Expose-Headers X-Origin-Hublet Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials false X-Robots-Tag none CF-RAY 834d9afb2e119be0-FRA
GET H3	200	/ www.google.com/pagead/1p-user-list/11387995046/	42 B 64 B	26ms 25ms	Image image/gif	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11387995046/?random=1702464198690&cv=11&fst=1702461600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9169402836&u_w=1600&u_h=1200&url=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F%3Futm_source%3Dinstantly%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3D1811wellbeingeurope&frm=0&tiba=How%20Mr%20Yum%20used%20Ambr%20to%20increase%20psychological%20safety&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_vNB-k6yMo6PneeTWJkAgtgBFUHGeEA&random=1915658354&rmt_tld=0&ipr=y Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Wed, 13 Dec 2023 10:43:18 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/11387995046/	42 B 154 B	26ms 26ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/11387995046/?random=1702464198690&cv=11&fst=1702461600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9169402836&u_w=1600&u_h=1200&url=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F%3Futm_source%3Dinstantly%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3D1811wellbeingeurope&frm=0&tiba=How%20Mr%20Yum%20used%20Ambr%20to%20increase%20psychological%20safety&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_vNB-k6yMo6PneeTWJkAgtgBFUHGeEA&random=1915658354&rmt_tld=1&ipr=y Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Wed, 13 Dec 2023 10:43:18 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js Show response www.google.com/js/bg/ Frame 92F2	17 KB 7 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/bg/SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOdP8hAAAAACzFafxohGt9k1x-r0wRt_jlNpPD&co=aHR0cHM6Ly9hbWJyLmNvbXBhbnk6NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=lxkm7njxxmiy User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 09:53:33 GMT content-encoding br x-content-type-options nosniff age 2985 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6849 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 12 Dec 2024 09:53:33 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 92F2	102 B 134 B	24ms 24ms	Other text/javascript	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOdP8hAAAAACzFafxohGt9k1x-r0wRt_jlNpPD&co=aHR0cHM6Ly9hbWJyLmNvbXBhbnk6NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=lxkm7njxxmiy Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash c7b92a4e3cd9b6ea5422c922f8cba9e12213368ade0cac7fa38328003a55887c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOdP8hAAAAACzFafxohGt9k1x-r0wRt_jlNpPD&co=aHR0cHM6Ly9hbWJyLmNvbXBhbnk6NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=lxkm7njxxmiy User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:18 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Wed, 13 Dec 2023 10:43:18 GMT
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 192 B	106ms 105ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept * Referer https://ambr.company/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 13 Dec 2023 10:43:18 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 433D618DC8EF4E178569471693034477 Ref B: FRAEDGE1710 Ref C: 2023-12-13T10:43:19Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 access-control-allow-origin https://ambr.company x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYMYdXXce6TYDAmixbslA==
GET H2	200	dutnyhkk Show response widget.intercom.io/widget/	7 KB 3 KB	118ms 38ms	Script application/javascript	65.9.95.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.intercom.io/widget/dutnyhkk Requested by Host: ambr.company URL: https://ambr.company/mr-yum-casestudy/?utm_source=instantly&amp;utm_medium=email&amp;utm_campaign=1811wellbeingeurope Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.102 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-102.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 2837dbed50ec44acee90bb0edecec4627a2dd379f24571b285ac964bcba6a640 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-amz-version-id 7bOjyYCwCXoFIuGCdgPsMMx0WB3Jg8Pb content-encoding gzip via 1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront) date Wed, 13 Dec 2023 10:40:46 GMT x-amz-cf-pop PRG50-C1 age 153 x-amz-server-side-encryption AES256 x-cache Error from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2705 last-modified Tue, 12 Dec 2023 14:16:53 GMT server AmazonS3 etag "3f37903311b6b8c526df4ebc3cc39683" vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control max-age=300, s-maxage=300, public accept-ranges bytes x-amz-cf-id X6y1mK7HtU-YRYv61qv0KGyxVv5gqMO9y7gvpajpzDtAMu-UXl7Uhg==
