www.workstepssleep.com Open in urlscan Pro
2606:4700::6812:b46 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://workstepssleep.com/
Effective URL:
https://www.workstepssleep.com/
Submission: On November 07 via api (November 7th 2024, 4:54:19 pm UTC) from BE — Scanned from DE

Summary HTTP 71 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 20 domains to perform 71 HTTP transactions. The main IP is 2606:4700::6812:b46, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.workstepssleep.com.
TLS certificate: Issued by WE1 on October 30th 2024. Valid for: 3 months.

This is the only time www.workstepssleep.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:a46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:b46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	104.18.161.117 104.18.161.117	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	52.222.153.83 52.222.153.83	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
1	18.164.52.95 18.164.52.95	16509 (AMAZON-02) (AMAZON-02)
13	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
1	142.250.185.68 142.250.185.68	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
2	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
1 1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	51.8.71.184 51.8.71.184	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.92.120.28 3.92.120.28	14618 (AMAZON-AES) (AMAZON-AES)
71	23

1 2606:4700::6812:a46 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

workstepssleep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:b46 (United States)

ASN13335 (CLOUDFLARENET, US)

www.workstepssleep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.18.161.117 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.prod.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.153.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-153-83.cdg52.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.52.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-95.cdg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.8.71.184 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.92.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	website-files.com cdn.prod.website-files.com — Cisco Umbrella Rank: 6168	543 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	282 KB
8	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9307	4 KB
4	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 634 a.clarity.ms — Cisco Umbrella Rank: 16947	28 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	345 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1177	67 KB
3	workstepssleep.com 1 redirects workstepssleep.com www.workstepssleep.com	7 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 5653	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	5 KB
2	bing.net bat.bing.net — Cisco Umbrella Rank: 20475	467 B
2	google.de www.google.de — Cisco Umbrella Rank: 11271	174 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	76 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4610	76 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 348	15 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4401
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412 fonts.googleapis.com — Cisco Umbrella Rank: 30	7 KB
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 89	20 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	560 B
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	32 KB
71	20

	Domain	Requested by
16	cdn.prod.website-files.com	www.workstepssleep.com cdn.prod.website-files.com
13	fonts.gstatic.com	fonts.googleapis.com
8	mc.yandex.com	2 redirects www.workstepssleep.com mc.yandex.ru
4	www.googletagmanager.com	www.workstepssleep.com www.googletagmanager.com
2	pi.pardot.com	www.workstepssleep.com pi.pardot.com
2	a.clarity.ms	www.clarity.ms
2	www.facebook.com	www.workstepssleep.com
2	bat.bing.net	bat.bing.com www.workstepssleep.com
2	www.google.de	www.workstepssleep.com
2	www.clarity.ms	www.workstepssleep.com www.clarity.ms
2	connect.facebook.net	www.workstepssleep.com connect.facebook.net
2	mc.yandex.ru	1 redirects www.workstepssleep.com
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	bat.bing.com	www.googletagmanager.com bat.bing.com
2	static.hotjar.com	www.workstepssleep.com www.googletagmanager.com
2	www.workstepssleep.com	www.workstepssleep.com
1	www.googleadservices.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	www.workstepssleep.com
1	ajax.googleapis.com	www.workstepssleep.com
1	workstepssleep.com	1 redirects
71	26

This site contains links to these domains. Also see Links.

Domain
www.worksteps.com
www.google.com
www.branding.studio

Subject Issuer	Validity	Valid
www.workstepssleep.com WE1	`2024-10-30` - `2025-01-28`	3 months	crt.sh
prod.website-files.com WE1	`2024-10-21` - `2025-01-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-10-20` - `2025-04-01`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-16` - `2024-11-14`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.de WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-27` - `2025-04-25`	6 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-05` - `2025-06-04`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.workstepssleep.com/
Frame ID: FD6FFDE5267A9F498276659D529BF708
Requests: 69 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.workstepssleep.com
Frame ID: 3176DDDC5CF24BC766143ACA45AFD4DF
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: F05678047FE54A0D76BC781FB646D342
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DOT Sleep Apnea Test at Home | WorkSTEPS Sleep

Page URL History Show full URLs

https://workstepssleep.com/ HTTP 301
https://www.workstepssleep.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

96 %
HTTPS

52 %
IPv6

20
Domains

26
Subdomains

23
IPs

5
Countries

1510 kB
Transfer

3915 kB
Size

32
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.worksteps.com/

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/WorkSTEPS/@30.215329,-97.719824,15z/data=!4m5!3m4!1s0x0:0xd9562ce9d617f228!8m2!3d30.215329!4d-97.719824
Title: 3019 Alvin Devane Blvd. Suite 115 Austin TX 78741

Search URL Search Domain Scan URL

URL: https://www.branding.studio/
Title: by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://workstepssleep.com/ HTTP 301
https://www.workstepssleep.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://www.googleadservices.com/pagead/conversion/688446132/wcm?cc=ZZ&dn=8774368478&cl=W0tWCLvckLcZELS1o8gC&dma=1&dma_cps=syphamo&npa=1&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774368478&cl=W0tWCLvckLcZELS1o8gC&dma=1&dma_cps=syphamo

Request Chain 60

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10546.7_xjrlRfgOsJUVEADAoddeRg4vWPaOEL5wx1dx4RxClaGvqydYzmDiYvcYHrWurS.cuADKJwviEOyxEgsl3NX8crN1z0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10546.iho9TC0Xw6fu4VxqqPlD-QS4R0QL0C-G1yHvsQmbQECYTtE63zz0q0sXCUcPTZBHt41QtbkRKSJimEQHc-x8miK3rCTbSd4YUpTYtS_z5Rknh4WYx6Mqq0ubMf83tDV_pXotG34oikQ82rdC0eKzJY9yig5V9Lpx0HuDzyiR1d1qJiJyqBnwD5f_Dp2XEH7D-ed9q6lID7g37rugKvcHHg3xJsI0VhQ-vo819NQDJl8%2C.nD1B3Lnnc88Z86-IkoY_cWoZNRU%2C

Request Chain 63

https://mc.yandex.com/watch/56719444?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A1243434470434%3Ahid%3A984708460%3Az%3A60%3Ai%3A20241107175414%3Aet%3A1730998454%3Ac%3A1%3Arn%3A436031435%3Arqn%3A1%3Au%3A17309984544442654%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1332%3Awv%3A2%3Ads%3A34%2C84%2C203%2C3%2C490%2C0%2C%2C596%2C1%2C%2C%2C%2C1417%3Aco%3A0%3Acpf%3A1%3Ans%3A1730998452243%3Agi%3AR0ExLjIuMTE4MzEyNzM1MC4xNzMwOTk4NDU0%3Arqnl%3A1%3Ast%3A1730998455%3At%3ADOT%20Sleep%20Apnea%20Test%20at%20Home%20%7C%20WorkSTEPS%20Sleep&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP 302
https://mc.yandex.com/watch/56719444/1?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A1243434470434%3Ahid%3A984708460%3Az%3A60%3Ai%3A20241107175414%3Aet%3A1730998454%3Ac%3A1%3Arn%3A436031435%3Arqn%3A1%3Au%3A17309984544442654%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1332%3Awv%3A2%3Ads%3A34%2C84%2C203%2C3%2C490%2C0%2C%2C596%2C1%2C%2C%2C%2C1417%3Aco%3A0%3Acpf%3A1%3Ans%3A1730998452243%3Agi%3AR0ExLjIuMTE4MzEyNzM1MC4xNzMwOTk4NDU0%3Arqnl%3A1%3Ast%3A1730998455%3At%3ADOT%20Sleep%20Apnea%20Test%20at%20Home%20%7C%20WorkSTEPS%20Sleep&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.workstepssleep.com/
Redirect Chain

https://workstepssleep.com/
https://www.workstepssleep.com/

16 KB
5 KB

322ms
204ms

Document
text/html

2606:4700::6812:b46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4ee63e8d79a8216b6ce0577a793b968fda4c3c34f7f1fad1a106698b33bfb7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 16189
cf-cache-status: DYNAMIC
cf-ray: 8deed80a7bd2bb41-FRA
content-encoding: gzip
content-type: text/html
date: Thu, 07 Nov 2024 16:54:13 GMT
last-modified: Mon, 04 Nov 2024 17:24:48 GMT
server: cloudflare
strict-transport-security: max-age=31536000
surrogate-control: max-age=2147483647
surrogate-key: www.workstepssleep.com 5d63e6792f49487250e1a27a pageId:5d75753c7a6dfa15a02606ed
vary: Accept-Encoding
x-cluster-name: eu-south-1-prod-hosting-red
x-lambda-id: 4041e9e7-4f04-4861-8c0d-2472e580ddc7

Redirect headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8deed8076fde5c85-FRA
content-type: text/html
date: Thu, 07 Nov 2024 16:54:12 GMT
location: https://www.workstepssleep.com/
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cluster-name: eu-south-1-prod-hosting-red

GET
H3 200 worksteps-sleep.webflow.120a3ebca.css
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/ 186 KB
25 KB 219ms
163ms Stylesheet
text/css 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Requested by: Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e5c04ccfe50e8bdf52e98327a2f11e57aaf6c20c714c37ee34dca8fc59d0b3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "c16989313f6c43aa083d8a9e68d5cb21"
x-amz-version-id: h0TchHN_cb68SrkWstL21O_5KzclHNpn
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: text/css
last-modified: Mon, 16 Sep 2024 17:16:46 GMT
vary: Accept-Encoding
x-amz-id-2: 3w0RQqT4n/rZtnPCEg2obQrTS+0oo6Jnk0gDWBJbb9MHz9MvrShdhDdyk2f+XgjtcIrBs1C55eb6KVOkzmQ7mlor39s3O4TunGsiItmCyaM=
cache-control: public, max-age=31536000, immutable
x-amz-request-id: N9NWBBK173C5M1QP
cf-ray: 8deed80c1c3a9235-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24702
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 139ms
46ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: gzip
age: 8857
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Fri, 07 Nov 2025 14:26:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 14:26:36 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5437
x-xss-protection: 0
server: sffe

GET
H2 200 email-decode.min.js Show response
www.workstepssleep.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 42ms
41ms Script
application/javascript 2606:4700::6812:b46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workstepssleep.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"672528e6-4d7"
x-content-type-options: nosniff
cf-ray: 8deed80bcd49bb41-FRA
expires: Sat, 09 Nov 2024 16:54:13 GMT
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: application/javascript
last-modified: Fri, 01 Nov 2024 19:15:50 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
32 KB 170ms
54ms Script
application/javascript 52.222.153.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=5d63e6792f49487250e1a27a
Requested by: Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.153.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-153-83.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://www.workstepssleep.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age: 7414
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: pcpU4SJ8v-LDDJh7vNK6e2D0vYwl_F8Ny1L0QO7jazhIOHKnpgzTLQ==
date: Thu, 07 Nov 2024 14:50:40 GMT
content-type: application/javascript
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
vary: accept-encoding
cache-control: max-age=84600, must-revalidate
via: 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: CDG52-P1
server: AmazonS3

GET
H3 200 webflow.25c1bd0df.js Show response
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/js/ 985 KB
272 KB 255ms
200ms Script
text/javascript 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/js/webflow.25c1bd0df.js
Requested by: Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99ad2a58cb5e749516fac60990d3f9ba0622819e5ffeda7b537bb0b445d31a7f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "4e9af5000a63b94deb742ab2f961df70"
x-amz-version-id: igxiVaMxmXqtj1Xl03WZrLm7RfmAfoRS
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: text/javascript
last-modified: Mon, 16 Sep 2024 17:16:46 GMT
vary: Accept-Encoding
x-amz-id-2: VnnQj0Z1OMsByHob7JkTsey6QgnIgCHHrSot5WJA8oFma/F2M/zvSohzhhAuGV7IHngrt0dhPwEtsvelQqDepM9sMHU1HjYGFEpUVVEvB1Y=
cache-control: public, max-age=31536000, immutable
x-amz-request-id: N9NW97SEDYR4KMYA
cf-ray: 8deed80c1c389235-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 277659
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 css
fonts.googleapis.com/ 21 KB
2 KB 185ms
93ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6549f5bc96ed2db09b6df2e6b9d3247f936c4b40773158b712ef03bf9c3d9ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 07 Nov 2024 16:54:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 07 Nov 2024 16:54:13 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 353 KB
120 KB 157ms
65ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

135cf80edff4df05cd982c5ff315a50b9b082699d36a9dfb2988250b53b638db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 07 Nov 2024 16:54:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 07 Nov 2024 16:11:38 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 122323
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 hotjar-1489924.js Show response
static.hotjar.com/c/ 13 KB
5 KB 163ms
70ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1489924.js?sv=6

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

12505de68e061c7b21464d25cd37a94d2ceb44aa77ca00ab05e448713540b1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/f246bb6064af9b8263cdc251058e1535
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: chqp4fiY_a9fqPiEBCATJMk7UOK4T7ntamdm182cJI1aeGjpRKuCyg==
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H3 200 5d6dbbfa141661aa27e80c01_worksteps%20logo.svg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 13 KB
5 KB 194ms
193ms Image
image/svg+xml 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d6dbbfa141661aa27e80c01_worksteps%20logo.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe127281e682037e8d193335ec1ef2bb4ce69afb837d6c4ed3b510128efbd106

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cache-control: max-age=31536000, must-revalidate
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: B9B306LMCQZYC9WN4UAmihw3VhN6ktYl
etag: W/"58c580bdd7e6e0932ce390008fbeebce"
x-amz-request-id: N9NVQ8JJE2FR0ZAY
cf-ray: 8deed80eae9c9235-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: image/svg+xml
last-modified: Tue, 03 Sep 2019 01:03:55 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: HgDAJBwy/m0BGQSAcbHho7+fRN2CXh8EmF6UntSuPdK76j4kZr1oq69MW4PO5u2CqC7Y12m2T+4g8zkD6/7AjFEegiThEULnakJwhpiX8I4=

GET
H3 200 5d6dd1c5b8496eeecc9a2266_flag.jpg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 5 KB
5 KB 144ms
142ms Image
image/jpeg 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d6dd1c5b8496eeecc9a2266_flag.jpg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50150c7b74487811061d3b192444b312d007ab3fc3321ccfb1a2fcf39f94f198

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cf-cache-status: HIT
etag: "fbceec9cd6bc58177059ae05591c418d"
x-amz-version-id: p_0K.SxN2_NcX0rLYG31lgrAQpdYBpPr
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: image/jpeg
last-modified: Tue, 03 Sep 2019 02:36:54 GMT
vary: Accept-Encoding
x-amz-id-2: JRRLjAKAVsOtgjgOuZhAC0K7H+/43In0DzUJb8vSqZKEG0nOMCdO6EjEt/XAp/O2qIJLHZJ2fF0=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: N44SYFEGWM5PQRPP
cf-ray: 8deed80ebea39235-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4730
server: cloudflare

GET
H3 200 5d6dd2397155881cab14a5b3_proud-icon.svg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 25 KB
9 KB 152ms
150ms Image
image/svg+xml 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d6dd2397155881cab14a5b3_proud-icon.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a518d969920f8ba9b097fb6df14ebb27f518d2f52d869a6c05b0885a6e66db6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cache-control: max-age=31536000, must-revalidate
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: oEgrTu8NzxTOZhYrfFGKp.DmANrXe6RI
etag: W/"2674431e639fab28e514b53817408a40"
x-amz-request-id: N44H8YKD0CNDEEAV
cf-ray: 8deed80ebea49235-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: image/svg+xml
last-modified: Tue, 03 Sep 2019 02:38:50 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: MIe2DCg+8XkMNesrG6Zb0Y7xt2VYTcFz6EBRQ7LIb9IGR0cAloCpKhLcYwkVSEcZVc7PUhYAyJo=

GET
H3 200 5d7450c334bd3610f2e2c8cf_icon-phone.svg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 2 KB
2 KB 193ms
190ms Image
image/svg+xml 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d7450c334bd3610f2e2c8cf_icon-phone.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4a76db7b8bf20c95f3a421e3b9472f9ff7bdaa8355d8722a3ca39ac7bf357f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cache-control: max-age=31536000, must-revalidate
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: IhG8DvwacyOKWEJyepVWjCKhgOC7Vos3
etag: W/"d546f8e711944321bc10f27251952802"
x-amz-request-id: N9NJJT6JET74EH8S
cf-ray: 8deed80ebea79235-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: image/svg+xml
last-modified: Sun, 08 Sep 2019 00:52:21 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: L0C8/YXWLNn6+OJ9Wye135EPRTtdUe4dkhgkQ9db/6Jb2+PIKZkPKqENlmNSETcILZ6n6irNpAN+moj0i3Q0cw7JnXm7JIAyIwAzK+NhC/w=

GET
H3 200 5da63465bb438c92603205b4_icon-home--black.svg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 1 KB
844 B 202ms
200ms Image
image/svg+xml 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5da63465bb438c92603205b4_icon-home--black.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91886641331de72ecd7d406d2d95fdb0a015108e4b61a08914f15f10e65db29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cache-control: max-age=31536000, must-revalidate
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: MEYBxa3kMIUGWZJHSqtjyL3jO24iJDXe
etag: W/"1569198c4480759d98a6f98edac92eba"
x-amz-request-id: N44TEC5ZFKN9B6EP
cf-ray: 8deed80ebeab9235-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2019 21:04:39 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: TT72RzNE2dHssU/aF7/b6zsGqdNioAryDu+c0A3gH+0VEWFX1GDx6YiDtbRuaFqhZPjq+Qz53fg=

GET
H3 200 5d8110363510c9333505fbd3_image--hero--home.jpg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 88 KB
88 KB 194ms
192ms Image
image/jpeg 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d8110363510c9333505fbd3_image--hero--home.jpg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f041697b282dae297547fc755f50f39f4f3ce9b56ee9eb088cbf08f2f8419a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cf-bgj: h2pri
etag: "2c4c486b419f7d95ccf1e587aa9ae597"
x-amz-version-id: 9KWrwIQFoPZiY5HLmSkRn.o2yPxUZWZZ
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: image/jpeg
last-modified: Tue, 17 Sep 2019 16:56:23 GMT
vary: Accept-Encoding
x-amz-id-2: eHj0dK2KrKPUcJ1AKTC4t79+Wypmme++Pzpw4ruUXRUrNlSEdoprWY8ybT/v83lcbhW1zZlqyBA=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: N44YBVJ468X6QPEH
cf-ray: 8deed80ebead9235-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 89914
server: cloudflare

GET
H3 200 5d6f06f900df071a6c44fa6d_fda-approved-icon.svg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 14 KB
5 KB 193ms
191ms Image
image/svg+xml 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d6f06f900df071a6c44fa6d_fda-approved-icon.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe4cb0bcd615e43c11b51b4ca7d7aa2c7f2f167a7d2b5559281fa2126f437c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cache-control: max-age=31536000, must-revalidate
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: o2ih.Zboou4ef06phBzBnmy0w456KTS3
etag: W/"d76fa95898b0c0d996e8ed0730276c85"
x-amz-request-id: N9NT1Q8B7HJGHNDY
cf-ray: 8deed80ebeb09235-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: image/svg+xml
last-modified: Wed, 04 Sep 2019 00:36:10 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: BCdGxcJpxw0wVSoXzekc3bLUsIKFfrrJ9DtoDnpICAA8WKaaA6voN8CY+R9avNLtCObpb3mxM83Zviqobwg1qEgRGwR3uhJnC1CajQWD1Js=

GET
H3 200 5ddd890f167ced3d3a613e0a_dot-compliant--logo.svg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 13 KB
5 KB 231ms
229ms Image
image/svg+xml 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5ddd890f167ced3d3a613e0a_dot-compliant--logo.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9535567cf78680a6df04468cdc4e2ae4bb61755f4395d6caa009eff97cecac1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cache-control: max-age=31536000, must-revalidate
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: I_c.pcGQPOrqYl0RyBtzD8gUjwrkGfm7
etag: W/"6866e3d8e1b7ad5f8dc4cd10c2500f4e"
x-amz-request-id: N9NT5VQ7Z0SX2WAY
cf-ray: 8deed80ebeb19235-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: image/svg+xml
last-modified: Tue, 26 Nov 2019 20:20:33 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: sTJ3nCDz7jsMdj9qONdVtcFYtSHdllqctp4cRELTIMMcQGPYDuFXOQbM3zx+SSKSGulrynstaAsG2odnG+TYk7uxcoWaGVt0E661BQjdkSs=

GET
H3 200 5d77bc6b9fadddea5f291932_st-christopher-logo.png
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 39 KB
39 KB 233ms
232ms Image
image/png 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d77bc6b9fadddea5f291932_st-christopher-logo.png
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38a5b436a9e4f740073a985ddaec0bf5a40e428b919c6e5fc669f4758fa858fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cf-cache-status: HIT
etag: "4bea9656c651340df2605694dd1843b7"
x-amz-version-id: GPlRLg8KW9giyQqXDnPngdr9v5U1MJvP
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: image/png
last-modified: Tue, 10 Sep 2019 15:08:28 GMT
vary: Accept-Encoding
x-amz-id-2: jQA1FjYaVQiuq9mAvnwLZK7dj4bbc4c4yVEL2RrjUyhHHLtkqBDultCl1aGMp5z/HzS/pUEoFFP8Yskfq22ucJgOJ3E4+/gloRvile+qyQQ=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: N9NK3W9TJXRV0139
cf-ray: 8deed80ebeb39235-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39688
server: cloudflare

GET
H3 200 5d6f089b2fd62f7efb20d352_itamar-logo.png
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 16 KB
17 KB 243ms
241ms Image
image/png 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d6f089b2fd62f7efb20d352_itamar-logo.png
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e04946174f0e5ac6cb9a086d1cf1c5ba78acd69e37c5af2da88deef0a993a3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cf-cache-status: HIT
etag: "32dd8bc05b77cab8c89de6e8b1fa427d"
x-amz-version-id: Oz75TodVNulyGel8CkFxnVZ5CxFDYd5N
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: image/png
last-modified: Wed, 04 Sep 2019 00:43:09 GMT
vary: Accept-Encoding
x-amz-id-2: mTw7l9M1UlXw6Qu7mCDyrBBngruL93XxdZZhzXTDMqZYZ3s88TCab9M5vRSky3U4F3NEMbzdIhvuLNh3EvDWrcGc1guwRVrb
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: H449HX0G9ECE2DFY
cf-ray: 8deed80ebeb79235-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16596
server: cloudflare

GET
H3 200 5d642223346aae6ee37d046e_link-arrow--blue.svg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 592 B
750 B 267ms
265ms Image
image/svg+xml 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d642223346aae6ee37d046e_link-arrow--blue.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 948ffb316a7caaafb40aab087d9a47d610d0fe75f3a805069b6c0f3f65c2e3d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cache-control: max-age=31536000, must-revalidate
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: bOEoeviLhstjR35Xe4en.pGHUsyBoFbR
etag: W/"fe0dc0be171153665259db5d146bfcc4"
x-amz-request-id: H44B9D605XV1H0EM
cf-ray: 8deed80ebeba9235-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Aug 2019 18:17:08 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: mI26am3bTiqVjx0QZAEKMuVjbcNqHgFIPggqBnlF1kFJFrtPEtsgybx0PQ8d/A6VBCqYqir9i6CIk7LR9u3iOL6AMtwq+8Uodd1SnXU2WFQ=

GET
H3 200 5d706f219b8d7b049889af48_image-banner--sleep-apnea.jpg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 64 KB
64 KB 152ms
151ms Image
image/jpeg 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d706f219b8d7b049889af48_image-banner--sleep-apnea.jpg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62d426aa4f9781734b55b0e380a4c36bba6891bc5573f8ac254971c71361e7ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cf-bgj: h2pri
etag: "e9c863fde1a136b472acc9cdfa2fb598"
x-amz-version-id: q4ikXdOCoCqh19gTAUwLgaOm994HMhJS
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: image/jpeg
last-modified: Thu, 05 Sep 2019 02:12:50 GMT
vary: Accept-Encoding
x-amz-id-2: QwWrTuoIayXv08m4Ue30YMvoivMIotitjm2q5EBsUqE2VQS/NMT7L9RGgIvXG9qJCN1ewEWN2EJuvd1MvPANL+/+PSLCIVLILsSX7+3HE8Q=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: H447D0XMTVMRQ94R
cf-ray: 8deed80ebebd9235-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 65522
server: cloudflare

GET
H3 200 5d640349afd53f3d241fa0b2_WorkSTEPS-logo.svg
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 13 KB
5 KB 267ms
266ms Image
image/svg+xml 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d640349afd53f3d241fa0b2_WorkSTEPS-logo.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c65593fd2a50e479ba7db2b1b41ad7f5318c425e00a433d76b8537a31f2ac74d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/css/worksteps-sleep.webflow.120a3ebca.css

Response headers

cache-control: max-age=31536000, must-revalidate
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: k5LwZov1_ujlXXFAjHJ_qdb6UrSyacqf
etag: W/"375c8b677e718aaabfab344ff8f1d808"
x-amz-request-id: H44FT4NQN40BTTJZ
cf-ray: 8deed80ebec09235-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Aug 2019 16:05:31 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: xk1xcxE3sVunq6qtXDYYdNc9C4h3Yz3pFQA9FCAfXDLnq7uWCdpSlKqgcmiCNAP+moA5TLrQVxlwcOjO9n2P4w==

GET
H2 200 modules.6f60e575cf8ad7cb10f7.js Show response
script.hotjar.com/ 222 KB
55 KB 170ms
53ms Script
application/javascript 18.164.52.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1489924.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-95.cdg50.r.cloudfront.net

Software

Resource Hash

f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "56b1b49a4bdc4c874445907df778d045"
age: 268455
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 0HmStKFWOyk6lnfmfyI7n6WqSYmCXx8X7LiAy9W5-3HDTyHZSwVNcA==
date: Mon, 04 Nov 2024 14:19:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Nov 2024 14:19:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 f28457772363c6ae92d5862984c7c69c.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56128
x-amz-cf-pop: CDG50-P4

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 156ms
91ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 92085
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:19:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:19:28 GMT
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18492
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 136ms
74ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 185731
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 13:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 13:18:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v32/ 20 KB
20 KB 218ms
157ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 91673
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:26:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:26:20 GMT
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20144
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 119ms
58ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 90217
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:50:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:50:36 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 102ms
42ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 227488
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 01:42:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 01:42:45 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 217ms
156ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 92027
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:20:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:20:26 GMT
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18436
x-xss-protection: 0
server: sffe

GET
H3 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 199ms
138ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 227754
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 01:38:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 01:38:19 GMT
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21144
x-xss-protection: 0
server: sffe

GET
H3 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
20 KB 250ms
189ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 91217
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:33:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:33:56 GMT
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20960
x-xss-protection: 0
server: sffe

GET
H3 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 205ms
144ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 91850
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:23:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:23:23 GMT
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21796
x-xss-protection: 0
server: sffe

GET
H3 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 198ms
137ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 213941
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 05:28:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 05:28:32 GMT
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21724
x-xss-protection: 0
server: sffe

GET
H3 200 7cHqv4kjgoGqM7E3q-0s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 22 KB
22 KB 266ms
204ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3q-0s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

1f132510bc7b665bbe5fb9227b0d2daafa5513296a72f88f88d38179eded9277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 91436
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:30:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:30:17 GMT
last-modified: Tue, 19 Apr 2022 19:05:17 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22052
x-xss-protection: 0
server: sffe

GET
H3 200 7cHqv4kjgoGqM7E3j-ws51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 264ms
202ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3j-ws51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

f9bfb04a18c8be687fadacd7f67647b65113ee8d1aabcb0f410eac21681fa7ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 92014
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:20:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:20:39 GMT
last-modified: Tue, 19 Apr 2022 18:56:36 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21416
x-xss-protection: 0
server: sffe

GET
H3 200 7cHsv4kjgoGqM7E_CfPI42ouvTo.woff2
fonts.gstatic.com/s/barlow/v12/ 23 KB
23 KB 262ms
200ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHsv4kjgoGqM7E_CfPI42ouvTo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,italic,500,700,900%7CBarlow:regular,500,600,700,800,900%7CBarlow:regular,500italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

cca6c2dd9540ac7b8194f52ad49c3e6312705d4aa25c4cc29d68e9dbb8a3a118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.workstepssleep.com
Referer: https://fonts.googleapis.com/

Response headers

age: 90038
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:53:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:53:35 GMT
last-modified: Tue, 19 Apr 2022 19:28:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23424
x-xss-protection: 0
server: sffe

POST
H3 200 collect
www.google.com/ccm/ 0
0 131ms
49ms Ping
text/plain 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.workstepssleep.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=542167117.1730998454&auid=799784369.1730998454&npa=1&gtm=45He4au0v9130100097za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&tft=1730998453880&tfd=1637&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 395 KB
128 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4QSKSP7FMR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd4033221be45ecb4d3f4f37961865788dd05b6225875415c35f36cc154468eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 07 Nov 2024 16:54:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 130960
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 211ms
62ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 79D992FA08784810B2B72AAA05F05F7D Ref B: FRA31EDGE0210 Ref C: 2024-11-07T16:54:14Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 hotjar-1626859.js Show response
static.hotjar.com/c/ 15 KB
6 KB 74ms
74ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1626859.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

ee969b00334003e5dc0886d6f0a1c4e8d924e43aa0cc7d31231869338cda204a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/d12c94dc1292f9ad2cf1c6b53bdd4332
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: gT4kG4ovjVRrxKFlRSEEmeS5Q2RmNlYo2PlnQCYCclRwRrlQYFdq2g==
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 138ms
45ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: gzip
age: 5279
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 07 Nov 2024 17:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 15:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 282 KB
97 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-688446132&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8e7f0f59afed899f3852d007f64eabbbae5b2ce91def869cd418f37b4b1c5cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 07 Nov 2024 16:54:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 07 Nov 2024 16:11:38 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98877
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 loader.js Show response
www.gstatic.com/wcm/ 6 KB
2 KB 95ms
41ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: br
age: 2937
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Thu, 07 Nov 2024 17:05:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 16:05:16 GMT
last-modified: Wed, 20 Mar 2024 23:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 2133
x-xss-protection: 0
server: sffe

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 220 KB
76 KB 366ms
151ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d29de1609682964244bc8dc4064ca380ee33d2a5854f06cf4bc64763c2778c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
etag: "672b9036-129f3"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 07 Nov 2024 17:54:14 GMT
access-control-allow-origin: *
content-length: 76275
date: Thu, 07 Nov 2024 16:54:14 GMT
last-modified: Wed, 06 Nov 2024 15:50:14 GMT
content-type: application/javascript

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 85ms
41ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-9Lc8vemM' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-9Lc8vemM' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4422, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: zXqzZ9UsVEOC4aHFcGkmpVTaNCMTfM0+C37SP97Rqw7iHo1/7qcjdvwCJ0rbhkxTPU1YVypQ1NYQRU39RVBDaQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 jbnb7sg15a Show response
www.clarity.ms/tag/ 553 B
810 B 272ms
134ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jbnb7sg15a?ref=gtm2
Requested by: Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7f36841e78f48033233686dadea4d1e948b8cfd3840e3e75bb4fd1a8dcbb8f70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 553
date: Thu, 07 Nov 2024 16:54:14 GMT
content-type: application/x-javascript
x-azure-ref: 20241107T165414Z-r1cc7858649chbx4hC1FRApyxn000000016g00000000m4w3

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 3176 0
0 129ms
45ms Document
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.workstepssleep.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKVBWTN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Nov 2024 16:54:14 GMT
expires: Fri, 07 Nov 2025 16:54:14 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 call-tracking_9.js Show response
www.gstatic.com/call-tracking/ 62 KB
20 KB 42ms
40ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_9.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: br
age: 157921
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 21:02:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 21:02:13 GMT
last-modified: Mon, 22 Jan 2024 22:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
accept-ranges: bytes
content-length: 20777
x-xss-protection: 0
server: sffe

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 136ms
45ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4QSKSP7FMR&gtm=45je4au0v885017063z89130100097za200zb9130100097&_p=1730998453516&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=1183127350.1730998454&ul=de-de&sr=1600x1200&_ng=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730998454&sct=1&seg=0&dl=https%3A%2F%2Fwww.workstepssleep.com%2F&dt=DOT%20Sleep%20Apnea%20Test%20at%20Home%20%7C%20WorkSTEPS%20Sleep&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1825
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4QSKSP7FMR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.workstepssleep.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 16:54:14 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
560 B 146ms
46ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-4QSKSP7FMR&cid=1183127350.1730998454&gtm=45je4au0v885017063z89130100097za200zb9130100097&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4QSKSP7FMR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.workstepssleep.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 16:54:14 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 127ms
75ms Image
image/gif 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-4QSKSP7FMR&cid=1183127350.1730998454&gtm=45je4au0v885017063z89130100097za200zb9130100097&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101925629&tag_exp=101823848~101925629&z=332314791

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 07 Nov 2024 16:54:14 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 695077184371748 Show response
connect.facebook.net/signals/config/ 74 KB
15 KB 243ms
242ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/695077184371748?v=2.9.176&r=stable&domain=www.workstepssleep.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

2683ce26b4d0ded8ec8ec6f91985d8969248053c62f581555174f828b747f241

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-r02F9ON8' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:14 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-r02F9ON8' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=77, mss=1232, tbw=70821, tp=67, tpl=0, uplat=204, ullat=0
pragma: public
x-fb-debug: MtJGvNBgX1xkrOJu2drNwxkEhAfz0jEF9d0kUsUXDVq/Yiqb2r7nysxv1TDQgSmuUbfgpgShsVm3CJWcpSvNpQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
427 B 46ms
45ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1559638047&t=pageview&_s=1&dl=https%3A%2F%2Fwww.workstepssleep.com%2F&ul=de-de&de=UTF-8&dt=DOT%20Sleep%20Apnea%20Test%20at%20Home%20%7C%20WorkSTEPS%20Sleep&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=896933026&gjid=176734662&cid=1183127350.1730998454&tid=UA-38843168-2&_gid=916658290.1730998454&_r=1&_slc=1&gtm=45He4au0n81NKVBWTNv9130100097za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&npa=1&z=1699246753

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.workstepssleep.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 16:54:14 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.workstepssleep.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H3

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/688446132/wcm?cc=ZZ&dn=8774368478&cl=W0tWCLvckLcZELS1o8gC&dma=1&dma_cps=syphamo&npa=1&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774368478&cl=W0tWCLvckLcZELS1o8gC&dma=1&dma_cps=syphamo

80 B
111 B

46ms
46ms

XHR
application/json

172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774368478&cl=W0tWCLvckLcZELS1o8gC&dma=1&dma_cps=syphamo

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: private
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 87
date: Thu, 07 Nov 2024 16:54:14 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

Redirect headers

location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8774368478&cl=W0tWCLvckLcZELS1o8gC&dma=1&dma_cps=syphamo
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.workstepssleep.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 07 Nov 2024 16:54:14 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H2 200 56087623.js Show response
bat.bing.com/p/action/ 363 B
414 B 64ms
64ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56087623.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9EF3810AD54E418C8953E1E039FD76BD Ref B: FRA31EDGE0210 Ref C: 2024-11-07T16:54:14Z
x-cache: CONFIG_NOCACHE
date: Thu, 07 Nov 2024 16:54:13 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.49/ 64 KB
27 KB 78ms
78ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.49/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jbnb7sg15a?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

x-azure-ref: 20241107T165414Z-r1cc7858649chbx4hC1FRApyxn000000016g00000000m4wk
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: 1789ecf8-001e-0079-6678-2fd2ff000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Thu, 07 Nov 2024 16:54:14 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 01:20:43 GMT

POST
H2 204 0
bat.bing.net/actionp/ 0
346 B 215ms
76ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=56087623&tm=gtm002&Ver=2&mid=448d2758-540c-468e-871f-67048d85cb58&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 07D4DF68338E4C36B5876CC02C020BA2 Ref B: FRA31EDGE0707 Ref C: 2024-11-07T16:54:14Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 07 Nov 2024 16:54:14 GMT

GET
H2 204 0
bat.bing.net/action/ 0
121 B 213ms
76ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=56087623&tm=gtm002&Ver=2&mid=448d2758-540c-468e-871f-67048d85cb58&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=DOT%20Sleep%20Apnea%20Test%20at%20Home%20%7C%20WorkSTEPS%20Sleep&p=https%3A%2F%2Fwww.workstepssleep.com%2F&r=&lt=1418&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=157577
Requested by: Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C5375C7048DD4E1F9740D90C123EB13B Ref B: FRA31EDGE0707 Ref C: 2024-11-07T16:54:14Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 07 Nov 2024 16:54:14 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
275 B 122ms
38ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=695077184371748&ev=PageView&dl=https%3A%2F%2Fwww.workstepssleep.com&rl=&if=false&ts=1730998454384&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmgoogletagmanager&ec=0&o=12316&fbp=fb.1.1730998454382.716287201574502133&pm=1&hrl=9dff7d&ler=empty&cdl=API_unavailable&it=1730998454105&coo=false&cs_cc=1&cas=3181502665226305&rqm=GET

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=10, mss=1297, tbw=2958, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 07 Nov 2024 16:54:14 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 451ms
367ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=695077184371748&ev=PageView&dl=https%3A%2F%2Fwww.workstepssleep.com&rl=&if=false&ts=1730998454384&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmgoogletagmanager&ec=0&o=12316&fbp=fb.1.1730998454382.716287201574502133&pm=1&hrl=9dff7d&ler=empty&cdl=API_unavailable&it=1730998454105&coo=false&cs_cc=1&cas=3181502665226305&rqm=FGET

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src 'report-sample' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7434581750630551340"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:14 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: Ap9MwFXhHzwNLV9dUIj53yesL7p0kZIWhbWLhCAmBEhs/Gwicipw3OXR8s7dR515bnI8QUSlJncb9rDF/W1NRw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7434581750630551340", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=14, mss=1297, tbw=3277, tp=-1, tpl=-1, uplat=327, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H/1.1 204
No Content collect Show response
a.clarity.ms/ 0
286 B 415ms
129ms XHR
text/plain 51.8.71.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.8.71.184 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://www.workstepssleep.com/

Response headers

Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
Access-Control-Allow-Origin: https://www.workstepssleep.com
Date: Thu, 07 Nov 2024 16:54:14 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10546.7_xjrlRfgOsJUVEADAoddeRg4vWPaOEL5wx1dx4RxClaGvqydYzmDiYvcYHrWurS.cuADKJwviEOyxEgsl3NX8crN1z0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10546.iho9TC0Xw6fu4VxqqPlD-QS4R0QL0C-G1yHvsQmbQECYTtE63zz0q0sXCUcPTZBHt41QtbkRKSJimEQHc-x8miK3rCTbSd4YUpTYtS_z5Rknh4WYx6Mqq0ubMf83tDV_pXotG34oik...

43 B
493 B

81ms
80ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10546.iho9TC0Xw6fu4VxqqPlD-QS4R0QL0C-G1yHvsQmbQECYTtE63zz0q0sXCUcPTZBHt41QtbkRKSJimEQHc-x8miK3rCTbSd4YUpTYtS_z5Rknh4WYx6Mqq0ubMf83tDV_pXotG34oikQ82rdC0eKzJY9yig5V9Lpx0HuDzyiR1d1qJiJyqBnwD5f_Dp2XEH7D-ed9q6lID7g37rugKvcHHg3xJsI0VhQ-vo819NQDJl8%2C.nD1B3Lnnc88Z86-IkoY_cWoZNRU%2C

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
date: Thu, 07 Nov 2024 16:54:14 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000
location: https://mc.yandex.com/sync_cookie_image_decide?token=10546.iho9TC0Xw6fu4VxqqPlD-QS4R0QL0C-G1yHvsQmbQECYTtE63zz0q0sXCUcPTZBHt41QtbkRKSJimEQHc-x8miK3rCTbSd4YUpTYtS_z5Rknh4WYx6Mqq0ubMf83tDV_pXotG34oikQ82rdC0eKzJY9yig5V9Lpx0HuDzyiR1d1qJiJyqBnwD5f_Dp2XEH7D-ed9q6lID7g37rugKvcHHg3xJsI0VhQ-vo819NQDJl8%2C.nD1B3Lnnc88Z86-IkoY_cWoZNRU%2C
x-xss-protection: 1; mode=block
date: Thu, 07 Nov 2024 16:54:14 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
670 B 750ms
749ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
etag: "672b9036-2b"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 07 Nov 2024 17:54:15 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Thu, 07 Nov 2024 16:54:15 GMT
last-modified: Wed, 06 Nov 2024 15:50:14 GMT
content-type: image/gif

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame F056 0
0 231ms
79ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.workstepssleep.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1446
content-type: text/html
date: Thu, 07 Nov 2024 16:54:14 GMT
etag: "672b9036-5a6"
expires: Thu, 07 Nov 2024 17:54:14 GMT
last-modified: Wed, 06 Nov 2024 15:50:14 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/56719444/
Redirect Chain

https://mc.yandex.com/watch/56719444?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf...
https://mc.yandex.com/watch/56719444/1?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Au...

622 B
814 B

80ms
80ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/56719444/1?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A1243434470434%3Ahid%3A984708460%3Az%3A60%3Ai%3A20241107175414%3Aet%3A1730998454%3Ac%3A1%3Arn%3A436031435%3Arqn%3A1%3Au%3A17309984544442654%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1332%3Awv%3A2%3Ads%3A34%2C84%2C203%2C3%2C490%2C0%2C%2C596%2C1%2C%2C%2C%2C1417%3Aco%3A0%3Acpf%3A1%3Ans%3A1730998452243%3Agi%3AR0ExLjIuMTE4MzEyNzM1MC4xNzMwOTk4NDU0%3Arqnl%3A1%3Ast%3A1730998455%3At%3ADOT%20Sleep%20Apnea%20Test%20at%20Home%20%7C%20WorkSTEPS%20Sleep&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

Requested by

Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ba96f9ca1fab9f94b2e6c1c23f736ce395babc689abc338c23007a02b8bdb12f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Thu, 07-Nov-2024 16:54:14 GMT
access-control-allow-origin: https://www.workstepssleep.com
content-length: 622
date: Thu, 07 Nov 2024 16:54:14 GMT
x-xss-protection: 1; mode=block
last-modified: Thu, 07-Nov-2024 16:54:14 GMT
content-type: application/json; charset=utf-8

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/56719444/1?wmode=7&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A1243434470434%3Ahid%3A984708460%3Az%3A60%3Ai%3A20241107175414%3Aet%3A1730998454%3Ac%3A1%3Arn%3A436031435%3Arqn%3A1%3Au%3A17309984544442654%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1332%3Awv%3A2%3Ads%3A34%2C84%2C203%2C3%2C490%2C0%2C%2C596%2C1%2C%2C%2C%2C1417%3Aco%3A0%3Acpf%3A1%3Ans%3A1730998452243%3Agi%3AR0ExLjIuMTE4MzEyNzM1MC4xNzMwOTk4NDU0%3Arqnl%3A1%3Ast%3A1730998455%3At%3ADOT%20Sleep%20Apnea%20Test%20at%20Home%20%7C%20WorkSTEPS%20Sleep&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 07-Nov-2024 16:54:14 GMT
access-control-allow-origin: https://www.workstepssleep.com
x-xss-protection: 1; mode=block
date: Thu, 07 Nov 2024 16:54:14 GMT
last-modified: Thu, 07-Nov-2024 16:54:14 GMT

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 459ms
120ms Script
application/javascript 3.92.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.workstepssleep.com
URL: https://www.workstepssleep.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-120-28.compute-1.amazonaws.com
Software: /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cache-control: max-age=63072000
content-encoding: gzip
etag: "15f4-gzip"
Connection: keep-alive
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
expires: Sat, 07 Nov 2026 16:54:15 GMT
accept-ranges: bytes
Content-Length: 1988
Date: Thu, 07 Nov 2024 16:54:15 GMT
Content-Type: application/javascript
last-modified: Wed, 06 Nov 2024 21:05:36 GMT
vary: Accept-Encoding,User-Agent

GET
H3 200 5d786d14f539c2ccea89e71b_w-fav.png
cdn.prod.website-files.com/5d63e6792f49487250e1a27a/ 861 B
1 KB 176ms
175ms Other
image/png 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/5d63e6792f49487250e1a27a/5d786d14f539c2ccea89e71b_w-fav.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c902f4ee78e5b163673e7b12219798188bfc6b55368f3b8f5d620b0feefb0273

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

cf-cache-status: HIT
etag: "29e2df69c282e0d5d73c7aefe9e6ca98"
x-amz-version-id: cX71ITf4S.1pQ4bfocr7_DzWmWlrskkw
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 16:54:15 GMT
content-type: image/png
last-modified: Wed, 11 Sep 2019 03:42:13 GMT
vary: Accept-Encoding
x-amz-id-2: vNs14UdXTbZhQVzatkXVqajXm8WWQOb3EmKhrXDf7c8j8JjRWFx+0V+XRpajuq94ey/caXm2fvtNdyWOUVn0lxR9+Y4kX59XQA6hGI0BRVk=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: C3CK2GXPK6A41EFC
cf-ray: 8deed818feaf9235-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 861
server: cloudflare

POST
H/1.1 204
No Content collect Show response
a.clarity.ms/ 0
286 B 129ms
128ms XHR
text/plain 51.8.71.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.8.71.184 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://www.workstepssleep.com/

Response headers

Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
Access-Control-Allow-Origin: https://www.workstepssleep.com
Date: Thu, 07 Nov 2024 16:54:15 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 259 B
1 KB 609ms
609ms Script
text/javascript 3.92.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1610&account_id=739103&title=DOT%20Sleep%20Apnea%20Test%20at%20Home%20%7C%20WorkSTEPS%20Sleep&url=https%3A%2F%2Fwww.workstepssleep.com%2F&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-92-120-28.compute-1.amazonaws.com

Software

Resource Hash

3d1ab77fbd543665876ba1e5c22c68ff274fcc91cf7a996fc7da05f81e05270f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-pardot-rsp: 0/0/1
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
Connection: keep-alive
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 194
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date: Thu, 07 Nov 2024 16:54:16 GMT
Content-Type: text/javascript; charset=utf-8
vary: Accept-Encoding,User-Agent

POST
H2 200 56719444
mc.yandex.com/webvisor/ 43 B
0 161ms
154ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/56719444?wv-part=1&wv-type=7&wmode=0&wv-hit=984708460&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&rn=206361059&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1730998457%3Aw%3A1600x1200%3Av%3A1502%3Az%3A60%3Ai%3A20241107175417%3Au%3A17309984544442654%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Ast%3A1730998457&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 07-Nov-2024 16:54:17 GMT
access-control-allow-origin: https://www.workstepssleep.com
content-length: 43
date: Thu, 07 Nov 2024 16:54:17 GMT
x-xss-protection: 1; mode=block
content-type: image/gif
last-modified: Thu, 07-Nov-2024 16:54:17 GMT

POST
H2 200 56719444
mc.yandex.com/webvisor/ 43 B
0 82ms
81ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/56719444?wv-part=1&wv-type=7&wmode=0&wv-hit=984708460&page-url=https%3A%2F%2Fwww.workstepssleep.com%2F&rn=42340374&browser-info=we%3A1%3Aet%3A1730998458%3Aw%3A1600x1200%3Av%3A1502%3Az%3A60%3Ai%3A20241107175417%3Au%3A17309984544442654%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Ast%3A1730998458&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.workstepssleep.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 07-Nov-2024 16:54:17 GMT
access-control-allow-origin: https://www.workstepssleep.com
content-length: 43
x-xss-protection: 1; mode=block
date: Thu, 07 Nov 2024 16:54:17 GMT
content-type: image/gif
last-modified: Thu, 07-Nov-2024 16:54:17 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.prod.website-files.com/	1970-01-21 00:50:00	Name: __cf_bm Value: QGXJox6F6YPpffRPhNmUltkfpA6Hygnwo7gyRTMVIpk-1730998453-1.0.1.1-mgqTG75f6ZGVLFTI82sG.ODjXYOaMa8H7ywZMNuKn8Re_5ZKTGlC9Hr8E.uuqT9eBxAJXqC12qZIWQW4hBdE6Q
.workstepssleep.com/	1970-01-21 02:59:34	Name: _gcl_au Value: 1.1.799784369.1730998454
.workstepssleep.com/	1970-01-21 09:35:34	Name: _hjSessionUser_1489924 Value: eyJpZCI6IjM0MzBkYTQ1LWZkYmQtNWU1NC05ZTUzLTNhMTlmYzBlOWRmOSIsImNyZWF0ZWQiOjE3MzA5OTg0NTM5NzgsImV4aXN0aW5nIjp0cnVlfQ==
.workstepssleep.com/	1970-01-21 00:50:00	Name: _hjSession_1489924 Value: eyJpZCI6IjE1Nzc2ODYyLWQyMWUtNGM4Ny1iZDc3LTdmMzM1N2JiYWM3ZCIsImMiOjE3MzA5OTg0NTM5NzksInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.workstepssleep.com/	1970-01-21 10:25:58	Name: _ga_4QSKSP7FMR Value: GS1.1.1730998454.1.0.1730998454.60.0.0
.workstepssleep.com/	1970-01-21 10:25:58	Name: _ga Value: GA1.2.1183127350.1730998454
.workstepssleep.com/	1970-01-21 00:51:24	Name: _gid Value: GA1.2.916658290.1730998454
.workstepssleep.com/	1970-01-21 00:49:58	Name: _gat_UA-38843168-2 Value: 1
.yandex.ru/	1970-01-21 10:25:58	Name: i Value: imsqkJkVm89C6afk4reCpNPfGaZwnuc2U64VhH/Mef51AjFAFHw0q2Sjdmbh1iuxTycWnJcZS70NHNRqKB2DGNV+BuI=
.yandex.ru/	1970-01-21 10:25:58	Name: yandexuid Value: 9371395321730998454
.yandex.ru/	1970-01-21 09:35:34	Name: yashr Value: 4426635151730998454
.workstepssleep.com/	1970-01-21 02:59:34	Name: _fbp Value: fb.1.1730998454382.716287201574502133
.workstepssleep.com/	1970-01-21 09:35:34	Name: _ym_uid Value: 17309984544442654
.workstepssleep.com/	1970-01-21 09:35:34	Name: _ym_d Value: 1730998454
.mc.yandex.com/	1970-01-21 00:49:59	Name: sync_cookie_csrf Value: 1799060913fake
.mc.yandex.ru/	1970-01-21 00:49:59	Name: sync_cookie_csrf Value: 60738101fake
.yandex.com/	1970-01-21 09:35:34	Name: yuidss Value: 9371395321730998454
.mc.yandex.com/	1970-01-21 00:51:24	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1203352591730998454
.yandex.com/	1970-01-21 09:35:34	Name: ymex Value: 1762534454.yrts.1730998454
.yandex.com/	1970-01-21 09:35:34	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 10:25:58	Name: bh Value: KgI/MGC24bO5Bg==
.workstepssleep.com/	1970-01-21 00:50:00	Name: _ym_visorc Value: w
.yandex.com/	1970-01-21 10:25:58	Name: i Value: XiGnENQ+PSoLT/mP+aowfcVdTZ5OV4x1xC2tRQ4EeqdRcQdpRo8EFNpbPPj41L/g4giWLJn+gLigPRv1Wc7+Nf1tezc=
.yandex.com/	1970-01-21 10:25:58	Name: yandexuid Value: 4409475491730998454
.yandex.com/	1970-01-21 09:35:34	Name: yashr Value: 5876324841730998454
.workstepssleep.com/	1970-01-21 00:51:10	Name: _ym_isad Value: 2
.pardot.com/	1970-01-21 10:25:58	Name: visitor_id738103 Value: 1954200781
.pardot.com/	1970-01-21 10:25:58	Name: visitor_id738103-hash Value: 93c381593fb65d7b149594e088f33b4035495613a79bba981c7495147ac99dc0a54dff3aaa6e09a04228a16226908805fb3a0e27
pi.pardot.com/	1970-01-21 00:50:00	Name: lpv738103 Value: aHR0cHM6Ly93d3cud29ya3N0ZXBzc2xlZXAuY29tLw%3D%3D
www.workstepssleep.com/	1970-01-21 10:25:58	Name: visitor_id738103 Value: 1954200781
www.workstepssleep.com/	1970-01-21 10:25:58	Name: visitor_id738103-hash Value: 93c381593fb65d7b149594e088f33b4035495613a79bba981c7495147ac99dc0a54dff3aaa6e09a04228a16226908805fb3a0e27

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clarity.ms
ajax.googleapis.com
bat.bing.com
bat.bing.net
cdn.prod.website-files.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
pi.pardot.com
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
workstepssleep.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.workstepssleep.com
104.18.161.117
142.250.185.227
142.250.185.68
142.250.186.67
157.240.251.9
172.217.23.98
172.217.23.99
18.164.52.95
18.66.102.53
2001:4860:4802:32::36
2606:4700::6812:a46
2606:4700::6812:b46
2620:1ec:33:1::10
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:810::200a
2a00:1450:4001:813::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c0a::9c
2a02:6b8::1:119
2a03:2880:f176:84:face:b00c:0:25de
3.92.120.28
51.8.71.184
52.222.153.83
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
0f041697b282dae297547fc755f50f39f4f3ce9b56ee9eb088cbf08f2f8419a6
12505de68e061c7b21464d25cd37a94d2ceb44aa77ca00ab05e448713540b1ff
135cf80edff4df05cd982c5ff315a50b9b082699d36a9dfb2988250b53b638db
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f132510bc7b665bbe5fb9227b0d2daafa5513296a72f88f88d38179eded9277
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2683ce26b4d0ded8ec8ec6f91985d8969248053c62f581555174f828b747f241
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
38a5b436a9e4f740073a985ddaec0bf5a40e428b919c6e5fc669f4758fa858fc
3d1ab77fbd543665876ba1e5c22c68ff274fcc91cf7a996fc7da05f81e05270f
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
50150c7b74487811061d3b192444b312d007ab3fc3321ccfb1a2fcf39f94f198
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363
62d426aa4f9781734b55b0e380a4c36bba6891bc5573f8ac254971c71361e7ce
6549f5bc96ed2db09b6df2e6b9d3247f936c4b40773158b712ef03bf9c3d9ff7
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55
6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7e5c04ccfe50e8bdf52e98327a2f11e57aaf6c20c714c37ee34dca8fc59d0b3c
7f36841e78f48033233686dadea4d1e948b8cfd3840e3e75bb4fd1a8dcbb8f70
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8e04946174f0e5ac6cb9a086d1cf1c5ba78acd69e37c5af2da88deef0a993a3e
948ffb316a7caaafb40aab087d9a47d610d0fe75f3a805069b6c0f3f65c2e3d2
9535567cf78680a6df04468cdc4e2ae4bb61755f4395d6caa009eff97cecac1c
99ad2a58cb5e749516fac60990d3f9ba0622819e5ffeda7b537bb0b445d31a7f
a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8
a518d969920f8ba9b097fb6df14ebb27f518d2f52d869a6c05b0885a6e66db6e
a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b4a76db7b8bf20c95f3a421e3b9472f9ff7bdaa8355d8722a3ca39ac7bf357f6
ba96f9ca1fab9f94b2e6c1c23f736ce395babc689abc338c23007a02b8bdb12f
c65593fd2a50e479ba7db2b1b41ad7f5318c425e00a433d76b8537a31f2ac74d
c8e7f0f59afed899f3852d007f64eabbbae5b2ce91def869cd418f37b4b1c5cc
c902f4ee78e5b163673e7b12219798188bfc6b55368f3b8f5d620b0feefb0273
cca6c2dd9540ac7b8194f52ad49c3e6312705d4aa25c4cc29d68e9dbb8a3a118
d29de1609682964244bc8dc4064ca380ee33d2a5854f06cf4bc64763c2778c8f
d91886641331de72ecd7d406d2d95fdb0a015108e4b61a08914f15f10e65db29
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfe4cb0bcd615e43c11b51b4ca7d7aa2c7f2f167a7d2b5559281fa2126f437c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ee63e8d79a8216b6ce0577a793b968fda4c3c34f7f1fad1a106698b33bfb7d
ee969b00334003e5dc0886d6f0a1c4e8d924e43aa0cc7d31231869338cda204a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9bfb04a18c8be687fadacd7f67647b65113ee8d1aabcb0f410eac21681fa7ef
fd4033221be45ecb4d3f4f37961865788dd05b6225875415c35f36cc154468eb
fe127281e682037e8d193335ec1ef2bb4ce69afb837d6c4ed3b510128efbd106

www.workstepssleep.com Open in urlscan Pro 2606:4700::6812:b46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

96 %HTTPS

52 %IPv6

20 Domains

26 Subdomains

23 IPs

5 Countries

1510 kBTransfer

3915 kBSize

32 Cookies

3 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.workstepssleep.com Open in urlscan Pro
2606:4700::6812:b46 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

96 %
HTTPS

52 %
IPv6

20
Domains

26
Subdomains

23
IPs

5
Countries

1510 kB
Transfer

3915 kB
Size

32
Cookies

71 HTTP transactions
0 data transactions