GET H2	200	__ptq.gif track-eu1.hubspot.com/	45 B 1 KB	118ms 42ms	Image image/gif	172.65.240.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=813894649&v=1.1&a=26303665&rcu=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F&pu=https%3A%2F%2Fambr.company%2Fmr-yum-casestudy%2F%3Futm_source%3Dinstantly%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3D1811wellbeingeurope&t=How+Mr+Yum+used+Ambr+to+increase+psychological+safety&cts=1702464199251&vi=e95ecd7d5bac0b74886e786ea97c89ac&nc=true&u=132669649.e95ecd7d5bac0b74886e786ea97c89ac.1702464199249.1702464199249.1702464199249.1&b=132669649.1.1702464199249&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 0550a768-8483-486e-9adf-8af1b914458e p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 7 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 0550a768-8483-486e-9adf-8af1b914458e last-modified Wed, 13 Dec 2023 10:43:19 GMT server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MAAlgGnIWNASaEL1McF3a8W0ExNXQFMwtz5PENWCWPUzNAGk3umECPNSF5I6fAEINDIpt4juxxEBRh91GkV4fbvFYhOLhsNdt28c9NQQmXt4KUXM8RSZOyoocyELHKP49q4DhNxmg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod fra04/analytics-tracking-td/envoy-proxy-5b4646bd79-2p4fw x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false accept-ranges bytes cf-ray 834d9afdc8402c4f-FRA x-robots-tag none
GET H3	200	a www.googletagmanager.com/	0 11 B	22ms 21ms	Image text/html	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?v=3&t=l&pid=1345318456&rv=3bt0&u=AAAAAAAAAAAAACCA&h=Ag&gtm=45be3bt0v9169402836&ccid=169402836&cid=AW-11387995046&l=AW-11387995046.L700.S3.Y1.B27.E572.I727.EC6.TC25.HTC0~gtm.init.S0.V0.E30.TS5ogt1pdatav2.TI12.TE0.TS5ccdadslast.TI14.TE0.TS5ccdadd1pdata.TI15.TE0.TS5ogtconvdef.TI16.TE0.TS5ogtconvdef.TI17.TE0.TS5ccdemform.TI18.TE0.TS5ogtadsdatatos.TI19.TE0.TS5ccdadsfirst.TI20.TE0.TS5ccdgalast.TI21.TE0.TS5ccdautoredact.TI22.TE0.TS5ogteventcreate.TI23.TE0.TS5ccdconversionmarking.TI24.TE0.TS5ccdemvideo.TI25.TE0.TS5ccdemsitesearch.TI26.TE0.TS5ccdemscroll.TI27.TE0.TS5ccdempageview.TI28.TE0.TS5ccdemoutboundclick.TI29.TE0.TS5ccdemform.TI30.TE0.TS5ccdemdownload.TI31.TE0.TS5ccdgaregscope.TI32.TE0.TS5ogtgooglesignals.TI33.TE0.TS5setproductsettings.TI34.TE0.TS5ccdgafirst.TI35.TE0~gtm.js.S0.V0.E22.TS5rep.TI1.TE0.TS5gct.TI9.TE0~*~gtm.dom.S0.V0.E2~gtm.load.S0.V0.E0~gtm.init_consent.S0.V0.E28~AWCT228~GA234 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ambr.company/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 10:43:19 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	frame-modern.6326e7ae.js Show response js.intercomcdn.com/ Frame 9F29	515 KB 143 KB	351ms 287ms	Script application/javascript	65.9.95.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/frame-modern.6326e7ae.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/dutnyhkk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-7.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 8ac54ae50f08cdb9f1a682a8a5aa0f6c7061e14077c8f83d05ae6a766ff8fc51 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-amz-version-id aF9nOe1_XWHAkwHchnRs.fysayU5Vsn8 content-encoding gzip via 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront) date Wed, 13 Dec 2023 09:01:57 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop PRG50-C1 age 6090 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 145409 last-modified Tue, 12 Dec 2023 14:14:01 GMT server AmazonS3 etag "833c922b3e5c6570a931edd711036052" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id 2GKgw7aDkFffc8t74LsUbiozSUdmGwBJ_FsTy6d6tlh3lEfi0udGXQ==
GET H2	200	vendor-modern.689650c5.js Show response js.intercomcdn.com/ Frame 9F29	426 KB 131 KB	89ms 25ms	Script application/javascript	65.9.95.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendor-modern.689650c5.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/dutnyhkk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-7.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash a98b0d22fb50853a6fbb1a665e510a9595d2dae5f86a5774f8f0c2f701955532 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-amz-version-id uL7y6To_lntmIBBuCnYAu5.0.LPkdpQo content-encoding gzip via 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront) date Wed, 13 Dec 2023 09:24:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop PRG50-C1 age 4731 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 133792 last-modified Thu, 07 Dec 2023 15:04:21 GMT server AmazonS3 etag "d0a2ac2a870e5d8e688aada7a9b12be6" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id I2jAmpGy85BzrdPP_lIakNoH_gglkI0LETov5poYNyWfSnUYhyBXoA==
POST H2	200	ping Show response api-iam.intercom.io/messenger/web/ Frame 9F29	5 KB 3 KB	681ms 460ms	XHR application/json	3.88.78.43 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.6326e7ae.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.88.78.43 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-88-78-43.compute-1.amazonaws.com Software nginx / Resource Hash 7f6def81202d8e0ab8c6ee06ecba46083c53ce8ca50ae3323fe10ea6ea4e8b3e Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Wed, 13 Dec 2023 10:43:20 GMT strict-transport-security max-age=31556952; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-ami-version ami-0b6716340a5c11500 status 200 OK x-xss-protection 1; mode=block x-request-id 0006m0vau5ak1a81i4ng x-runtime 0.293505 server nginx etag W/"7f6def81202d8e0ab8c6ee06ecba4608" x-request-queueing 0 vary Accept,Accept-Encoding access-control-allow-methods POST, GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://ambr.company x-intercom-version b81aa96172db7ef16572f3f841bf592038a1e64d cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-frame-options SAMEORIGIN access-control-allow-headers Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA