www.cgmoneta.com Open in urlscan Pro
3.67.141.185 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Submission: On November 09 via manual (November 9th 2023, 5:07:29 am UTC) from IN — Scanned from DE

Summary HTTP 191 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 41 IPs in 4 countries across 30 domains to perform 191 HTTP transactions. The main IP is 3.67.141.185, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.cgmoneta.com.
TLS certificate: Issued by R3 on September 12th 2023. Valid for: 3 months.

This is the only time www.cgmoneta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	3.67.141.185 3.67.141.185	16509 (AMAZON-02) (AMAZON-02)
8	13.32.99.94 13.32.99.94	16509 (AMAZON-02) (AMAZON-02)
18	108.138.7.94 108.138.7.94	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7ee1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	18.66.112.8 18.66.112.8	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:10:... 2606:4700:10::6816:445f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:440... 2606:4700:4400::6812:29af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
13	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 38	2606:4700::68... 2606:4700::6811:ef9f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.60.75 18.245.60.75	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	65.9.66.57 65.9.66.57	16509 (AMAZON-02) (AMAZON-02)
2	13.32.118.47 13.32.118.47	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:455f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c03::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:5f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.75.76.201 54.75.76.201	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.66.122.50 18.66.122.50	16509 (AMAZON-02) (AMAZON-02)
3	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.208.186.38 54.208.186.38	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.24.174 108.138.24.174	16509 (AMAZON-02) (AMAZON-02)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
11	2606:4700:440... 2606:4700:4400::ac40:9483	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	44.193.110.116 44.193.110.116	14618 (AMAZON-AES) (AMAZON-AES)
1	54.214.153.110 54.214.153.110	16509 (AMAZON-02) (AMAZON-02)
15	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.223.174.208 34.223.174.208	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5814	() ()
191	41

1 3.67.141.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-141-185.eu-central-1.compute.amazonaws.com

www.cgmoneta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.32.99.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-94.fra60.r.cloudfront.net

irp.cdn-website.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
irp-cdn.multiscreensite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 108.138.7.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-94.fra56.r.cloudfront.net

static.cdn-website.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.112.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-8.fra56.r.cloudfront.net

lirp.cdn-website.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:445f (United States)

ASN13335 (CLOUDFLARENET, US)

static.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:4400::6812:29af (United States)

ASN13335 (CLOUDFLARENET, US)

assets.calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700::6811:ef9f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.canva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.canva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
font-public.canva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media-private.canva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media-public.canva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.canva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
telemetry.canva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-75.fra60.r.cloudfront.net

irt-cdn.multiscreensite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-57.fra56.r.cloudfront.net

static.ziftsolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.118.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-47.fra60.r.cloudfront.net

d32hwlnfiv2gyn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:455f (United States)

ASN13335 (CLOUDFLARENET, US)

core.service.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c03::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:5f7 (United States)

ASN13335 (CLOUDFLARENET, US)

universe-static.elfsightcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.76.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-76-201.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.122.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-50.fra60.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o13855.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.208.186.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-186-38.compute-1.amazonaws.com

notifier-configs.airbrake.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.24.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-174.fra56.r.cloudfront.net

d3v0px0pttie1i.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:4400::ac40:9483 (United States)

ASN13335 (CLOUDFLARENET, US)

wsmcdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wsv3cdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 44.193.110.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-110-116.compute-1.amazonaws.com

rtc.multiscreensite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.214.153.110 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-214-153-110.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.223.174.208 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-174-208.us-west-2.compute.amazonaws.com

analytics.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (None, )

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	canva.com 1 redirects www.canva.com — Cisco Umbrella Rank: 2787 static.canva.com — Cisco Umbrella Rank: 4774 font-public.canva.com — Cisco Umbrella Rank: 5299 media-private.canva.com — Cisco Umbrella Rank: 6412 media-public.canva.com — Cisco Umbrella Rank: 5696 media.canva.com — Cisco Umbrella Rank: 6396 telemetry.canva.com — Cisco Umbrella Rank: 3347	2 MB
33	cdn-website.com irp.cdn-website.com — Cisco Umbrella Rank: 20822 static.cdn-website.com — Cisco Umbrella Rank: 21077 lirp.cdn-website.com — Cisco Umbrella Rank: 20393	889 KB
28	tawk.to embed.tawk.to — Cisco Umbrella Rank: 9846 va.tawk.to — Cisco Umbrella Rank: 9510	230 KB
12	audioeye.com wsmcdn.audioeye.com — Cisco Umbrella Rank: 6711 wsv3cdn.audioeye.com — Cisco Umbrella Rank: 4817 analytics.audioeye.com — Cisco Umbrella Rank: 5409	256 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 342	169 KB
10	calendly.com assets.calendly.com — Cisco Umbrella Rank: 12522 calendly.com — Cisco Umbrella Rank: 11005	684 KB
8	multiscreensite.com irp-cdn.multiscreensite.com — Cisco Umbrella Rank: 48097 irt-cdn.multiscreensite.com — Cisco Umbrella Rank: 202328 rtc.multiscreensite.com — Cisco Umbrella Rank: 22333	55 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 m.stripe.com — Cisco Umbrella Rank: 1249	141 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6003	5 KB
5	elfsight.com static.elfsight.com — Cisco Umbrella Rank: 15127 core.service.elfsight.com — Cisco Umbrella Rank: 17092	22 KB
3	gstatic.com www.gstatic.com	401 KB
3	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1361	35 KB
3	sentry.io o13855.ingest.sentry.io — Cisco Umbrella Rank: 12336	438 B
3	cloudfront.net d32hwlnfiv2gyn.cloudfront.net d3v0px0pttie1i.cloudfront.net	28 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	16 KB
2	airbrake.io notifier-configs.airbrake.io — Cisco Umbrella Rank: 6354	490 B
2	google.de www.google.de — Cisco Umbrella Rank: 6862	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	397 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	663 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	7 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	138 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 506 p.typekit.net — Cisco Umbrella Rank: 621	1 KB
1	jsdelivr.net cdn.jsdelivr.net	39 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 590	304 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 4453	11 KB
1	elfsightcdn.com universe-static.elfsightcdn.com — Cisco Umbrella Rank: 25799	86 KB
1	ziftsolutions.com static.ziftsolutions.com — Cisco Umbrella Rank: 54635	40 KB
1	cgmoneta.com www.cgmoneta.com	43 KB
191	30

	Domain	Requested by
23	embed.tawk.to	www.cgmoneta.com embed.tawk.to
18	static.canva.com	www.canva.com static.canva.com
18	static.cdn-website.com	www.cgmoneta.com static.cdn-website.com
11	cdn.cookielaw.org	assets.calendly.com cdn.cookielaw.org calendly.com
10	wsv3cdn.audioeye.com	wsmcdn.audioeye.com wsv3cdn.audioeye.com
8	lirp.cdn-website.com	www.cgmoneta.com
7	www.canva.com	1 redirects www.cgmoneta.com www.canva.com static.canva.com
7	irp.cdn-website.com	www.cgmoneta.com irp.cdn-website.com
6	rtc.multiscreensite.com	static.cdn-website.com
5	va.tawk.to	embed.tawk.to
5	calendly.com	assets.calendly.com
5	assets.calendly.com	www.cgmoneta.com calendly.com assets.calendly.com
4	font-public.canva.com	static.canva.com www.canva.com
4	static.elfsight.com	www.cgmoneta.com universe-static.elfsightcdn.com
3	q.stripe.com	www.cgmoneta.com
3	www.gstatic.com	www.recaptcha.net
3	www.recaptcha.net	assets.calendly.com www.gstatic.com www.recaptcha.net
3	media-private.canva.com	www.canva.com
3	o13855.ingest.sentry.io	static.canva.com
3	js.stripe.com	assets.calendly.com js.stripe.com
3	px.ads.linkedin.com	3 redirects
2	telemetry.canva.com	static.canva.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	notifier-configs.airbrake.io	assets.calendly.com
2	media.canva.com	www.canva.com
2	media-public.canva.com	www.canva.com
2	www.google.de	www.cgmoneta.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	d32hwlnfiv2gyn.cloudfront.net	www.cgmoneta.com
2	snap.licdn.com	www.cgmoneta.com snap.licdn.com
2	www.googletagmanager.com	www.cgmoneta.com www.googletagmanager.com
1	cdn.jsdelivr.net	embed.tawk.to
1	analytics.audioeye.com	wsv3cdn.audioeye.com
1	m.stripe.com	m.stripe.network
1	wsmcdn.audioeye.com	www.cgmoneta.com
1	d3v0px0pttie1i.cloudfront.net	calendly.com
1	geolocation.onetrust.com	assets.calendly.com
1	static.cloudflareinsights.com	www.canva.com
1	w.usabilla.com	calendly.com
1	universe-static.elfsightcdn.com	static.elfsight.com
1	www.google.com	www.cgmoneta.com
1	px4.ads.linkedin.com	www.cgmoneta.com
1	www.linkedin.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	core.service.elfsight.com	static.elfsight.com
1	static.ziftsolutions.com	www.cgmoneta.com
1	irt-cdn.multiscreensite.com	www.cgmoneta.com
1	p.typekit.net	use.typekit.net
1	irp-cdn.multiscreensite.com	www.cgmoneta.com
1	use.typekit.net	www.cgmoneta.com
1	www.cgmoneta.com
191	52

This site contains links to these domains. Also see Links.

Domain
www.adhcunderpayments.com
www.canva.com
facebook.com
linkedin.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
www.cgmoneta.com R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
multiscreensite.com R3	`2023-09-26` - `2023-12-25`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
elfsight.com Cloudflare Inc ECC CA-3	`2023-03-31` - `2024-03-30`	a year	crt.sh
calendly.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
*.canva.com GTS CA 1P5	`2023-09-25` - `2023-12-24`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.ziftsolutions.com Amazon RSA 2048 M02	`2023-07-17` - `2024-08-14`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
elfsightcdn.com E1	`2023-10-02` - `2023-12-31`	3 months	crt.sh
w.usabilla.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-09`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.airbrake.io SSL.com RSA SSL subCA	`2023-10-11` - `2024-11-10`	a year	crt.sh
misc.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh
report-prod.audioeye.com Amazon RSA 2048 M02	`2023-09-17` - `2024-10-16`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Frame ID: 82592893C7D898C8EEF504A7BD5B11D7
Requests: 97 HTTP requests in this frame

Frame: https://www.canva.com/design/DAFvptxe_Wo/view?embed
Frame ID: DF731DF97BEC26EA629F7084A4056E98
Requests: 40 HTTP requests in this frame

Frame: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline
Frame ID: 7F71A5B15952850EBC9F07A7F0BF9E42
Requests: 28 HTTP requests in this frame

Frame: https://w.usabilla.com/dc9688c7588b.js?lv=1
Frame ID: 4A8CFB99AA3B56BEA93747A0656F0075
Requests: 1 HTTP requests in this frame

Frame: https://www.canva.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 18E08420A21E1EDDEC09C88A4227569F
Requests: 2 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=xkj36aavpfts
Frame ID: D96351601A9B5AB63FFC86FC81935EBD
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 163B842C85F04FC3D40E4C6297393187
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 6B659EC3C03BCFC1F50187AFF6F24B02
Requests: 4 HTTP requests in this frame

Frame: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=2039178
Frame ID: A0A34E2A6F41DE8F9A0EBD236855E27B
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/min-widget.css
Frame ID: 754597309DB4D37202F8837C14CAEC03
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/bubble-widget.css
Frame ID: BB20DDEF0CB418E2124891BCBA15B7C3
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/message-preview.css
Frame ID: 74829BE9443505744285C2BE9B3F539B
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/max-widget.css
Frame ID: 90B747CBC305C4153AAF57D5B888D7EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ADHC UNDERPAYMENTS close carousel

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Calendly (Appointment scheduling) Expand

Overall confidence: 100%
Detected patterns

https://assets\.calendly\.com/assets/external/widget\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

191
Requests

98 %
HTTPS

56 %
IPv6

30
Domains

52
Subdomains

41
IPs

4
Countries

5044 kB
Transfer

13229 kB
Size

35
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.adhcunderpayments.com/
Title: ADHC Underpayments Website

Search URL Search Domain Scan URL

URL: https://www.canva.com/design/DAFvptxe_Wo/view?utm_content=DAFvptxe_Wo&utm_campaign=designshare&utm_medium=embeds&utm_source=link
Title: CoWebsite ADHC Underpayments Presentation

Search URL Search Domain Scan URL

URL: https://facebook.com/cgmoneta

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/cgmonetallc

Search URL Search Domain Scan URL

URL: https://twitter.com/cgmoneta

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCydSNzyw5Tzx04ajKqVyXqQ/featured?view_as=subscriber

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1699506443674&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1699506443674&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2226289%26time%3D1699506443674%26url%3Dhttps%253A%252F%252Fwww.cgmoneta.com%252Fadhc-underpayments-client-intake-form%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1699506443674&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1699506443674&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&cookiesTest=true&liSync=true&e_ipv6=AQKGKq-_X46TAwAAAYuyeljpy_cCRrpq2FReMiaju9ziSEnPuQqDePi4i0ZmkoSYCgpgSBo

Request Chain 90

https://www.canva.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.canva.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

191 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request adhc-underpayments-client-intake-form Show response
www.cgmoneta.com/ 296 KB
43 KB 579ms
77ms Document
text/html 3.67.141.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.67.141.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-67-141-185.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3fc0356e946e0c4a778dae4fc3afea43f75ac94d01817b8810926a63d80d178a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 43324
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=utf-8
d-cache: from-cache
d-geo: EU
date: Thu, 09 Nov 2023 05:07:22 GMT
server: nginx
strict-transport-security: max-age=31536000; preload
vary: user-agent,accept-encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 css2
irp.cdn-website.com/fonts/ 61 KB
2 KB 150ms
40ms Stylesheet
text/css 13.32.99.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-94.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: ad7fbcd8ff66daf0836444533ad7713b3c496f34dcfcbc8de244b9aec4591626

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 06:44:28 GMT
content-encoding: br
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
age: 2413375
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MrBh_H8WhOLERvxf6g-KSYSRcEf7my32a9PIyWT4Z3Teys7TIvdlPQ==

GET
H2 200 d-css-runtime-desktop-one-package-structured-global.min.css
static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/css/ 205 KB
26 KB 169ms
46ms Stylesheet
text/css 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31722f3395daa5ea63654a66f1a603474a1567bd77d94619e655a8624786a22a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:10:02 GMT
x-amz-version-id: LizCCDLHqftN3umPDmcaLkJqEuq0Ivw_
content-encoding: br
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 226642
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 13:58:31 GMT
server: AmazonS3
etag: W/"0e1c7724610a0e2078fbe7c4cc8f8626"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: W1dj4QPmSyxb1A18sXRqrH3p_F4ons3acfiZeLw5sdf3p6Uyl4HdcA==

GET
H2 200 768a4c7c39d5403efa67d8006729be2c.css
irp.cdn-website.com/WIDGET_CSS/production_3905/ 28 KB
6 KB 152ms
42ms Stylesheet
text/css 13.32.99.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/WIDGET_CSS/production_3905/768a4c7c39d5403efa67d8006729be2c.css
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-94.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff06887fd7ac3ca670729e32ed8143bb9d04b14ea825a9e944f905db1bd6a993

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:10:26 GMT
x-amz-version-id: Ag.Eab1PNiZ4abxuSW_YZef4yWGbqozs
content-encoding: gzip
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 226617
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 14:10:21 GMT
server: AmazonS3
etag: W/"29c2952b294dcf6246c6cf0b45e93d61"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: vGcuVxUnQJ0lskzO_Bj-8s0k1GAeKdb-OyPr4rxcVM9_jrU4mHjKSA==

GET
H2 200 74b8fd56_1.min.css
irp.cdn-website.com/74b8fd56/files/ 259 KB
30 KB 158ms
48ms Stylesheet
text/css 13.32.99.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/74b8fd56/files/74b8fd56_1.min.css?v=1744
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-94.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c539a052bb796aae20cec8e40ea3cf6431ee917b292e981785cdb4f27c5aa41e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 07:36:12 GMT
x-amz-version-id: XI.Ltkm5TddCN9zLWblHtCviv7SwUu63
content-encoding: br
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 77472
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 19:06:39 GMT
server: AmazonS3
etag: W/"6fcb6422a8b14868e0efbbb2aba579b3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: uhEuI0prwUjyqgJiJinAblMZwfXdsvPVCiE3AN7x5AunszZzemLAGw==

GET
H2 200 xhu4fvu.css
use.typekit.net/ 2 KB
860 B 292ms
197ms Stylesheet
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/xhu4fvu.css

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3f3fe9842edf7f8240031c134670cc14e2227568ce15089e5d1f8a7ca7d1e6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 09 Nov 2023 05:07:23 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 637

GET
H2 200 CG-Moneta-LLC-Logo-1920w.png
lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/ 11 KB
11 KB 148ms
45ms Image
image/webp 18.66.112.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/CG-Moneta-LLC-Logo-1920w.png
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aeb9307c39bd0783b05b8ef1f00cdbc7290f0095068cc51b938d1fc681a8cb85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:20:39 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 222405
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 11008
x-amz-expiration: expiry-date="Sun, 04 Feb 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Mon, 07 Aug 2023 17:01:29 GMT
server: AmazonS3
etag: "daf56eb9b7ba63b0e1f3b6678591230d"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: N3fQCCx7mIPEB4kZdDj5fdhVeD4hi5MsspzNXgYY01aPjWOJd-Yacw==

GET
H2 200 CG-Moneta-Consulting-3-41055b6a-0e779f68-e8adb833-1920w.png
lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/ 19 KB
19 KB 128ms
52ms Image
image/webp 18.66.112.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/CG-Moneta-Consulting-3-41055b6a-0e779f68-e8adb833-1920w.png
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b11bb1c127012d3fd77e3ec2877936533e5c8fce15137a8dbddf7acbd0107f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 07:36:12 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 77472
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 19022
x-amz-expiration: expiry-date="Tue, 23 Jan 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Wed, 26 Jul 2023 20:09:10 GMT
server: AmazonS3
etag: "0b010ef2ac8082067d1dbfc8663b2976"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ZeOnI6fifDgl6YYT6mQ-Ba9cHXjzZR94Cz0qqsHFA1h9C13WChRRgw==

GET
H2 200 platform.js Show response
static.elfsight.com/platform/ 49 KB
17 KB 153ms
50ms Script
application/javascript 2606:4700:10::6816:445f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/platform/platform.js

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:445f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f950cd7338e89507da357380e9fdd90e82a2de58cfe3c0fa598ba086577b25d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx0000000000000709b5577-006549d897-522b2cff-sfo2a
age: 156744
x-envoy-upstream-healthchecked-cluster
surrogate-control: max-age=3600;hw-h2proxy
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Jun 2023 06:39:41 GMT
server: cloudflare
etag: W/"822974687946bd7d91154a68c7415632"
vary: Accept-Encoding
x-hw: 1699338391.cdn4-pxy009-mel02.me1.evs,1699338390.cds006.me1.p
content-type: application/javascript
cache-control: max-age=31536000
x-rgw-object-type: Normal
cf-ray: 82338825ff8665b4-FRA

GET
H2 200 Website+Version+ADHC+Underpayments+Business+Process+Flow+Chart+%281%29-571bd70b-1920w.png
lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/ 39 KB
40 KB 177ms
101ms Image
image/webp 18.66.112.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/Website+Version+ADHC+Underpayments+Business+Process+Flow+Chart+%281%29-571bd70b-1920w.png
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ffc93f6476106172540579f9c36c2f5219b34833b3241d617a617dcba28b0e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:17:38 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 218986
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 40386
x-amz-expiration: expiry-date="Fri, 29 Mar 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Sat, 30 Sep 2023 12:44:46 GMT
server: AmazonS3
etag: "20465c0c4af8a2f2b993c5d3e986f806"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: zYfpjGtzum26EMkYkktBhQ9c7JGrUGCEEBTpxJfhgfNuEE4wuVXWTw==

GET
H2 200 Doc-139c44db-1920w.png
lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/ 20 KB
20 KB 168ms
92ms Image
image/webp 18.66.112.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/Doc-139c44db-1920w.png
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e71ad441d3743415616e89da3ed1b5e524c9014065e0628b49330b8f4992219e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:17:38 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 218986
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 20376
x-amz-expiration: expiry-date="Fri, 29 Mar 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Sat, 30 Sep 2023 12:52:49 GMT
server: AmazonS3
etag: "bf714887782e0b4afd1391423c036bfa"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Qs2Br7MVdouDqfHTFHb40HEPu75rNyZZ6p0Nh9HOrXEYhr7KrKzIvQ==

GET
H2 200 shape.svg
irp-cdn.multiscreensite.com/md/dmtmpl/f92e67d5-4d2a-45d6-b2c2-e37684c0f1c6/dms3rep/multi/ 6 KB
2 KB 188ms
40ms Image
image/svg+xml 13.32.99.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irp-cdn.multiscreensite.com/md/dmtmpl/f92e67d5-4d2a-45d6-b2c2-e37684c0f1c6/dms3rep/multi/shape.svg
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-94.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae5849b3e31df5d935556c4c19fcc98f5eaec2c9dc65f7f526981e3fb3573a41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: fH9h0CqzjabdQ3dzWw_JtrMWLuKRkyBr
content-encoding: br
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
date: Thu, 02 Nov 2023 08:07:39 GMT
last-modified: Sun, 31 Jan 2021 12:24:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 593985
etag: W/"281857b5aec39c3bfcd657846a8c5cd7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: KFFSQUaWhhxtiRchj6N9ZcyKXzjFLTKuQXgWQmb8IncjP7PXt6hJZw==

GET
H2 200 widget.js Show response
assets.calendly.com/assets/external/ 53 KB
19 KB 296ms
201ms Script
application/javascript 2606:4700:4400::6812:29af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.js

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb9b294b344cf47c2af14fafe8528fccc545cb25b9325802a3bd1b0696171b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 22:34:55 GMT
cf-bgj: minify
server: cloudflare
age: 170
etag: W/"3be18f0a18cf9980a421cf1577f639f4"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=300
cf-ray: 82338825ec2239ee-FRA
expires: Fri, 10 Nov 2023 05:07:23 GMT

GET
H2 200 Yellow+CG+Moneta+Logo-1920w.png
lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/ 25 KB
25 KB 150ms
82ms Image
image/png 18.66.112.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/Yellow+CG+Moneta+Logo-1920w.png
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3d25baae1c76af26f76b14f103a4c652f50f2a2c37d1ed3d524dc49f2af8e8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:20:46 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 222398
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 25245
x-amz-expiration: expiry-date="Sat, 09 Mar 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Sun, 10 Sep 2023 20:52:56 GMT
server: AmazonS3
etag: "1c41374c3508c1fa0bbb8dbe21a3c053"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: uS2w9Ffj3EtXkXOje-JIkKvr-kUVlHPsBn___7hFo80o_7MiCp9MvA==

GET
H2 200 jquery-3.7.0.min.js Show response
static.cdn-website.com/libs/jquery/ 85 KB
30 KB 167ms
80ms Script
text/javascript 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/libs/jquery/jquery-3.7.0.min.js
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: JlB87n.8JeSlNMpjtnQ7ZQFJjIuOXDIf
content-encoding: br
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Fri, 03 Nov 2023 18:54:48 GMT
x-amz-cf-pop: FRA56-P6
age: 468756
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 10 Jul 2023 14:02:06 GMT
server: AmazonS3
etag: W/"e6c2415c0ace414e5153670314ce99a9"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: XonV4NQxe6ITIf9a_8eX2W83gNoa93Jnnw3HTxLKCEyIqCP7jIWFUA==

GET
H2 200 d-js-one-runtime-unified-desktop.min.js Show response
static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/scripts/ 365 KB
102 KB 179ms
92ms Script
application/javascript 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a73c8636ef8bc07f6141a88d9dbbe131041148ca19187a785bc74074314b8a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:10:02 GMT
x-amz-version-id: p7TQUsurVSDhGSO1j6uQxZ.omllpjDFi
content-encoding: br
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 226642
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 13:58:32 GMT
server: AmazonS3
etag: W/"76ccdfbc580a608aedf86ab5ab6a92c1"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: cSax3uf-vAhhKg8EOJ1YX5NPtvJJZeJL4ummFgWyDPDLxK2klxj6dg==

GET
H2 200 d-js-jquery-migrate.min.js Show response
static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/scripts/ 11 KB
5 KB 110ms
109ms Script
application/javascript 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/scripts/d-js-jquery-migrate.min.js
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2647b69391c43bb261499c03d1fdf45b6be4eb7b27e404b52fcd73af15172df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:10:02 GMT
x-amz-version-id: HdCS3FyNcF0T5o11zAK35QK3HA9quFvF
content-encoding: br
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 226642
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 13:58:32 GMT
server: AmazonS3
etag: W/"0c0a1fa81ed04355cd2c63c134163cc0"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: t0JtD_W5t2-5tuaNsLAt09lmcsI9x_iGfTAHMOP-V-86l7fXb5bPGw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
50 KB 139ms
53ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-152012684-1

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad31e6b5e9acfc50bd8b0f428d4ee4a511ebbaa619a882edf8b0ad929ff6d8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Nov 2023 05:07:23 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 40ms
39ms Stylesheet
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=xhu4fvu&ht=tk&f=15665.15666&a=3613173&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/xhu4fvu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:23 GMT
last-modified: Fri, 14 Jul 2023 12:44:32 GMT
server: nginx
etag: "64b14330-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 404 1fdsff8os
embed.tawk.to/61251c94649e0a0a5cd2b8b4/ 0
0 133ms
50ms Script
application/x-javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/61251c94649e0a0a5cd2b8b4/1fdsff8os

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:23 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
server: cloudflare
age: 222395
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, s-maxage=2592000
cf-ray: 82338827ce3d4da6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 view Show response
www.canva.com/design/DAFvptxe_Wo/ Frame DF73 243 KB
33 KB 695ms
599ms Document
text/html 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canva.com/design/DAFvptxe_Wo/view?embed

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e23d540a27ad9bd7da671814a7a83a0e75ffc6f59cc53ff7aabfc5af586dc6b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' 'nonce-7r+gmZFkBGqLYa4DnQ7S8A'; report-uri https://csp.canva.com/_cspreport?requestId=823388282cc6368c&app=embed&policyHash=01de3b7f
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cgmoneta.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 823388282cc6368c-FRA
content-encoding: br
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' 'nonce-7r+gmZFkBGqLYa4DnQ7S8A'; report-uri https://csp.canva.com/_cspreport?requestId=823388282cc6368c&app=embed&policyHash=01de3b7f
content-type: text/html;charset=utf-8
date: Thu, 09 Nov 2023 05:07:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: CP=Canva does not have a P3P Policy.
pragma: No-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpU5oybOOStqU%2F3XIBv9%2BoLu7HnhWS9Vhu4QOorZ2o0S5JOygM7OV6Nh%2FqvqrRbjgxJ%2Fbi5IOgxYMjm10qUfWPDGoe9%2BiopmtD9PStrhDudt0%2FOCPR2SJey%2Fd3EZbJSI3HO7eut8alZunvo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: 823388282cc6368c
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H2 200 Website+Page+Graphic+-+Doctors-2880w.png
lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/ 53 KB
54 KB 44ms
43ms Image
image/webp 18.66.112.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/Website+Page+Graphic+-+Doctors-2880w.png
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2664a4943793f01857aa918698cc3486caaf1d67db65cc22ea1230342c993fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:17:39 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 218985
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 54310
x-amz-expiration: expiry-date="Sun, 25 Feb 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Mon, 28 Aug 2023 15:40:22 GMT
server: AmazonS3
etag: "93b1abc4f1905fab3401fbbad48457f3"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5L0xhffvdVnuvQvH8IPXAELXWyc7pFma4LVxOm1CVAfTjijNjuZq3A==

GET
H2 200 Collage+Graphics-2880w.png
lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/ 118 KB
118 KB 43ms
43ms Image
image/webp 18.66.112.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/Collage+Graphics-2880w.png
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d592f442f31831cd13e4b8fb407216d5d3a7c6cfc9f0a35dc63bb246742cded

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:17:39 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 218985
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 120462
x-amz-expiration: expiry-date="Sun, 25 Feb 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Mon, 28 Aug 2023 15:40:23 GMT
server: AmazonS3
etag: "5fc67e519ddcb05295c432c2f5995006"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: fJsfUTL0oPYxvV2DWNRULzvJJWjENf_HwZSnAg3UOqJV2y-ayTsqeQ==

GET
H2 200 Collage+Graphics+2-2880w.png
lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/ 124 KB
124 KB 86ms
86ms Image
image/webp 18.66.112.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/Collage+Graphics+2-2880w.png
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bac77166a80b9444c3f91de078ad9673f4102c9180374de58b3e9d55161ef451

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:17:39 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 218985
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 126646
x-amz-expiration: expiry-date="Sun, 25 Feb 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Mon, 28 Aug 2023 15:40:23 GMT
server: AmazonS3
etag: "70359aae3e7a718f623fedf5f70510ca"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: u6Xoe4o_WzstczDaG6CjstSSFRWIn_IHQqaIqJV7JuUbMVkHap3Kcg==

GET
H2 200 hand_holdinh_iPhone_mockup.jpg
irt-cdn.multiscreensite.com/md/dmtmpl/dms3rep/multi/ 52 KB
53 KB 182ms
44ms Image
image/jpeg 18.245.60.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irt-cdn.multiscreensite.com/md/dmtmpl/dms3rep/multi/hand_holdinh_iPhone_mockup.jpg
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-75.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: babceb84f686bd4e9dab63be7a2bb76f5ccd0251337ff1584357d2eb1df30825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 09:17:59 GMT
x-amz-version-id: A0_bqCsJ.FNWowJVU4RHahdQ7U8DnRZm
via: 1.1 f7bf54ada21ef4f1f7e0646051894136.cloudfront.net (CloudFront)
last-modified: Mon, 20 Apr 2020 10:38:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 244165
etag: "820d2d78f144c7be2f0a4ff6e9f386f9"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 53391
x-amz-cf-id: LQBXdCGBMCJP0GbQ_NpA-EuRHAQC8Iw-5HTW7V_UF1TGkDKFx5NlEw==

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
irp.cdn-website.com/fonts/s/sourcesanspro/v22/ 15 KB
15 KB 83ms
40ms Font
font/woff2 13.32.99.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.99.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-94.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Request headers

Referer: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 12:14:49 GMT
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
server: CloudFront
age: 579154
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
content-length: 14892
x-amz-cf-id: FTRbgUgMHrVr9JbGXQUU5HS_aeHNmByCSo9tp2TuWqq-miYn-9hasQ==

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fontawesome-webfont.woff
static.cdn-website.com/fonts/ 96 KB
96 KB 87ms
40ms Font
application/font-woff 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/fonts/fontawesome-webfont.woff?v=6
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 01:56:02 GMT
x-amz-version-id: bR46Z9gnVogjFEVmln4nlzTlCUFntZSU
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
age: 443482
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 98024
last-modified: Wed, 05 Jun 2019 08:06:55 GMT
server: AmazonS3
etag: "fee66e712a8a08eef5805a46892932ad"
vary: Origin
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 46BPkYbzok_oWU5XfGJa5g2wvaDsbmtvhrvF1p6rPthm3osgHVT5CQ==

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
irp.cdn-website.com/fonts/s/opensans/v36/ 47 KB
48 KB 81ms
42ms Font
font/woff2 13.32.99.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.99.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-94.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Request headers

Referer: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 10:36:50 GMT
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
server: CloudFront
age: 2313033
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
content-length: 48432
x-amz-cf-id: tPZJ30VP7OIGpLbMkiYTuQCQTzZCsyvWIDRWXIYUWxc5lvaCxhT5Bg==

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
irp.cdn-website.com/fonts/s/sourcesanspro/v22/ 14 KB
15 KB 80ms
40ms Font
font/woff2 13.32.99.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.99.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-94.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Request headers

Referer: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 23:59:42 GMT
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
server: CloudFront
age: 709661
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
content-length: 14712
x-amz-cf-id: VBy8nn4KvmSICIfMZyghNq9eVdtloy7idt5C3b28HbBW6nF39fj2jw==

GET
H3 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
irp.cdn-website.com/fonts/s/sourcesanspro/v22/ 14 KB
14 KB 75ms
42ms Font
font/woff2 13.32.99.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.99.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-94.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9

Request headers

Referer: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:19:55 GMT
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
server: CloudFront
age: 2220448
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
content-length: 14160
x-amz-cf-id: ouX5rELlhDefl1a6wFvYhLXBgciMF2Qmijcj8RnGD04InK1MUqRsqQ==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 133ms
40ms Script
application/javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c6d603c605c9e07062ffeba7c47a81e19c4f8c05604c6474371f4ad8b654c758

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 07:18:39 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=85665
accept-ranges: bytes
content-length: 3840

GET
H2 200 8a9982be7a97ad83017a97b409b300b1.js Show response
static.ziftsolutions.com/analytics/ 39 KB
40 KB 609ms
485ms Script
text/javascript 65.9.66.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ziftsolutions.com/analytics/8a9982be7a97ad83017a97b409b300b1.js

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-57.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

41efb03115df0cd1aec6d2a3d54e1d5882e0e66dcfbb3387b17ee979acc19528

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' ziftsolutions.ccindex.cn .ziftsolutions.com .staging.ziftone.com .ziftone.com .google-analytics.com blob: ; img-src 'self' http: https: ziftsolutions.ccindex.cn .ziftsolutions.com s3.amazonaws.com .google-analytics.com data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: checkout.stripe.com .ziftsolutions.com .ziftone.com .getbee.io .googleapis.com .google-analytics.com .zdassets.com .googletagmanager.com .google.com .pendo.io browser-update.org static.zdassets.com s3.amazonaws.com .zopim.com .churnzero.net .marketo.com data: ; connect-src 'self' https: ziftsolutions.ccindex.cn .ziftsolutions.com .ziftone.com .zift123.com .zendesk.com .zdassets.com .zopim.com wss://widget-mediator.zopim.com .churnzero.net .getbee.io .google-analytics.com data: ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: data:; media-src 'self' https: ziftsolutions.ccindex.cn .ziftsolutions.com .zift123.com .ziftone.com .looker.com .ziftmarcom.com .lenovo.com; object-src 'self' https: .ziftsolutions.com .ziftsolutions.com .zift123.com .ziftone.com .looker.com .ziftmarcom.com; frame-src 'self' https: .onserro.com .onserrodemo.com ziftsolutions.ccindex.cn .ziftsolutions.com .zift123.com .staging.ziftone.com .ziftone.com .looker.com .ziftmarcom.com .getbee.io .getbee.com; frame-ancestors 'self' https: .onserro.com .onserrodemo.com ziftsolutions.ccindex.cn .ziftsolutions.com .zift123.com .ziftone.com .looker.com .ziftmarcom.com;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
x-amz-version-id: 7AvEZe.lKvy5bggYYjoFBRM8wUPSoCKt
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
content-security-policy: upgrade-insecure-requests; default-src 'self' ziftsolutions.ccindex.cn *.ziftsolutions.com *.staging.ziftone.com *.ziftone.com *.google-analytics.com blob: ; img-src 'self' http: https: ziftsolutions.ccindex.cn *.ziftsolutions.com s3.amazonaws.com *.google-analytics.com data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: checkout.stripe.com *.ziftsolutions.com *.ziftone.com *.getbee.io *.googleapis.com *.google-analytics.com *.zdassets.com *.googletagmanager.com *.google.com *.pendo.io browser-update.org static.zdassets.com s3.amazonaws.com *.zopim.com *.churnzero.net *.marketo.com data: ; connect-src 'self' https: ziftsolutions.ccindex.cn *.ziftsolutions.com *.ziftone.com *.zift123.com *.zendesk.com *.zdassets.com *.zopim.com wss://widget-mediator.zopim.com *.churnzero.net *.getbee.io *.google-analytics.com data: ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: data:; media-src 'self' https: ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com *.lenovo.com; object-src 'self' https: *.ziftsolutions.com *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com; frame-src 'self' https: *.onserro.com *.onserrodemo.com ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.staging.ziftone.com *.ziftone.com *.looker.com *.ziftmarcom.com *.getbee.io *.getbee.com; frame-ancestors 'self' https: *.onserro.com *.onserrodemo.com ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com;
x-amz-request-id: QH1HKKG95Q4HJJJY
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 39472
x-amz-id-2: 9mZzrVLplUWe0TeYaeZ41+yEBOKxgbQ7CBRol3VSJVzhCeEldWU+7BbaH7/4R4lekAuaw2XRG2w=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Aug 2023 13:12:03 GMT
server: AmazonS3
x-amz-meta-channel-marketing-service: Zift Solutions
etag: "714ff1d0a691ad799db64acda7cde610"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
x-robots-tag: noindex
x-amz-cf-id: N6pGupnO-rRvj4M4fY6J8tlT2UCG31VLTBXd1j9K60q7TLk_mqfydw==

GET
H3 200 dm-social-icons.ttf
static.cdn-website.com/fonts/social_icons/ 7 KB
5 KB 41ms
40ms Font
font/ttf 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/fonts/social_icons/dm-social-icons.ttf?v=xtwitter
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cdb1ac36dd2829866f08390c3e81d461cb56d55d2560e64363492ffb5c3403fa

Request headers

Referer: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 02:04:06 GMT
x-amz-version-id: SnRg4BCe_t8.mDksTi8_1rrWfeVHsdOl
content-encoding: gzip
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
age: 442998
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 16 Aug 2023 13:17:02 GMT
server: AmazonS3
etag: W/"dc5859377b2ca918e132fce2532929d0"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: YiXCeeGxbpJLoEoBUs2UZcvwm_I8A869eGbZYcFBU97Tsu4SX2RTrQ==

GET
H2 200 sp-2.0.0-dm-0.1.min.js Show response
d32hwlnfiv2gyn.cloudfront.net/ 49 KB
18 KB 161ms
44ms Script
application/javascript 13.32.118.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d32hwlnfiv2gyn.cloudfront.net/sp-2.0.0-dm-0.1.min.js
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-47.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4737e970e7344d8bf4ee6760b4a0dd29c21c1899a7c34dbe1e10cb2893834f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: IZwYrapPL5STtMyaSYUvOnEvHgmJogqU
content-encoding: gzip
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
date: Sun, 08 Oct 2023 06:00:40 GMT
x-amz-cf-pop: FRA60-P1
age: 3133648
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 20 Mar 2022 08:45:42 GMT
server: AmazonS3
etag: W/"81ff203c31c9a3e5c15c5a790eebb460"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=6048000
x-amz-cf-id: BXtt8BDpcpwZuXgV3WzIPDYH9rg82LLs-AE5WIxi40qNBa8e8hCS8Q==

GET
H2 200 lozad.min.js Show response
static.cdn-website.com/libs/lozad/1.15.0/ 3 KB
2 KB 40ms
39ms Script
text/javascript 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/libs/lozad/1.15.0/lozad.min.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/libs/jquery/jquery-3.7.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f803337d01a657607bca6b20e06f371c3895b36a5f2be03a8fa9b5e16c9a83e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: _6SCyxVyLbypq6FqWKSVVeOJ5iX21EVE
content-encoding: br
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Tue, 07 Nov 2023 15:37:43 GMT
x-amz-cf-pop: FRA56-P6
age: 134981
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 24 May 2020 08:00:59 GMT
server: AmazonS3
etag: W/"0af1d330e19fe2a0aa127e1709936c75"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: f1FvAOiqN6WREWeJKvLjT1N4LUcgXuDxXQBjgqkMpOt1K_mABKGg_Q==

GET
H2 200 1g7ro6acc Show response
embed.tawk.to/62ceb9207b967b11799955fa/ 2 KB
771 B 493ms
493ms Script
application/x-javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/62ceb9207b967b11799955fa/1g7ro6acc

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d5f6164d43a4cf2131505ac4aa9d91d48135f40f22350268ea89a6bbc56584

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:23 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
server: cloudflare
etag: W/"stable-v4-653fa0ef1ea"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 82338827ce474da6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 dm-common-icons.ttf
static.cdn-website.com/fonts/ 2 KB
3 KB 54ms
54ms Font
application/octet-stream 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/fonts/dm-common-icons.ttf?5f0fg
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 432d3ceb04bc5bb9c94242a57a06211ab0cbe6168af26354223a9b57df4266f0

Request headers

Referer: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: PqntK7H35YcTmkMvqWIJAJRdU.53YusY
date: Wed, 08 Nov 2023 05:36:46 GMT
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
age: 84638
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 2368
last-modified: Mon, 19 Aug 2019 11:53:23 GMT
server: AmazonS3
etag: "b71bfcb8a1c734ad0654e25cd41964f2"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: RumpxefhggYOJq1LH_2lQ3l1FGKGyab3T_npnB5a7qKJEavN4Qa3Zg==

GET
H2 200 cgmonetallc Show response
calendly.com/ Frame 7F71 6 KB
4 KB 527ms
511ms Document
text/html 2606:4700:4400::6812:29af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/external/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

421b37afbd43516bcba80b81ebd3df10718e30af976776fba17516ac1e26f12a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.cgmoneta.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82338827fdef39ee-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 09 Nov 2023 05:07:23 GMT
link: <https://assets.calendly.com/assets/booking/css/booking-06c36cb7.css>; rel=preload; as=style; nopush
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-request-id: 1d428e2dc081b213dfe24add5bab396e
x-runtime: 0.179470

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0ZEPTZY19R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152012684-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

448cf12c27f9290d21916fc5a2b12258344b4104d4c1ec5c9fa14dd3106f04a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89134
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Nov 2023 05:07:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152012684-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 03:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4661
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 09 Nov 2023 05:49:42 GMT

GET
H2 200 / Show response
core.service.elfsight.com/p/boot/ 3 KB
2 KB 345ms
246ms XHR
application/json 2606:4700:10::6816:455f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://core.service.elfsight.com/p/boot/?page=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&w=d18275b4-c273-4fe7-b05d-ac700e0949ed

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/platform/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:455f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb7b2c0f47d5bcca794d5b1be2bed020b4b485b8b544491426b0b87dbad82226

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=0
x-dns-prefetch-control: on
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: unsafe-none
etag: W/"c3d-VIkCrixlrjAgZVQ8gnWkshRt8Nk"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cgmoneta.com
origin-agent-cluster: ?1
access-control-allow-credentials: true
cf-apo-via: origin,host
cf-ray: 823388289fc13653-FRA

GET
H2 200 16.571e75ee8ee8f57b8aa1.js Show response
static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/ 15 KB
6 KB 41ms
41ms Script
application/javascript 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/16.571e75ee8ee8f57b8aa1.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b398a361a4d1114a1cc2306fa58f4fa13d7416fce7df564368d2432e70a3fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:10:03 GMT
x-amz-version-id: Tv9KgAKvpugRwQ75XwVnIg6truPNKoN4
content-encoding: br
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 226641
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 13:58:37 GMT
server: AmazonS3
etag: W/"3b02dff8996c34e1c2641a87e7e692a6"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: msoZtbBQ5cMGodCIeBykznPLFfIsspePbhJRTo9s_twhFrtTFnQlOQ==

GET
H2 200 21.0bf6759b07aeff413864.js Show response
static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/ 3 KB
2 KB 42ms
41ms Script
application/javascript 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/21.0bf6759b07aeff413864.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1a7503af95ecf6b5d1458774fdcece3c522aa64b334b155cdb0330dfeffc1c52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:10:03 GMT
x-amz-version-id: s.h5e8zSygg8NtovEofz6FiKp3pnn8BM
content-encoding: br
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 226641
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 13:58:37 GMT
server: AmazonS3
etag: W/"b4ac69001b282cb0e7809be7170ac148"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: CRjEb7goXzujTObzHtZ-VrJ1Psqd8b697wB6S6Qlz8RZfqEs_AaOPw==

GET
H2 200 2.bb72b5e7f8fd98bc3088.js Show response
static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/ 62 KB
19 KB 42ms
41ms Script
application/javascript 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/2.bb72b5e7f8fd98bc3088.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 386dfc49231c08d62d3162b207d08c14ef50663f60a6f77d5f8b53c6ba4a1034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:10:03 GMT
x-amz-version-id: itEyWu..FOZvei.Ub83bY1cUjdpy9wK_
content-encoding: br
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 226641
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 13:58:37 GMT
server: AmazonS3
etag: W/"588c6d031815b909d2f9013fd1b0635a"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: sVXSQjTQJPZRDpP1KMNxyEuC1tHgwXgOPIQai6tI_KSCvXlb4fJl-g==

GET
H2 200 8.e862fd7d143f131cc4b5.js Show response
static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/ 3 KB
1 KB 43ms
42ms Script
application/javascript 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/8.e862fd7d143f131cc4b5.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 182f9a7ed4dead04b7f0b9cb42af3a9b744f368c6a770ce88e3f6a04bf0778fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:10:03 GMT
x-amz-version-id: yjYwtTGcZq52mMgM.1.5hdCnYA.cShg7
content-encoding: br
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 226641
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 13:58:37 GMT
server: AmazonS3
etag: W/"6d74621440fe03526d6d3719b4f57f7c"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: KRAofXgpLnLWF1MuUMJ9CHNPuV6hCMd37x9B86E2rNj5I9mxkwFIvQ==

GET
H3 200 skrollr.min.js Show response
static.cdn-website.com/libs/bower-skrollr/ 12 KB
6 KB 39ms
39ms Script
text/javascript 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/libs/bower-skrollr/skrollr.min.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/libs/jquery/jquery-3.7.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0d94dfb86d686fa5c7a0ae58ab81d05e42e026f92113d2037e70bbf37bc5da8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: 04xLqcAi1BJ2lpzw2II1Thpz7n9kiiRR
content-encoding: br
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:59:09 GMT
age: 531775
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 25 Dec 2019 10:41:33 GMT
server: AmazonS3
etag: W/"7a180f303bea26a3ef7edf53342e7afa"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 0B4rMINHucDzzcFytIPJDU4zWH69H2rD57wKBVzxy9tYkkECUSifKA==

GET
H3 200 runtime-module-anchors.310620cbfd37cdb290b3.js Show response
static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/ 3 KB
1 KB 40ms
40ms Script
application/javascript 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/runtime-module-anchors.310620cbfd37cdb290b3.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0f95af267be35f4db99666217c62de441c71b4f2eef3f23819f8e063fdd5f7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:10:03 GMT
x-amz-version-id: FRoFDq5SHt6ixFUHuib_zKxTUl27cnuO
content-encoding: br
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
age: 226641
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 13:58:37 GMT
server: AmazonS3
etag: W/"8f5901075e19c8f22e5efeb3e357e9fe"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 2lcySj9o0AX_iZuvspsXdMNSwIL-cGmytspHdeBXCZpt_7yZxYy04w==

GET
H3 200 4.f27a0e156562c19d3620.js Show response
static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/ 124 KB
35 KB 40ms
40ms Script
application/javascript 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/4.f27a0e156562c19d3620.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb8b304d928544c94c1278aa006bcc82559125582e2e53bd33462faebd040a4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:10:03 GMT
x-amz-version-id: 9t3n0ymmCUJcHox19aQmeSCLwjB6Oext
content-encoding: br
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
age: 226641
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 13:58:37 GMT
server: AmazonS3
etag: W/"0389fc913f284e3e177aa2b87a8283a5"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: gqdaO9Yeg-E3f-g6U41kRf9tkq4tmE2Hcr3fVL79tUMHBvOJl_Qx4g==

GET
H3 200 6.b7a0619bd80984d2f1b4.js Show response
static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/ 25 KB
6 KB 42ms
42ms Script
application/javascript 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/6.b7a0619bd80984d2f1b4.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 506becbc4f3f3c89a9b21e29f998cddd3404bf0782dea94ff7f3ce1d98d3de19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:10:03 GMT
x-amz-version-id: ggFdESZv6Wp7QmuJ1d.3.Q.p05c3xRAS
content-encoding: br
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
age: 226641
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 13:58:37 GMT
server: AmazonS3
etag: W/"cd37df452cda304a72dd199b51da0e92"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: PuNQ9kzGyXJY6X-dqkfLg7Jd8HPh_zNBrRVGs2ufENJ1g7s4NzwQEQ==

GET
H3 200 9.e228a24d1f2f64462512.js Show response
static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/ 8 KB
3 KB 165ms
165ms Script
application/javascript 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/9.e228a24d1f2f64462512.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b8cd52b2366ba8d601e2c8f660bd7e2c0b3bd87055687c0aabe5703a02d60ab3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:10:03 GMT
x-amz-version-id: zawu9jHoc_QzBYfI8oWhwyYg.b.tenSz
content-encoding: br
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
age: 226641
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 13:58:37 GMT
server: AmazonS3
etag: W/"fb2a83285bfff5d6605dbfdbef84a72e"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: DEMUBVadhMw4PqSGleXk-Ei6CAYJhmn4H-NrSIjsq05FjO3gjuoPuA==

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 40ms
40ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=39100
accept-ranges: bytes
content-length: 3272

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 133ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0ZEPTZY19R&gtm=45je3b60v882659074&_p=1699506443463&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=323011094.1699506444&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1699506443&sct=1&seg=0&dl=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&dt=ADHC%20UNDERPAYMENTS&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&tfd=1198
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0ZEPTZY19R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 05:07:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cgmoneta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 142ms
48ms Ping
text/plain 2a00:1450:400c:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0ZEPTZY19R&cid=323011094.1699506444&gtm=45je3b60v882659074&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0ZEPTZY19R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 05:07:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cgmoneta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 140ms
50ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0ZEPTZY19R&cid=323011094.1699506444&gtm=45je3b60v882659074&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=45386695

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 05:07:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i
d32hwlnfiv2gyn.cloudfront.net/ 37 B
396 B 433ms
432ms Image
image/gif 13.32.118.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32hwlnfiv2gyn.cloudfront.net/i?e=pv&page=ADHC%20UNDERPAYMENTS&dtm=1699506443661&tid=152888&vp=1600x1200&ds=1600x10759&vid=1&duid=76c4eeb2c20093fc&p=web&tv=js-2.0.0&fp=3652812120&aid=74b8fd56&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&tna=cf&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-47.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
x-amz-version-id: null
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
last-modified: Thu, 03 Jul 2014 09:50:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "3eacd0132310ea44cad756b378a3bc07"
x-cache: Miss from cloudfront
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37
x-amz-cf-id: LiUJV5bs1D_iR3OJSLRhGwt4VEiJ0CAuGz976xFXNt9_pioLZGGrPQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 46ms
46ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=334388386&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&ul=en-us&de=UTF-8&dt=ADHC%20UNDERPAYMENTS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=450944691&gjid=82737692&cid=323011094.1699506444&tid=UA-152012684-1&_gid=1513130651.1699506444&_r=1&gtm=457e3b60&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1609345104

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 05:07:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cgmoneta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1699506443674&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1699506443674&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2226289%26time%3D1699506443674%26url%3Dhttps%253A%252F%252Fwww.cgmoneta.com%252Fa...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1699506443674&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1699506443674&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&cookiesTest=true&liSync=true&e_ipv6=AQKGKq-...

0
265 B

312ms
224ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1699506443674&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&cookiesTest=true&liSync=true&e_ipv6=AQKGKq-_X46TAwAAAYuyeljpy_cCRrpq2FReMiaju9ziSEnPuQqDePi4i0ZmkoSYCgpgSBo
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E09898D48D60490792E54B89CFF73032 Ref B: FRAEDGE1807 Ref C: 2023-11-09T05:07:24Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJsS3yEyXCoaiR/ZedFw==

Redirect headers

date: Thu, 09 Nov 2023 05:07:24 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F2E7DA0BD293463493D09296A2C231BB Ref B: FRAEDGE1315 Ref C: 2023-11-09T05:07:24Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1699506443674&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&cookiesTest=true&liSync=true&e_ipv6=AQKGKq-_X46TAwAAAYuyeljpy_cCRrpq2FReMiaju9ziSEnPuQqDePi4i0ZmkoSYCgpgSBo
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJsS3rKZ+pHuI5Q8FYrw==

GET
H3 200 20.4cfae9a65a031966931c.js Show response
static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/ 4 KB
2 KB 83ms
83ms Script
application/javascript 108.138.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/20.4cfae9a65a031966931c.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3905/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 270210a74fb45c00d2abd485b9bb8d4e2512d033bd1eaeebc17549622f07b1f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:10:04 GMT
x-amz-version-id: fiAzsXvMuejE25IvIiiJWvPjuxU7nXyT
content-encoding: br
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
age: 226640
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 13:58:37 GMT
server: AmazonS3
etag: W/"b44d5ff04aaa3c9015cfa45b73593c98"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 0k7d4ZmIdAQa_LYL1h-LJykpXKBT727eYDLSYDbM3jLJqYjbtKVmbQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 64ms
48ms XHR
text/plain 2a00:1450:400c:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-152012684-1&cid=323011094.1699506444&jid=450944691&gjid=82737692&_gid=1513130651.1699506444&_u=YCDACUAABAAAACAAI~&z=1810866411

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Nov 2023 05:07:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cgmoneta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 139ms
50ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-152012684-1&cid=323011094.1699506444&jid=450944691&_u=YCDACUAABAAAACAAI~&z=1940706360

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 05:07:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 51ms
50ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-152012684-1&cid=323011094.1699506444&jid=450944691&_u=YCDACUAABAAAACAAI~&z=1940706360

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 05:07:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 numberCounter.js Show response
universe-static.elfsightcdn.com/app-releases/number-counter/stable/5d7f9b3e6a6a27ad168c8a5568bc0f00a8056cc4/app/ 256 KB
86 KB 163ms
59ms Script
application/javascript 2606:4700:20::681a:5f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://universe-static.elfsightcdn.com/app-releases/number-counter/stable/5d7f9b3e6a6a27ad168c8a5568bc0f00a8056cc4/app/numberCounter.js

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/platform/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c182a12be507894475e0ca4dc0d90cd484303a090396eccb4d888dadec707cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000007f97757de2e93b8a-00654a1f40-3c6f4933-sfo3a
age: 149737
x-envoy-upstream-healthchecked-cluster
surrogate-control: max-age=3600;hw-h2proxy
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Nov 2023 11:26:44 GMT
server: cloudflare
etag: W/"4eefd696cee340b64d7b1845dfaa2722"
vary: Accept-Encoding
x-hw: 1699356479.cdn4-pxy053-mia02.mi1.evs,1699356480.cds058.mi1.p
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxEv6tFnBSStXZc37ZQHFIIsOvbDIMC3IBNIxjZTBH%2FuEAkQkNaOExa4%2BgTDNXf3KhCzv4ZoAzFXnXsexHsKKDsQw9MU4ySYyWZGSVJVjAY%2B6nix74%2Fde1f1Ji3THjDSxC3kqlTSo9nvdY8KVXzEpi9Ys8PfrATBjSslJs8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
x-rgw-object-type: Normal
cf-ray: 8233882acf57903a-FRA

GET
H2 200 booking-06c36cb7.css
assets.calendly.com/assets/booking/css/ Frame 7F71 319 KB
165 KB 147ms
147ms Stylesheet
text/css 2606:4700:4400::6812:29af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/booking/css/booking-06c36cb7.css

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fe218edbeae627f9ce8c9ce9b90a3a88eef3a1b4abaa1af68f117b9b3a1c93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 212477
cf-polished: origSize=344762
last-modified: Mon, 06 Nov 2023 18:00:58 GMT
cf-bgj: minify
server: cloudflare
etag: W/"516afab41e64c77b2afcb6be9317e7fb"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8233882b388c39ee-FRA
expires: Fri, 10 Nov 2023 05:07:24 GMT

GET
H2 200 booking-runtime-dde45a47.js Show response
assets.calendly.com/assets/booking/js/ Frame 7F71 10 KB
4 KB 140ms
140ms Script
application/javascript 2606:4700:4400::6812:29af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/booking/js/booking-runtime-dde45a47.js

Requested by

Host: calendly.com
URL: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

970ea4ebe72062ba646e37d54261c3819e3418438106ff8495a1630afff2b233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 124325
cf-polished: origSize=19531
last-modified: Tue, 07 Nov 2023 18:29:54 GMT
cf-bgj: minify
server: cloudflare
etag: W/"8abc90ac340e80e2666f0c633f6260fe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8233882b388d39ee-FRA
expires: Fri, 10 Nov 2023 05:07:24 GMT

GET
H2 200 booking-3d0b191b.js Show response
assets.calendly.com/assets/booking/js/ Frame 7F71 2 MB
448 KB 192ms
192ms Script
application/javascript 2606:4700:4400::6812:29af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/booking/js/booking-3d0b191b.js

Requested by

Host: calendly.com
URL: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2871b5d8dc0f312693ac6cd040e207e31a73c50a2b872ef7942006a90b52bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 28333
cf-polished: origSize=1700028
last-modified: Wed, 08 Nov 2023 21:09:16 GMT
cf-bgj: minify
server: cloudflare
etag: W/"56efd3c502eb0b53f86a7aa5029b60d9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8233882b48a039ee-FRA
expires: Fri, 10 Nov 2023 05:07:24 GMT

GET
H2 200 dc9688c7588b.js Show response
w.usabilla.com/ Frame 4A8C 35 KB
11 KB 199ms
54ms Script
text/javascript 54.75.76.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/dc9688c7588b.js?lv=1
Requested by: Host: calendly.com
URL: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.76.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-76-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 82cb0b064c28e5a61038b25972c7eb0937932ceac6b1ac69bff012ea67b78649

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 05:07:24 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "5bff49eccfb4bff9d93420062693daaf"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 10668

GET
H3 200 app-number-counter-handshake.svg Show response
static.elfsight.com/icons/ 2 KB
1 KB 520ms
474ms XHR
image/svg+xml 2606:4700:10::6816:445f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/icons/app-number-counter-handshake.svg

Requested by

Host: universe-static.elfsightcdn.com
URL: https://universe-static.elfsightcdn.com/app-releases/number-counter/stable/5d7f9b3e6a6a27ad168c8a5568bc0f00a8056cc4/app/numberCounter.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:445f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c3f43f9e433cc7dcf72557510e28f069ec93162a399793e6610b7a7f97a70cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx00000000000006d2edf52-006547a982-522b2d6d-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Nov 2023 13:28:26 GMT
server: cloudflare
etag: W/"8365d636afeadfb6db4349487819f546"
access-control-max-age: 0
x-hw: 1699195266.dop152.ch4.t,1699195266.cds259.ch4.shn,1699195266.dop152.ch4.t,1699195266.cds165.ch4.p
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
x-rgw-object-type: Normal
vary: Accept-Encoding
cf-ray: 8233882c0ce2917d-FRA

GET
H3 200 app-number-counter-coin.svg Show response
static.elfsight.com/icons/ 1007 B
920 B 550ms
510ms XHR
image/svg+xml 2606:4700:10::6816:445f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/icons/app-number-counter-coin.svg

Requested by

Host: universe-static.elfsightcdn.com
URL: https://universe-static.elfsightcdn.com/app-releases/number-counter/stable/5d7f9b3e6a6a27ad168c8a5568bc0f00a8056cc4/app/numberCounter.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:445f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f9e9ae956ffab2981f954cf29a01f69353508687b3d7f9696dc502155b2a569

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx00000000000006ae52522-0065460dab-522b2d1d-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Nov 2023 13:28:25 GMT
server: cloudflare
etag: W/"ad06adc529ae39fd1db888f13182b5a7"
access-control-max-age: 0
x-hw: 1699089834.dop206.la3.t,1699089835.cds265.la3.shn,1699089835.dop206.la3.t,1699089835.cds263.la3.p
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
x-rgw-object-type: Normal
vary: Accept-Encoding
cf-ray: 8233882c0cde917d-FRA

GET
H3 200 app-number-counter-graphic.svg Show response
static.elfsight.com/icons/ 916 B
841 B 520ms
481ms XHR
image/svg+xml 2606:4700:10::6816:445f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/icons/app-number-counter-graphic.svg

Requested by

Host: universe-static.elfsightcdn.com
URL: https://universe-static.elfsightcdn.com/app-releases/number-counter/stable/5d7f9b3e6a6a27ad168c8a5568bc0f00a8056cc4/app/numberCounter.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:445f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb3a62140e15c0ae94ced7e32c1b9f373601371a313fe6f4836d993463f57204

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx00000000000006d10643d-0065479600-522b2d40-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Nov 2023 13:28:26 GMT
server: cloudflare
etag: W/"a3101c9a376fc17a876d63b186da0848"
access-control-max-age: 0
x-hw: 1699190271.dop212.ch4.t,1699190271.cds010.ch4.shn,1699190271.dop212.ch4.t,1699190272.cds232.ch4.p
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
x-rgw-object-type: Normal
vary: Accept-Encoding
cf-ray: 8233882c0ce0917d-FRA

GET
H2 200 34974472b1ee4f72.ltr.css
static.canva.com/web/ Frame DF73 92 KB
24 KB 164ms
62ms Stylesheet
text/css 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/34974472b1ee4f72.ltr.css

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f6c60fb96e5295acc389294169eaca07a47e51084de0976268eac9ebbb7d66e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 12976
x-amz-request-id: J5SKR41KYA5ZWMMV
x-amz-server-side-encryption: AES256
x-amz-version-id: CHZBr4UraFrH4J55WlBqH7eQaAOlLMYi
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: JIxgusM2Ay3SH5mk0/3P2xEyYjAww3NW4NgEW7Uh0Ez3bTKgh1VzgkeZJw4roQYphGAww3R9t+s=
x-amz-expiration: expiry-date="Sat, 09 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Thu, 09 Nov 2023 01:25:45 GMT
server: cloudflare
etag: W/"431f1e9593b51560a62d58fba7aca9d5"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dR8ll2t2C%2FNrCQi%2FewN0E%2BaUkbTCwlTbvWM4BGqsSxgO%2Bg5bg6kcbJynyIAD2Hw8pukJDwkE47RU27OzveBprt%2F01OGLe2W7MVpRr6Yv3r4WA1WINzQjjKkkPn67Hmr7IfY4t3yeiGmgLhb3tms%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
cf-ray: 8233882d2f4092c9-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:10 GMT

GET
H2 200 276556775983ce13.strings.js Show response
static.canva.com/web/ Frame DF73 3 KB
3 KB 206ms
105ms Script
text/javascript 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/276556775983ce13.strings.js

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd003e70daf5846efc00f805dae370c8a8cfeaf73fe2b91ce971edbbf4fc64b3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 100839
x-amz-request-id: EQ2PC7RDQX203X4Z
x-amz-server-side-encryption: AES256
x-amz-version-id: U.bhV51CifeDgqQWDc7Rnn7dhU51zL22
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: bETuoWcanxN4djvljYz6hxntUMij02u7o1DOsuYjxWCg10566scC1KnndOPCz5XSyctj/wqs0/U=
x-amz-expiration: expiry-date="Fri, 08 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Wed, 08 Nov 2023 00:59:18 GMT
server: cloudflare
etag: W/"749968e1b4f41ae9a9b505df91a53923"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=he4C9CNZm2MSnOGA9pqT9Uvm4XmL7DwOk%2FTC1l%2BBO9o8unUlECFbiafNoaOJql%2Ftz%2FsLvPXdOVrR9Uh76FFBT6eY%2BX1oyNUip8TYs%2Bj7LpGJn30egYSIg48a2%2Fj1d4LpVA5%2Fs2YQGI01yEIAttk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
cf-ray: 8233882d2f4392c9-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:10 GMT

GET
H2 200 82db7c6fc7b35f8b.runtime.js Show response
static.canva.com/web/ Frame DF73 16 KB
7 KB 164ms
63ms Script
text/javascript 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/82db7c6fc7b35f8b.runtime.js

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

408f3bd7d6193cab269c6256dd0bf8e1b6667cfd5fb7a413c329bd48b7e78341

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 12851
x-amz-request-id: XR9PE3CZN8VV3888
x-amz-server-side-encryption: AES256
x-amz-version-id: yNf3XjHtu5Sk0V1HOSYaNfDOIKFJYO8i
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ROkDh6XGMxBu7wOnQFcUmb1h3hunURHfgOd0Ag5CKkTod2fRVWbZFUafCn1ZWmoSCNyWNVXQw8A=
x-amz-expiration: expiry-date="Sat, 09 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Thu, 09 Nov 2023 01:25:45 GMT
server: cloudflare
etag: W/"487677034e40e048afafe086ae74fbb6"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIfsSDr296LW8SKQ7CKVczw%2FoqdnQLgVZUQANeODc7nWqGD3UpeTM77N0heMVm2JX3DkSRrL260%2B0dm13kiUtohSJ%2BMgsPQ4B0FjdnO2DaBAaxBryart%2FFvbigo0M5sDBD3G98DTmIveFHEGZgs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
cf-ray: 8233882d2f4892c9-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:10 GMT

GET
H2 200 fd7d0bdee2bdc049.vendor.js Show response
static.canva.com/web/ Frame DF73 202 KB
65 KB 165ms
64ms Script
text/javascript 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/fd7d0bdee2bdc049.vendor.js

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afb56f03f1f14f412565f7750d2e602932e99da1716836842deb3fce25815868

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 181717
x-amz-request-id: 01D8SS83JRYG8V7C
x-amz-server-side-encryption: AES256
x-amz-version-id: f9EmtQnKRTbZXL9ZsDwoYnt4I0g6qC8i
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: r/EOhqSMtABiiT1DJgW1nqXIluIkaWxsVqqeUFNRtS5McRHeixK7T5yL5N0ZiG+O5MM4JXh8HuI=
x-amz-expiration: expiry-date="Thu, 07 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Tue, 07 Nov 2023 01:24:59 GMT
server: cloudflare
etag: W/"bf373ce750acde1457b213352c091f0f"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEQ7ZLwF7S6OEvy0DrMfJ5UpuGmJDOq1O9ypd5U5flFwo34qC%2FqPDC3JIYL9X5eoiRVjdT40gW6jtVfH%2FKSQxp4tUjhdMo%2BLiVzsbTC3kE3SV597yAsurSALvVOpIwcZZb5aM2%2Bm6k69p3FLj1k%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
cf-ray: 8233882d2f4692c9-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:10 GMT

GET
H2 200 273279378ba0de14.vendor.js Show response
static.canva.com/web/ Frame DF73 157 KB
49 KB 205ms
104ms Script
text/javascript 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/273279378ba0de14.vendor.js

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

310c5308efe842903bdeef1ec8963a7758e3998bef5f54ce2dcd433d3ae519c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 100839
x-amz-request-id: TDCQ8RQCMY5RXYSX
x-amz-server-side-encryption: AES256
x-amz-version-id: iIB77jhd.Dv7XvpBA6e0Cb4AZrNx1Yuc
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Bw0ZkCjsNAY+4Cz24qgAZPCFv4TUx7RyhhgsJVf3qk4FhDDXA4bgtwYAlxak1RBi4jRGqxkZBLc=
x-amz-expiration: expiry-date="Fri, 08 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Wed, 08 Nov 2023 00:59:18 GMT
server: cloudflare
etag: W/"94e738048bd51f3885fe0a85b8459a98"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oFcF%2FTUK60nL6XlQiM%2B8sOZm2ghDTi99vl8tj1q1iLHGPd6V2YrLSbOkaTAkg9A6qGoVFZkVYBSjcBrJj5m%2F%2Bk2udhGVSTrtm3FE0jfojO1RKhI%2FO8GIgGF%2Fnffkahw1ATaUEjrNyVTLQodG9I%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
cf-ray: 8233882d2f4592c9-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:10 GMT

GET
H2 200 f23e4eb2ce6dc8c4.js Show response
static.canva.com/web/ Frame DF73 1 MB
371 KB 203ms
102ms Script
text/javascript 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/f23e4eb2ce6dc8c4.js

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b663f3a69d732e9fa97848f40210af1c03242c22151997a4af006d2a8036ea03

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 12851
x-amz-request-id: XR9JEASBM8WR64T1
x-amz-server-side-encryption: AES256
x-amz-version-id: lQXHS44COX7bekuOwfA1cyPkNI2aLng5
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ndUNwFWD0drbBJk2kyV20OLW1WKXzBiyMmrpMVIHxrY9dYhE/mu7L6Dpn+nLOIKuHvGYXa8iTSY=
x-amz-expiration: expiry-date="Sat, 09 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Thu, 09 Nov 2023 01:25:46 GMT
server: cloudflare
etag: W/"fa210e20743f4ae5ac0b21a63acd8041"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRrMnMdSXb7MLQUaFlyVTFQqV%2BNIp2GYebI8fmUHBuLAZDyAlMmUGIF5Dxuqk09xpWEZ%2BtP0jCzpaUWbqbIo%2BCY4G7CzP5X4jEsAPjDI7JM%2FeVVGvt2KMe%2FDxmv2hVkcoDD3QkB9GEkkpgUzX18%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
cf-ray: 8233882d2f4792c9-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:10 GMT

GET
H2 200 7.16.0.min.js Show response
static.canva.com/static/lib/sentry/ Frame DF73 54 KB
20 KB 77ms
59ms Script
application/javascript 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/static/lib/sentry/7.16.0.min.js

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6de703f8ee214808496dcd92795ac8971782935ed75abdd5624c814e69daaea

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 181700
x-amz-request-id: M7BB2XT7KYE9RC4M
x-amz-server-side-encryption: AES256
x-amz-version-id: 7Y.eDQVdH_1a1Q9tppJ5zLqjHXQ7moAO
content-encoding: br
x-amz-meta-vary: Origin
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: wxvsu73NjGvyoD0LKY5GTXcKMYeLItyOpv3pCyVbu/iRvGOkfFxjdhpzQ23V47NgXfFgz0pePsw=
last-modified: Mon, 11 Sep 2023 23:43:07 GMT
server: cloudflare
etag: W/"6dc1cce8077783c3610fe0d0c263e0b4"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vuQGBjxkMStQJVpICEjnRXsE57wtEF9NnO5U4NTjSOIqMa%2BbdDxfivpIpv851ThwbYP37W%2BP1xEs1Nq9p0klwqwPYS%2F4gf6QQu4HmcxIzxa%2FNxD03UxrflSzlAc1xy%2FvtO%2F43Uirl09JF1TeW8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31556926
cf-ray: 8233882ca8db368c-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:10 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame DF73 20 KB
7 KB 160ms
70ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8233882d198465a2-FRA

GET
H2 200 v3 Show response
js.stripe.com/ Frame 7F71 552 KB
136 KB 167ms
46ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-3d0b191b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7979596929ec715a2cafe7a731351b4a3f53d289a907cd559e51763c7b4f64de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:06:38 GMT
content-encoding: br
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 47
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
last-modified: Wed, 08 Nov 2023 21:32:49 GMT
server: Cloudfront
etag: W/"ebdae61362ab0800f9146bfd412764db"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 5wf8mt39gtBPhveDFbBBlIMXPyjFLDW1xP8vkhQkrjTrKmh3mUV5tw==

GET
H2 200 user Show response
calendly.com/api/booking/ Frame 7F71 2 B
203 B 296ms
295ms XHR
application/json 2606:4700:4400::6812:29af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calendly.com/api/booking/user

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-3d0b191b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json, text/plain, */*
Referer: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline
X-CSRF-Token: Gww3DHuKvohX4oWreN0W1H91X-eXozF8YR5I2BI3Ss9i28BqCa-25Xr4wFH1KdmVnxdEneeDxhphG5sYRbzoVA
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-runtime: 0.010683
date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
etag: W/"44136fa355b3678a1146ad16f7e8649e"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 8233882d5a9939ee-FRA
x-request-id: 174d54fb8d4af411f2d114d30d9f1bc3

GET
H2 200 request Show response
calendly.com/api/booking/ Frame 7F71 41 B
199 B 238ms
238ms XHR
application/json 2606:4700:4400::6812:29af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calendly.com/api/booking/request

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-3d0b191b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

646c9c575c477ec1fc64f3df83af60acea3a0ecf4f6dd2c7202a32e8e115ada9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json, text/plain, */*
Referer: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline
X-CSRF-Token: Gww3DHuKvohX4oWreN0W1H91X-eXozF8YR5I2BI3Ss9i28BqCa-25Xr4wFH1KdmVnxdEneeDxhphG5sYRbzoVA
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-runtime: 0.013833
date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
etag: W/"646c9c575c477ec1fc64f3df83af60ac"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 8233882d5a9a39ee-FRA
x-request-id: a2b8dab366c74bf7400d326335744dd7

GET
H2 200 settings Show response
calendly.com/api/booking/ Frame 7F71 2 KB
1 KB 242ms
241ms XHR
application/json 2606:4700:4400::6812:29af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calendly.com/api/booking/settings

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-3d0b191b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01a66f314327c44281f84d65a39b9473117ef5e91035f9c1b9554b63431242c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json, text/plain, */*
Referer: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline
X-CSRF-Token: Gww3DHuKvohX4oWreN0W1H91X-eXozF8YR5I2BI3Ss9i28BqCa-25Xr4wFH1KdmVnxdEneeDxhphG5sYRbzoVA
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-runtime: 0.011968
date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
etag: W/"01a66f314327c44281f84d65a39b9473"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 8233882d5a9b39ee-FRA
x-request-id: b2b1f80c359387ee6de33c23f0b67aa1

POST
H2 200 / Show response
o13855.ingest.sentry.io/api/6081839/envelope/ Frame DF73 2 B
324 B 238ms
41ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o13855.ingest.sentry.io/api/6081839/envelope/?sentry_key=3daf58e34a9945fe9c5defceb4bfcb59&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.16.0

Requested by

Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/7.16.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.canva.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H2 200 / Show response
o13855.ingest.sentry.io/api/6081839/envelope/ Frame DF73 2 B
57 B 43ms
42ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o13855.ingest.sentry.io/api/6081839/envelope/?sentry_key=3daf58e34a9945fe9c5defceb4bfcb59&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.16.0

Requested by

Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/7.16.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.canva.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H2 200 / Show response
o13855.ingest.sentry.io/api/6081839/envelope/ Frame DF73 2 B
57 B 42ms
42ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o13855.ingest.sentry.io/api/6081839/envelope/?sentry_key=3daf58e34a9945fe9c5defceb4bfcb59&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.16.0

Requested by

Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/7.16.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.canva.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 d465ae4f6bd7699d.js Show response
static.canva.com/web/ Frame DF73 7 KB
4 KB 62ms
61ms Script
text/javascript 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/d465ae4f6bd7699d.js

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/82db7c6fc7b35f8b.runtime.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7c77041d68d1dd60668ed0c4a5991ac62b5aaf1a21d198c90311ff6bf43148c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 12819
x-amz-request-id: 8X1D6WFVYVPX3V7F
x-amz-server-side-encryption: AES256
x-amz-version-id: Moe10r_iNJYy8cqGGHm38NAt9EQOECWa
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tJ3qEAfwqzuRFljYfqABYRkqu5gW8VVbipqXzOR9EUFjA+6y8bxyaTemhvSWdtfzui6p7hyIkpw=
x-amz-expiration: expiry-date="Sat, 09 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Thu, 09 Nov 2023 01:25:46 GMT
server: cloudflare
etag: W/"1437a66ca1eb95765d334674d85a94e6"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBUKXXU%2BNk7S%2FLYvEEtHZAHfVqSQ7u8HMWTo8unHIZ45g9WqzViHAAXsmB8t4WAqRpw0d77WdMwrb%2F78XUmKcldNiXZyHh7r0TAkfOFNWczP1EBlw4i8Qf%2Fumwe2A132NIYf1BnQQoHQJdf48bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31556926
cf-ray: 8233882efaf4368c-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:10 GMT

GET
H2 200 8f8270bab9bd6616.vendor.js Show response
static.canva.com/web/ Frame DF73 91 KB
32 KB 61ms
61ms Script
text/javascript 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/8f8270bab9bd6616.vendor.js

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/82db7c6fc7b35f8b.runtime.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38a13afa1a9ffd73252e6725c09be18579dea266e3654d226e50f5a6fe999808

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 181685
x-amz-request-id: 0BF8YJF9FCQT7J47
x-amz-server-side-encryption: AES256
x-amz-version-id: FnGRD_r5Bh_MFe7b.jqzgnwZX09aCRD.
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Jj17KIFxo2pOhz8RtPbvuK/e37pxSpxrj/JgqiIKi/64EM4OSKs3mTKu5KP8dDaWVKUdKP9mztQ=
x-amz-expiration: expiry-date="Thu, 07 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Tue, 07 Nov 2023 01:27:51 GMT
server: cloudflare
etag: W/"a28497929eef6e96b44d2ce62ecd2807"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtsuEzYd%2BHpWC6HlFceh0peNP8CWKijGJVPJZzioV2FTuujWuIdHZtO1OtwszOs1jsfQmUt53%2Bi%2FdsEauqWkP4EbRB4SgzcFSURkgKBIenCYB8Szp8K%2F8xfyd3s2n3rLmGLJD9Wg%2BJqAtnTog1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31556926
cf-ray: 8233882f0af8368c-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:10 GMT

GET
H2 200 5d9e623c87618b39.js Show response
static.canva.com/web/ Frame DF73 7 KB
3 KB 73ms
71ms Script
text/javascript 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/5d9e623c87618b39.js

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/82db7c6fc7b35f8b.runtime.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

273724e1be99ddeaee985fb777d76b1683b2cfa0cd9b74d1877775c6a10c44be

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 12819
x-amz-request-id: 8V82N4SJW19GE4YK
x-amz-server-side-encryption: AES256
x-amz-version-id: ipbSGYKe4j18_I6uOcv7Xh6TF5SaNXnm
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: wtASeH9jHa4pSmMbMZspgQoOf+8uusgQNrnkWYvw7O4/Ke1AS+FrLWsmZ3VKtibpK6GbJWL4Vx4=
x-amz-expiration: expiry-date="Sat, 09 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Thu, 09 Nov 2023 01:25:45 GMT
server: cloudflare
etag: W/"5a74babe559470416364ca4004031eac"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tO6aHi0KEYxWL0ypHaGC4RpfUzwe4Szv%2FADrUgt9ycFhrdXCgl%2Fa7gQVVzmkKOFDmWTsC1PdBaVGyM9zkzN1kcV3Pnbh5Tq5sIRfmtG8Ki7dzYjO495NX9lMdUCQtApoB%2BO34uqiLCG5ZZvXmmc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31556926
cf-ray: 8233882f0afb368c-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:10 GMT

GET
H2 200 13f22b68aa0c0832.js Show response
static.canva.com/web/ Frame DF73 13 KB
5 KB 63ms
62ms Script
text/javascript 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/13f22b68aa0c0832.js

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/82db7c6fc7b35f8b.runtime.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18681de0d6b00f504f476e2dd4a8579e045f5e9f6dd4ae44d2f9402cfafc2641

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 12819
x-amz-request-id: 9R303JZGZ1QCWT2B
x-amz-server-side-encryption: AES256
x-amz-version-id: UUZRUOUWgO5gyVARS7mpQN6L0iaXSJAM
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: gRXpmmwjoeNEpU6L2HkM7VdoO7jGzwB8iJZOTsJWCLxVgLtiarfW2qz3TfepyAK4H0S5FUEFZFE=
x-amz-expiration: expiry-date="Sat, 09 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Thu, 09 Nov 2023 01:25:44 GMT
server: cloudflare
etag: W/"c190b27454a8a0c354f7d9c0e965a637"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48NIgVfXIs0a5QrTnqYqgsikx%2BoOUt4vdRnJmXYwJlXwv2UBBkp%2B%2B%2F9mPZQiVzP00h7esZ5%2FQEbWKYMD06jRU7YvDxwxyJXcuQhzMFiz75rjhUG6Z5TNCJJB84ekhJbj2v8AO8AAoGQaAy0yZjw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31556926
cf-ray: 8233882f0afc368c-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:10 GMT

GET
H2 200 b46630e470f4040eba7033cf2435edce.woff
static.canva.com/web/images/ Frame DF73 1 KB
2 KB 70ms
70ms Font
font/woff 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/images/b46630e470f4040eba7033cf2435edce.woff

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/34974472b1ee4f72.ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e32aea52247a81c38b4735e84a28ba27b0cbc33f007a1d14e81e64ba766eadd

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.canva.com/web/34974472b1ee4f72.ltr.css
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 181677
x-amz-request-id: 01D4VZWWTKED076R
x-amz-server-side-encryption: AES256
x-amz-version-id: NUSydBz2WYWgqHaWeiFtnSpkR3n4elJJ
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 1136
x-amz-id-2: k2H87VUt542UmTlPEZx8DRHJuiXlJvCIrETZHSPzPClpSQM0CL3Kz1ZZcX8UP3IOq9Y5BjLdHNs=
x-amz-expiration: expiry-date="Thu, 07 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Tue, 07 Nov 2023 01:52:14 GMT
server: cloudflare
etag: "b46630e470f4040eba7033cf2435edce"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: font/woff
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNejzJp7H1LSfzPOuagViQieH41lgOyiDTfes%2FGEy66bUPLrbdjb28Kfp2psfMfe1mb8sD%2FRlA%2FjJtome7hhNWAnUua3KEUpGqpmz402buOb3NP2yVzyF5cOSHqEs%2BitCaggGkJEt2cNGO5MQwY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 8233882fda4f92c9-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:10 GMT

GET
H2 200 31ed695fc889d00593852e4078080fe8.css
font-public.canva.com/_fb/s/ Frame DF73 34 KB
2 KB 73ms
56ms Stylesheet
text/css 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://font-public.canva.com/_fb/s/31ed695fc889d00593852e4078080fe8.css

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/f23e4eb2ce6dc8c4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

587e53033e66207407f9108a4f3aee7827cc50a0de5a64ec769c75fd47f90a90

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_font-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_font-public
age: 181715
x-amz-request-id: 0BF9BKGP93Z629N9
x-amz-server-side-encryption: AES256
x-amz-version-id: vyr5_vt3y3tjZ_s2yxmwfnXM1Qv8Xk8f
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: pWOxl4MJ8Iq5oKo7g+luUnFD0ys3LDv4UFhhSYNSQ7FV+4vaUSbgUpdRVsuMsAUu5dBR6RcszZU=
last-modified: Mon, 13 Mar 2023 08:11:23 GMT
server: cloudflare
etag: W/"46d87b5a7661e0529b44aca65fbdef86"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3CKZkaZoX3LtiPyw7JiE%2FvWp152U7dAc76NInbxq80wgPO96aPo90DBhGrV6Sx4Ss0gnqwyYRdm7mUmj%2FF2uE8%2BxTYa9gqhK%2FeZcN62yETNTCbokUbTR6u0ymkjl4mC25YKmxEtULT%2FW4hZmVkfjfxZIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 823388300bcc368c-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 05:07:24 GMT

GET
H3

200

main.js Show response
www.canva.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 18E0
Redirect Chain

https://www.canva.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.canva.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

53ms
52ms

Script
application/javascript

2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canva.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02860aebac589c075ea6261fc266608a79058b1da8e660aaf89bcedfe64c3c0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEjRXHFd9TLlXFjNYICjVTOf%2FXPkfKnaQQ7mzvhVQjuTZ3Z4ZZ7rUU3ovcg9f%2BvsgwMHkbRgT3wmSUTCJaujdX4zaJG959u1XjOD3ZOvzXfxxWsOxVk3vR9c6rLNYZVTBPIj5l%2B6eJlYk4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 82338830ebb35d8c-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTqYKHdSDMp4JMyUvb3Hxl%2FeKWN8z9IcnnW1tG7LrOmhoVRUiZ9VtqyOiSWjDZpkQPwoZS9rYIZtwGuEwDzYUOUXb%2Fv1XBiNrdTMzpcJwgKISE6EUnyrqeqW1QT3pmQB799S5lLZrxoDtXc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
cf-ray: 8233882ffb1e5d8c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cff149ee1e9d2be50ac77bcd86769d05.woff2
static.canva.com/web/images/ Frame DF73 38 KB
39 KB 78ms
76ms Font
font/woff2 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/images/cff149ee1e9d2be50ac77bcd86769d05.woff2

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c84de7e52d68bd3b651219e7085236babc85a0c7c79f21a14f0cdddbd0fb4b4c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 181715
x-amz-request-id: 01D057MNANK2RT9N
x-amz-server-side-encryption: AES256
x-amz-version-id: YEA5eo3Fp8S09b5bD2ry0YglfxfscDWG
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 38848
x-amz-id-2: hPRQeOnQsYApHeYUx2c6Q5SUrV52JbLAvC5kjD7aIXwfjGzOsIdfm9RLntytMZu52MtHqSVj8cQ=
x-amz-expiration: expiry-date="Thu, 07 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Tue, 07 Nov 2023 01:52:17 GMT
server: cloudflare
etag: "cff149ee1e9d2be50ac77bcd86769d05"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdCysuRRFjin7sPlqU1Cfk9QnuYoS%2BI43dft5RsuTAq1Ma8fwmreQsIMYvPas%2BMggtNGlw%2FLxf0ACZ%2BXY2FuEdTudtwwqQ4TSMhTCikAgiszetJ1SJLL1tA%2Bi9fv9zYjEPcde8i3b24SmHzTQng%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 823388305ac792c9-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:10 GMT

GET
H2 200 CanvaSans-Regular.592419fd53b74a78d4ae9d.4377ff44aa925d2cc65596b765a8219b.woff2
font-public.canva.com/YAFLd8sKbwc/0/ Frame DF73 33 KB
34 KB 83ms
82ms Font
application/octet-stream 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://font-public.canva.com/YAFLd8sKbwc/0/CanvaSans-Regular.592419fd53b74a78d4ae9d.4377ff44aa925d2cc65596b765a8219b.woff2

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f79479236fb92f5507db8d2f7230c48b27f6609354ace7c26e1e32a04ed0f806

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_font-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_font-public
age: 181356
x-amz-request-id: 01DEWN5GZ6Q9CN9J
x-amz-server-side-encryption: AES256
x-amz-version-id: H5Ul9mCzHlDJ_38WE3WffAQfMBAmdYh1
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 34060
x-amz-id-2: bSbjn8KrvCawsuorcJwu+UJWnWMLsbR99bblBdXdFmvJvdoqRY8Z2ctsgy01DyOoNyCgdCL8sPU=
last-modified: Tue, 06 Sep 2022 15:12:16 GMT
server: cloudflare
etag: "4f7938cd9af5c416074a166cef004afe"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoNMosVcvY3JZbG68je50PmeLbzYwlfDMJHn3IcECt%2FmKbSTNH1wr9vnwmXvu1TwBMA%2F3XC0UXH5bbI5T8oe0qtZxtenQS%2FrjsMjh8k%2BVmqtJjSsTSlTU6C6cKmCdPIItpkQjHEeF8lj%2BXxxq8%2B57W%2FkTg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 823388305ac992c9-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 05:07:24 GMT

GET
H2 200 DMSans-Bold.d58362f669e7edb1830e89940d4c.9340013c7d177c83df1edab0cf96ac10.woff2
font-public.canva.com/YAD1aU3sLnI/0/ Frame DF73 30 KB
31 KB 84ms
83ms Font
application/octet-stream 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://font-public.canva.com/YAD1aU3sLnI/0/DMSans-Bold.d58362f669e7edb1830e89940d4c.9340013c7d177c83df1edab0cf96ac10.woff2

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23d7912e30cca1831cdf2e9270ba71f9a540e37f3dd989585df54e7906537e97

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_font-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_font-public
age: 181709
x-amz-request-id: 01D5YE0Y3DN8BEFZ
x-amz-server-side-encryption: AES256
x-amz-version-id: cR9PjYWTeCYiyHB65lZGH6XWhqpUZxtF
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 30896
x-amz-id-2: gWu+C9l5bbYG7Qmo0CFmGgUbBj+PpMOs07M/UiRgqO4O8w8qnQMKRfWC/b+1TS2oqlJdvSZpl8Q=
last-modified: Tue, 22 Dec 2020 02:13:31 GMT
server: cloudflare
etag: "27449286fd05812a3f253c751e54d3bd"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jW%2FCcZvu6gVojSu0zOkQROLcBdzjMkhKdhFCjHEIre4H5VwlqEDmycGi6JHAe218mVU87TSSWyV9pjZUx9d%2Bcx%2F685Vo%2B1sRR1mklEerqCfIncyCwp8pbC8JIbPxhXP37T6O0h5S9WAWrfUs2nyUoz8VJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 823388305ac892c9-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 05:07:24 GMT

GET
H2 200 s2.jpg
media-private.canva.com/zau5g/MAEJCVzau5g/1/ Frame DF73 317 KB
318 KB 365ms
345ms Image
image/jpeg 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-private.canva.com/zau5g/MAEJCVzau5g/1/s2.jpg?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJWF6QO3UH4PAAJ6Q%2F20231108%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20231108T083156Z&X-Amz-Expires=89308&X-Amz-Signature=0d48b9268ee69356286ade0f684d127b8df1613cbecce4ffb3c4e979a2df98e6&X-Amz-SignedHeaders=host%3Bx-amz-expected-bucket-owner&response-expires=Thu%2C%2009%20Nov%202023%2009%3A20%3A24%20GMT

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c589010528d3d2d555925cf1998df6e14312d816bb5ff8d334601a1284bc009

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
x-amz-request-id: WWADWTC25E5CNM4C
x-amz-server-side-encryption: AES256
x-amz-version-id: EnadzWjFadM7IOFFxzpVEGHweo02Y8X7
x-amz-storage-class: GLACIER_IR
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 324207
x-amz-id-2: UxGSXc+UlOfZFg9f45oe01F55z4oTKxl9K09RWJVIcQH04VnjtIsS5h6+886MavI35Nj4GpG5jc=
last-modified: Mon, 28 Sep 2020 01:59:39 GMT
server: cloudflare
etag: "76721f12fdf7003ebbd3882b77696058"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=770IeloYYQC6vfP4ZeNfef0d71Lmjm18h%2F6QJp7o9nerK0i6AB2zslO0dgYVU8xILVteymMCXy9jCtnXOQ3UGFPe9L8Xu1SmMtP1ifctoqkuVXUVaw1Tu4yCO82X8YS%2FW7Vm9f0%2FFLtpXgxx9n9Z9Ym9b8bW"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 82338830db5092c9-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:11 GMT

GET
H2 200 t.jpg
media-public.canva.com/zau5g/MAEJCVzau5g/1/ Frame DF73 5 KB
7 KB 113ms
94ms Image
image/webp 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-public.canva.com/zau5g/MAEJCVzau5g/1/t.jpg

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c999544c8c5395a726c3d7d26bb347751e8be468b8942d47af9bb764ded839f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
x-amz-request-id: 0R1G5FHN6JRWD3VE
cf-polished: qual=85, origFmt=jpeg, origSize=20489
x-amz-server-side-encryption: AES256
x-amz-version-id: 0VeUvA0524gYFYao1yFYCipwBUWZmvq4
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="t.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5616
x-amz-id-2: O2Z2VNNGax+ADWR+8ntbwTKNFRCom7z4hP9HhRIJQaq+rnt70VDq5CHRuWkIUgv41m704Nw4F8M=
last-modified: Mon, 28 Sep 2020 01:59:34 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "b3777b0c3dd4445fad91e3d2622fbc56"
access-control-max-age: 3000
vary: Accept, Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FY0PfFPsOuicp%2B4IIEn1GiKw%2Bj548InI7NCr%2Fy0QfZMrWtKddTdtdYzciwbirdp%2BXR5LOvu%2FW8BTaeGb1bIXQQpPVLfcMiG1f%2F8wxTPfPxxsPPKZisi88KOFrP%2B4c9Kpy%2Bw9sWN14fbWBDzj0YH3WKICfU%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 82338830db4b92c9-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:10 GMT

GET
H2 200 s.png
media-private.canva.com/4OeU8/MAEngo4OeU8/1/ Frame DF73 21 KB
22 KB 203ms
183ms Image
image/png 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-private.canva.com/4OeU8/MAEngo4OeU8/1/s.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJWF6QO3UH4PAAJ6Q%2F20231108%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20231108T181837Z&X-Amz-Expires=54070&X-Amz-Signature=81852c0c89128262d8785ef29a3c68b0732ef9468c816f189da13ad84385d90a&X-Amz-SignedHeaders=host%3Bx-amz-expected-bucket-owner&response-expires=Thu%2C%2009%20Nov%202023%2009%3A19%3A47%20GMT

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de51bb2b6f87b2f97cbaa33bb97801c2d0fc72a032f74fa0250e75b7c38d5464

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
x-amz-request-id: RCDBPP87VKKVTZZK
x-amz-server-side-encryption: AES256
x-amz-version-id: CE4eq0emIGYve2ONHzxq2tW12b5lUi1A
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 21692
x-amz-id-2: Xezv9BFJ5DLoNhg48dYHOTf8jVATZnPO0+SDIqyrkg+ydZ5lS4hrn05h0qEIBHx7WpogBQ8xFXk=
last-modified: Wed, 27 Oct 2021 16:51:41 GMT
server: cloudflare
etag: "38cc6a970d22c0d3b1317f02bfe79d70"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjF%2BAtZZjyk0l%2B5lWWRZ1iZqtEMGFjm34JYnWKnZULpSvZmmEz%2BmPTRKuttAJ3KD6nk528zneGgUbgL0Z2DwIP5c%2Ft4y66gkHMRF%2BduKE3Y7vIIF%2BXCWUiYwy%2BBb%2FdBuYkBQQaztKQ7kjHiozxykc%2FtqsJLE"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 82338830db4d92c9-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:11 GMT

GET
H2 200 czM6Ly9tZWRpYS1wcml2YXRlLmNhbnZhLmNvbS9QNUkxSS9NQUZ2aWtQNUkxSS8xL3AucG5n
media.canva.com/1/image-resize/1/200_68_100_PNG_F/ Frame DF73 26 KB
27 KB 255ms
236ms Image
image/png 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.canva.com/1/image-resize/1/200_68_100_PNG_F/czM6Ly9tZWRpYS1wcml2YXRlLmNhbnZhLmNvbS9QNUkxSS9NQUZ2aWtQNUkxSS8xL3AucG5n?osig=AAAAAAAAAAAAAAAAAAAAAL317lF01qjo2DQne3o2lQkWZIiYeGvkTaFnMm3_rkd6&exp=1699521264&x-canva-quality=thumbnail&csig=AAAAAAAAAAAAAAAAAAAAABMY5KDAJ23IKKYzTjD6P-hr81E2YYwvvyVz_UO0nltU

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b46763c688491c4ec977fef0c618e12d8e04291ab07457b1dd9c2a3603a10039

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media
alt-svc: h3=":443"; ma=86400
x-request-id: 82338830db5192c9
x-http2-stream-id: 649
last-modified: Thu, 9 Nov 2023 05:07:25 GMT
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0SJOz%2FDl9rWdkpdqvraPCI91uZ1E%2FeqA%2B13%2BVoqLtSvTEeh89izcpwC%2BoAueWvZbGii1LwEBGtyVW6GP%2FSlj0rZIF7jqCEspU49Ju9iU43mOgQMMYuGWV0Mx0J%2F2q7u1YI%2BdrCeclKMafHWUg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public,max-age=31556926
access-control-max-age: 3000
cf-ray: 82338830db5192c9-FRA
access-control-allow-headers: *

GET
H2 200 screen.png
media-private.canva.com/MADFHRfsLiA/1/ Frame DF73 416 KB
418 KB 334ms
316ms Image
image/png 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-private.canva.com/MADFHRfsLiA/1/screen.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJWF6QO3UH4PAAJ6Q%2F20231108%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20231108T080544Z&X-Amz-Expires=91581&X-Amz-Signature=60e97101a58b3150f09fcd9a98acea1cdbc755b3aa78adf68ce972b5c9a90a53&X-Amz-SignedHeaders=host%3Bx-amz-expected-bucket-owner&response-expires=Thu%2C%2009%20Nov%202023%2009%3A32%3A05%20GMT

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67f461d6f9c29b0c609ee479a08c50ec24390b654b507c933ec0910cffe88ee0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
x-amz-request-id: WWA9R4N0PFS2CQAP
x-amz-version-id: wrO7k9Jn7LPQ9VVwIcLlO0ilFqKROo24
x-amz-storage-class: GLACIER_IR
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 426000
x-amz-id-2: N8fg5y4AoSwzwpUntj1nM9YEanQyc3tEu+abe8UqOKlGnKcAMHJph3rMPDgyh11iKK6bWLV7wF8=
last-modified: Thu, 04 Oct 2018 13:16:41 GMT
server: cloudflare
etag: "dc35cc8f42cc0cb7f309d98fcac83c44"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTYoGFlSGEraZB74qpgMWjmpiKiDrNphb5NM1VQCFER3S8W75G3Feu9Oic0hQfxX6%2FzodPvIageW483f2JfS8DzklL9f2flDnRzVQNcWAHrrSg3HlfjjP1ZZLKjaYYdHjfkghI88giSoBXJQxac6YFpYgd4O"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 82338830db4e92c9-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:11 GMT

GET
H2 200 thumbnail.png
media-public.canva.com/MADFHRfsLiA/1/ Frame DF73 13 KB
14 KB 104ms
85ms Image
image/webp 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-public.canva.com/MADFHRfsLiA/1/thumbnail.png

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3011f19b99f0f0d784da7c9d84d801726fe27d87f8ed8008b0b871ddaf2072a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
x-amz-request-id: FXBMF5HB550EJW8H
cf-polished: origFmt=png, origSize=14205
x-amz-server-side-encryption: AES256
x-amz-version-id: cIoiSRNlKhU3xd_KUIInY_6WqPZpUU.g
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="thumbnail.webp"
alt-svc: h3=":443"; ma=86400
content-length: 13194
x-amz-id-2: Hx2L41eaARH1B8siWCP9LBdfW80yMsRqtH/iWfI19rISiA5rcgom48YR0GY2wOgFmOsZKH373dk=
last-modified: Mon, 01 Nov 2021 14:35:24 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "1214d9690436b3fce1d653bd5fe741be"
access-control-max-age: 3000
vary: Accept, Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jK6b7AH9c%2BryUX0aJ0x78qXU%2BnAnCAsqUBrr1W61LQx0mpQ6TKBT%2FWlbI3Ta4YnXNxVAGye5rnmyVQKPFQ2wAnqPtU%2BE%2FlIxSJJuMspe%2BcBSXttC5ve%2B24jCh54TBF5CLZyNR%2BrEA9qGMV1wCdaas%2B4Q%2Bgk%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 82338830db4c92c9-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:10 GMT

GET
H2 200 czM6Ly9tZWRpYS1wcml2YXRlLmNhbnZhLmNvbS9QNUkxSS9NQUZ2aWtQNUkxSS8xL3AucG5n
media.canva.com/1/image-resize/1/294_100_100_PNG_F/ Frame DF73 30 KB
31 KB 291ms
273ms Image
image/png 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.canva.com/1/image-resize/1/294_100_100_PNG_F/czM6Ly9tZWRpYS1wcml2YXRlLmNhbnZhLmNvbS9QNUkxSS9NQUZ2aWtQNUkxSS8xL3AucG5n?osig=AAAAAAAAAAAAAAAAAAAAAPhQ14BYYbG0crGRCz6oqLrKgTK1JvcsLwo6hsCpXXBP&exp=1699521264&x-canva-quality=screen&csig=AAAAAAAAAAAAAAAAAAAAAISU0ZBNc2MbENnqSBVE1RbEvDg3gabaY0zPP3Uok-eu

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5fbc53b30d14e6c6b97c498de6fe0ccf81a8356b5a83fb42207122b0ea625d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media
alt-svc: h3=":443"; ma=86400
x-request-id: 82338830db4f92c9
x-http2-stream-id: 6661
last-modified: Thu, 9 Nov 2023 05:07:25 GMT
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9l0SsT4E7%2Fh5DjGH2RnsSmLw5t3R%2FZQAmvz%2Fu%2FhH31TDUCMXgUEx6s80LIN2pFplSn6daRu2xQsEQuAl2ENbkLobnZ8XEVkwotlYnPuCDvoMSoYuLbLENa5sU6IuX9dEdqSa9d7YAOJZsXl%2Faw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public,max-age=31556926
access-control-max-age: 3000
cf-ray: 82338830db4f92c9-FRA
access-control-allow-headers: *

GET
H3 200 87e22a62965f141aa08e93699b0b3527.jpg
static.canva.com/web/images/ Frame DF73 14 KB
15 KB 85ms
85ms Image
image/jpeg 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.canva.com/web/images/87e22a62965f141aa08e93699b0b3527.jpg

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84879b89770c6de248c88819697c37aacd209a075f6932b339c63dfe5fd6ab6b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 181707
x-amz-request-id: 0BFDWGJDQTH9VTBK
cf-polished: degrade=85, origSize=21932, status=vary_header_present
x-amz-server-side-encryption: AES256
x-amz-version-id: 9mxB0PWO.leCcMJ8l1LPzHNEsKMinX_H
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 14135
x-amz-id-2: Wq/HimlDcLAE3Ve9eE/ahFiH8iSsrmpWVSZDCZgqLkGT+ZETIm+BYprfqYIiG1RkzPrqGd8iuLo=
x-amz-expiration: expiry-date="Thu, 07 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Tue, 07 Nov 2023 01:52:09 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "87e22a62965f141aa08e93699b0b3527"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbVYryMOoeoLn8DBR57IS0RYwFpTYVvKYP11JX9kTjIkr4YPaQZLcAvX%2BccriU8Odsg2EOFMtnkT0C80vzBTilkGFio4imi64dU%2FoVMq2lC%2FPjBJVFTUtlhPczcTDH353QrC2gInyulNsiJy6to%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 82338830b8051915-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:10 GMT

GET
H2 200 en-e751c4c0.chunk.js Show response
assets.calendly.com/assets/booking/js/locales/ Frame 7F71 29 KB
10 KB 197ms
196ms Script
application/javascript 2606:4700:4400::6812:29af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/booking/js/locales/en-e751c4c0.chunk.js

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-runtime-dde45a47.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bbcfef07b6bfc04a44cbbf21cf316564c103c35e6a29dcbc27246a492feb5ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 18:29:54 GMT
cf-bgj: minify
server: cloudflare
age: 124325
etag: W/"f1a17aff3ea71f94b5a9994c54d20d2f"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=31536000
cf-ray: 82338830bddc39ee-FRA
expires: Fri, 10 Nov 2023 05:07:25 GMT

GET
H2 200 config.json Show response
notifier-configs.airbrake.io/2020-06-18/config/90109/ Frame 7F71 220 B
490 B 117ms
117ms Fetch
application/json 54.208.186.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://notifier-configs.airbrake.io/2020-06-18/config/90109/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.8&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36&language=JavaScript
Requested by: Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-3d0b191b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.186.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-186-38.compute-1.amazonaws.com
Software: /
Resource Hash: b7684ef5ef7ee0d536403226f29a0d97d394ea2bec8877983a3f2da6d4665432

Request headers

Accept: application/json
Cache-Control: no-cache,no-store
Referer: https://calendly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 05:07:25 GMT
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 220
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=UTF-8

OPTIONS
H2 204 config.json
notifier-configs.airbrake.io/2020-06-18/config/90109/ Frame 0
0 406ms
118ms Preflight 54.208.186.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://notifier-configs.airbrake.io/2020-06-18/config/90109/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.8&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36&language=JavaScript
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.186.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-186-38.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control
Access-Control-Request-Method: GET
Origin: https://calendly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
allow: OPTIONS, GET
date: Thu, 09 Nov 2023 05:07:25 GMT

GET
H3 200 DMSans-Regular.f8f3e3f30371f4c7c1589b491.8f7934b3d45567e9cf1f541e008969a9.woff2
font-public.canva.com/YAD1aU3sLnI/0/ Frame DF73 30 KB
32 KB 73ms
73ms Font
application/octet-stream 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://font-public.canva.com/YAD1aU3sLnI/0/DMSans-Regular.f8f3e3f30371f4c7c1589b491.8f7934b3d45567e9cf1f541e008969a9.woff2

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bda2b2d1219e31125f948d0e43e3d45980db9184b1224e08c9ac0fcc871dfbc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_font-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_font-public
age: 181423
x-amz-request-id: 01DC8HZX2NJ9VAJD
x-amz-server-side-encryption: AES256
x-amz-version-id: 5EVbT.aWeZp78OZcpbJA9kAD1S6FqQSW
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 31076
x-amz-id-2: 0PLTZSrAgZ7irfhBAVLHV04rP4jRWqZ+2Nhyhh8/N3qVOafIci8AGtLHb1qe1i9wSTYl10qtZ6Q=
last-modified: Tue, 22 Dec 2020 02:13:29 GMT
server: cloudflare
etag: "3807552d3159af9d0cced5dbfd5dfa15"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lCOMgBLg%2F21l3hzacRUNABIJ8QWBdRQQRo7lLaiLjQJ1YL%2BL5vwdr3NqnjdL9TJaILubFDZeQU%2FKcrWgNdELLv4ErXGt%2FjTEJ842Ik3%2FhsqWjwqUj%2BD0jEDJNnGU0CdhDbPMO8EmldEW%2Bwu5CTVLcHY9g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 82338831088a1915-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 05:07:24 GMT

GET
H3 200 ae Show response
www.canva.com/_ajax/csrf3/ Frame DF73 137 B
1 KB 168ms
167ms XHR
text/javascript 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canva.com/_ajax/csrf3/ae

Requested by

Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/7.16.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd913baa0c2ed74ff85d5708f13fb56fc213e897766915e0ff8842c685cdbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-Canva-Brand: BAAAAAAAAAA
X-Canva-App: embed
X-Canva-Build-Sha: 0cf31a7
X-Canva-User: UAAAAAAAAAA
accept-language: de-DE,de;q=0.9
X-Canva-Analytics: AAMABUVNQkVEAA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
X-Canva-Request: recordanalyticsevent
Referer: https://www.canva.com/design/DAFvptxe_Wo/view?embed
X-Canva-Locale: de-DE
X-Canva-Build-Name: 20231107-21

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
p3p: CP=Canva does not have a P3P Policy.
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 823388312bde5d8c
pragma: No-cache
referrer-policy: strict-origin-when-cross-origin
accept-ch: Sec-CH-UA-Platform-Version
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rY7WWWwGaTXmn7BK2QOxFkuuzJmb%2FhFm2SdXgexrrc8Bhz6sMXsDWaHuMjZ6e1M1C%2BlVTzxI7Yi8Mt2JYkf4llUSqqLZrQTMMEqSdS74T3rZ8OZ%2BiWQVHeFcefV3vK32zpK91I7HqlbzRE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store
cf-ray: 823388312bde5d8c-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 c9bf091720f7f1c3.ltr.css
static.canva.com/web/ Frame DF73 105 B
1 KB 65ms
64ms Stylesheet
text/css 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/c9bf091720f7f1c3.ltr.css

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/82db7c6fc7b35f8b.runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af138df3180534e4dd15035bc9694f5c972796da41c5508be0b89d8609764c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 181716
x-amz-request-id: 0BF8TXWEQ5Z5R9VW
x-amz-server-side-encryption: AES256
x-amz-version-id: XLBgn9KaPVyU5ofaLPTMhBSNKV4TyHB1
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2yd3zf3OurL6Vf4yTutjFF5XtBz3Nohh1m87fpv+/PKwJELtYQ2eT/bvm7fR5MejJSlK7vopu8Y=
x-amz-expiration: expiry-date="Thu, 07 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Tue, 07 Nov 2023 01:51:25 GMT
server: cloudflare
etag: W/"afe4dd14d2e8a97b57a573e312d51629"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqCdybvcbcv7lgLcV2nW1jJIWTMojQO7eOM1Y61PTxdoDp1pQdJVpUWZGEdhqn16JUHl%2FTW047AMkYA%2B%2FQuDMHjnW8KI7z4w9jlhk8X0VjSdQqhs2y1RWeI%2FoqDOy9oypbG27JGwX1B5yLgyZKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31556926
cf-ray: 823388312be05d8c-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:11 GMT

GET
H3 200 b23c0bd70486bfd7.js Show response
static.canva.com/web/ Frame DF73 4 KB
3 KB 103ms
102ms Script
text/javascript 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/b23c0bd70486bfd7.js

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/82db7c6fc7b35f8b.runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a95da48ca852d73a01247d0b6d7316bedec284c13a804d74549949ff4113076

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 12944
x-amz-request-id: 24V2TMZJT4FVJ5Q0
x-amz-server-side-encryption: AES256
x-amz-version-id: ATQgThvWXiDMq58gck0XTkqHS1o5g0zr
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: yb+/qNtpmBKYjBP7ziTDyGtebrHOFMdU2kBhvZJDmtMG5QcxT0STvSW45vmXUvItX+Exka29FEY=
x-amz-expiration: expiry-date="Sat, 09 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Thu, 09 Nov 2023 01:25:46 GMT
server: cloudflare
etag: W/"a46317daa756486044e8707f56867b39"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ln9tSlPm7ih95b%2Fw%2BnGeCLABxze1WScN2uyvOQ5CldKxNWstd3KsDs3h6Z5X0%2BOA93xRAfu%2FCN0ru7LqydOoVYvPEw4Ei5aq14YH9jo3ADd6P2ewPHSlggLqmN1LxwA5lklJHlbo17sIhmz9yXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31556926
cf-ray: 823388312be15d8c-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:11 GMT

GET
H3 200 f7ce45f6c30e7739.ltr.css
static.canva.com/web/ Frame DF73 789 B
1 KB 74ms
73ms Stylesheet
text/css 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/f7ce45f6c30e7739.ltr.css

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/82db7c6fc7b35f8b.runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44b5a04a72cd6f0008ec1b88de1c301b433c18bde9547f198aba6863452cbe4f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 181702
x-amz-request-id: HPAHZZR6FHR5KF6N
x-amz-server-side-encryption: AES256
x-amz-version-id: ZhqEL8Rx_CsqRP7VYidyxX35gz68CsUo
content-encoding: br
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vHR83YPrX2dZ3PizTV1RMC7ORT75iuGGz3GoXlSIOvRn/s1kDZgkSHc7KlTIWVyfPIjf4HxhwWE=
x-amz-expiration: expiry-date="Sat, 02 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Thu, 02 Nov 2023 01:39:47 GMT
server: cloudflare
etag: W/"f05ece1c7f33993489e9cbc1810871cf"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlr2LiVMpQ5Z51LHwOHP%2BFMscYJYe2%2FrifurE0vBJQjl9Rm%2BSth1QX9jxj2SsxuHO9wNCMFrTxuvxlPXjKqaGp1zO1L2I9Uv9cn0gZJlkDIV2hJtglpFezuqJkp3DDyOcUQFm1eO9TgqjNSvvuw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31556926
cf-ray: 823388312be35d8c-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:11 GMT

GET
H3 200 2f3862b2f09ce2ca.js Show response
static.canva.com/web/ Frame DF73 48 KB
20 KB 75ms
74ms Script
text/javascript 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/2f3862b2f09ce2ca.js

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/82db7c6fc7b35f8b.runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dfe7cd15b02b5fb212718b805ff2b6a01a6141ca538615fd7325ba6191933f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 12944
x-amz-request-id: 7BE8TTRKPVPQV5AX
x-amz-server-side-encryption: AES256
x-amz-version-id: MpQCIOPUP7sjf2mP342.qsylCe0.5otm
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: HM4GZuo7GaLX5EidgyYIkhGNLJXgY99R2mLZ061z/+PtdqHxJs7fWZlsfxZixudfV71l0lbLvBM=
x-amz-expiration: expiry-date="Sat, 09 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Thu, 09 Nov 2023 01:25:45 GMT
server: cloudflare
etag: W/"778d6b143be8710643e2762f0658d7f3"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GG8Nj4I7RS2vUzdSfk80ZOJa8uzbNIgrEWtXqDLfUa6CKFwJfaFnxFl2qmzdOdrvddYWghZ7OMuPTwxBFPtSGGOlG6%2F829HTajeHV9BtdP4kdURgVmR5Qp3JnAaheqsNShvuEuJ1gSEAoX2Mcic%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31556926
cf-ray: 823388312be45d8c-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 08 Nov 2024 10:56:11 GMT

POST
H3 200 823388282cc6368c Show response
www.canva.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 18E0 0
589 B 77ms
76ms XHR
text/plain 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canva.com/cdn-cgi/challenge-platform/h/g/jsd/r/823388282cc6368c

Requested by

Host: www.canva.com
URL: https://www.canva.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qwill%2F4Ga9jg7RYjfVPxLAsczRWZ0jFi8odYbYsxSjczXPWrfQgNvyeOU2aW%2FiuRid%2FNmJTiXIx7yIIQzfiro19Gd05ioMU0eTLSwO1L02hLhD%2FDE59uR0b2UaLs98xkfHLEJ23ZrL4WSUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 82338831fc5d5d8c-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 create Show response
www.canva.com/_ajax/ae/ Frame DF73 22 B
669 B 166ms
165ms XHR
text/javascript 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canva.com/_ajax/ae/create

Requested by

Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/7.16.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

badbc73aa47546ff0fc36e1443c8b120a75140bd9deba3f4dab88b7d2cc535bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-Canva-Brand: BAAAAAAAAAA
X-Canva-App: embed
X-Canva-Build-Sha: 0cf31a7
X-Csrf-Token: HvWtC3fwtQatogWHSqdGkVwD3CXK5tnrSweuYm9ZVt8rj8OymsMMCFDBJC7Ak614x870_VBtgu_AVEGzQwyvqvogdpg
X-Canva-User: UAAAAAAAAAA
accept-language: de-DE,de;q=0.9
X-Canva-Analytics: AAMABUVNQkVEAA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json;charset=UTF-8
X-Canva-Request: recordanalyticsevent
Referer: https://www.canva.com/design/DAFvptxe_Wo/view?embed
X-Canva-Locale: de-DE
X-Canva-Build-Name: 20231107-21

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: CP=Canva does not have a P3P Policy.
alt-svc: h3=":443"; ma=86400
content-length: 22
x-xss-protection: 1; mode=block
x-request-id: 823388324c855d8c
pragma: No-cache
referrer-policy: strict-origin-when-cross-origin
accept-ch: Sec-CH-UA-Platform-Version
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HiKyXmxN%2FG6Rsr8Gqi%2F3jlx2H9d10RacN8K9m9KmLlJl%2Bs5qgcN0M3WaJLNy0W3AWWO4pw1NKTnazPHTGsw90rbQ3%2FyAjVdHnYM8g7K7ANeWx4ab4RA2SIGOXHvMqa%2FFwta9Z0HeZdd0Lfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store
cf-ray: 823388324c855d8c-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 enterprise.js Show response
www.recaptcha.net/recaptcha/ Frame 7F71 1 KB
1 KB 137ms
49ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-3d0b191b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

722ebb4a0bfbbfca20e8384ec8a72f290c57806a8d1cad0dd8bba4306fdeba80

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 09 Nov 2023 05:07:25 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ Frame 7F71 21 KB
7 KB 134ms
50ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-3d0b191b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 09 Nov 2023 05:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: R1P6TtSHAQZyvOSI/KawHw==
age: 3625
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6821
x-ms-lease-status: unlocked
last-modified: Wed, 08 Nov 2023 23:34:27 GMT
server: cloudflare
etag: 0x8DBE0B33F93BF15
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 51b09c76-b01e-0077-20b1-12ec17000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82338832eb2d1d8c-FRA

GET
H2 200 experiments Show response
calendly.com/api/booking/ Frame 7F71 347 KB
33 KB 421ms
420ms Fetch
application/json 2606:4700:4400::6812:29af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calendly.com/api/booking/experiments?

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-3d0b191b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3572ca1a687a69171fbfc314a2d8c567a18885621c3f43cb63e287659ae35265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-runtime: 0.119230
date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
etag: W/"3572ca1a687a69171fbfc314a2d8c567"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 823388327f8d39ee-FRA
x-request-id: 3e7d5ed7e8938d1433e3adb08bb75fad

GET
BLOB 200
OK bd7b32d1-147a-4879-a0d0-279a0a2526e0
https://www.canva.com/ Frame DF73 55 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.canva.com/bd7b32d1-147a-4879-a0d0-279a0a2526e0
Requested by: Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69e6e967749f078a4c36f5fc2e563f45f01178ca5d561af3df9df6963453678b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 56757
Content-Type: image/png

GET
BLOB 200
OK 08444426-79ce-4131-8fae-5d16386e4c7a
https://www.canva.com/ Frame DF73 48 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.canva.com/08444426-79ce-4131-8fae-5d16386e4c7a
Requested by: Host: www.canva.com
URL: https://www.canva.com/design/DAFvptxe_Wo/view?embed
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b08d6a536daed8d1852521013cb0281e89108bbd500dc7813faf421ab50293d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 49636
Content-Type: image/png

GET
H2 200 a838c8e4-e3ce-442e-8f96-c88d0af98990.json Show response
cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/ Frame 7F71 5 KB
2 KB 145ms
65ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/a838c8e4-e3ce-442e-8f96-c88d0af98990.json

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-3d0b191b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bd68c785340bcc6327fcba943670d7e70022a25aef46af666d5d945ca365a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 09 Nov 2023 05:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 22944
content-md5: KKjjHTE5l4Mu7IIj7UcqPg==
content-length: 1793
x-ms-lease-status: unlocked
last-modified: Tue, 31 Oct 2023 22:44:02 GMT
server: cloudflare
etag: 0x8DBDA62E10E6583
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 563d7618-501e-0040-7d4b-0c3ebb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82338833bc9c5d9d-FRA
expires: Fri, 10 Nov 2023 05:07:25 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 7F71 470 KB
189 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://calendly.com/
Origin: https://calendly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 22:14:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192495
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 22:14:41 GMT

POST
H3 204 rum Show response
www.canva.com/cdn-cgi/ Frame DF73 0
140 B 43ms
43ms XHR
text/plain 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canva.com/cdn-cgi/rum?

Requested by

Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/7.16.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.canva.com/design/DAFvptxe_Wo/view?embed
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: application/json

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.canva.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 823388335d4c5d8c-FRA

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame 7F71 59 B
304 B 194ms
53ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-3d0b191b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://calendly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 823388350b6b905e-FRA
access-control-allow-headers: Content-Type

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/enterprise/ Frame D963 58 KB
33 KB 61ms
61ms Document
text/html 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=xkj36aavpfts

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a5bd0d5533bb8466b3057f3b8f8cc2bc7159690e5b2baba5a869f15019e9864c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dJ7oYcEwdAO8mu_jbyMorw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://calendly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dJ7oYcEwdAO8mu_jbyMorw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 05:07:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/ Frame 7F71 426 KB
103 KB 63ms
63ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feeb83e3a11fb74465e062a5081f1f6f573ef66197f218a3a86447fefe3166f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 09 Nov 2023 05:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 1/fYiRcAkidM+2Rc1fEXtg==
age: 7729
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 104832
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:14 GMT
server: cloudflare
etag: 0x8DBD5D490C850BD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e7356784-101e-0051-37a0-0ba40f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 823388356d811d8c-FRA

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame D963 55 KB
24 KB 122ms
41ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=xkj36aavpfts

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 14:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 14:16:56 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame D963 470 KB
188 KB 121ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 22:14:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192495
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 22:14:41 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/09d90f69-3cca-463b-a696-a372304e4e94/ Frame 7F71 118 KB
24 KB 62ms
62ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/09d90f69-3cca-463b-a696-a372304e4e94/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d84bca3e5fd4f5cdc0d0d889e33b3feb68e9055797353af5061609a95b2ef30a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 09 Nov 2023 05:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3966
content-md5: szu3C7JrmSswNvgTOLAEYg==
content-length: 24698
x-ms-lease-status: unlocked
last-modified: Tue, 31 Oct 2023 22:44:12 GMT
server: cloudflare
etag: 0x8DBDA62E770BE59
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 370d7ac5-d01e-0085-384b-0c145e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 823388361f185d9d-FRA
expires: Fri, 10 Nov 2023 05:07:25 GMT

GET
H2 200 otFloatingRounded.json Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/ Frame 7F71 10 KB
3 KB 57ms
56ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/otFloatingRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef072b9ae1b3c29f94781c86bcdfdb71c1e06bbc7a2f05bc65dcfa2eefdde02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 09 Nov 2023 05:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: M1yL2FbLdou5AwmgPAi4Jg==
age: 3966
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2644
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:07 GMT
server: cloudflare
etag: 0x8DBD5D48CF100D5
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 925cbef0-801e-0031-1738-0cd890000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82338836af8f5d9d-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/v2/ Frame 7F71 64 KB
13 KB 49ms
49ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a14854a5e198f939ca07cf5fea4418466f196a1dfa72e829dfe0157850d39392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 09 Nov 2023 05:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: HkSm8jQRWxYUOXcw9B+VNA==
age: 3970
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12874
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:10 GMT
server: cloudflare
etag: 0x8DBD5D48E6E1909
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f5e88e52-f01e-0092-10f5-11bd55000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82338836af915d9d-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/ Frame 7F71 21 KB
4 KB 57ms
57ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 76722
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6a1196c5-301e-0069-5838-0c00cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 82338836af935d9d-FRA

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ Frame 7F71 651 B
601 B 49ms
48ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: calendly.com
URL: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 84308
x-ms-lease-status: unlocked
last-modified: Tue, 07 Nov 2023 06:33:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 1f124d30-801e-0043-4552-11dfdf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 823388371ee41d8c-FRA

GET
DATA 200
OK truncated
/ Frame 7F71 37 KB
37 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d41624e9721619a0dbe00d0fd9c0175a8f97c484aab61117db7246f69b7de9ba

Request headers

Referer
Origin: https://calendly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame 7F71 45 KB
45 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ea98b82eb62795846fed9452c40531d668dd519e29633c196905d6f5af8d846

Request headers

Referer
Origin: https://calendly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: font/woff

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ Frame 7F71 497 B
494 B 53ms
53ms Fetch
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 11139
x-ms-lease-status: unlocked
last-modified: Wed, 08 Nov 2023 18:02:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ca986a46-501e-0032-3f76-1239f4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 82338837182f5d9d-FRA

GET
H2 200 logo.png
cdn.cookielaw.org/logos/122ecfc3-4694-42f1-863f-2db42d1b1e68/0e69414e-286b-4e49-b24b-84b4ed6d6ec9/c05bbdff-e7a2-4d14-a37f-28e2f63112d5/ Frame 7F71 9 KB
9 KB 50ms
49ms Image
image/png 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/122ecfc3-4694-42f1-863f-2db42d1b1e68/0e69414e-286b-4e49-b24b-84b4ed6d6ec9/c05bbdff-e7a2-4d14-a37f-28e2f63112d5/logo.png

Requested by

Host: calendly.com
URL: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4587c9ec2c976da6c06f6862ebe5695ce3aed04bb0bf51ba84d0dcbcee2b66ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: UvfJ5TQq0vkufjKYiCMMKQ==
age: 3318
content-length: 9498
x-ms-lease-status: unlocked
last-modified: Mon, 30 Jan 2023 14:48:40 GMT
server: cloudflare
etag: 0x8DB02D113EE0475
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 95a72937-201e-0091-228d-0c5c31000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 823388372efe1d8c-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ Frame 7F71 5 KB
2 KB 50ms
50ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: calendly.com
URL: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 09 Nov 2023 05:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 41316
x-ms-lease-status: unlocked
last-modified: Wed, 08 Nov 2023 03:29:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a85570fb-a01e-0044-2ef7-11b3bc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 823388372eff1d8c-FRA

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame D963 102 B
135 B 48ms
48ms Other
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3772767ff67487697ff10935d55de63df2c7ee53435326b45577f86819e84c71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=xkj36aavpfts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 09 Nov 2023 05:07:25 GMT

GET
H/1.1 200
OK 104c67c7.png
d3v0px0pttie1i.cloudfront.net/uploads/user/avatar/5817234/ Frame 7F71 9 KB
9 KB 137ms
41ms Image
image/png 108.138.24.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v0px0pttie1i.cloudfront.net/uploads/user/avatar/5817234/104c67c7.png
Requested by: Host: calendly.com
URL: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-174.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 47ed7727f89b6ab6ceacd105e768619250af87b2242ab048a18dc2db26e80421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 16:17:42 GMT
x-amz-version-id: poeBYvCPZHhOEm_KtmMVlHAZvxw5zG7E
Via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
Last-Modified: Tue, 19 Apr 2022 12:43:47 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 218985
ETag: "3eed38c5c97708a841ed9deb998b5fae"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=315576000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8735
X-Amz-Cf-Id: nK2AO56EGkgGt9IVKNYRGyMxaidi7uCPlc9-kTl8Irn8OxZHD9BOVQ==

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 163B 200 B
1 KB 42ms
42ms Document
text/html 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://calendly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 851
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 09 Nov 2023 04:53:17 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 03 Nov 2023 20:07:03 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-id: XrCPX0q4sWPio3bhq01gFgAl_mbyNazx2K8zglDrE6hF2FpJ0l5cbg==
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 163B 631 B
1 KB 42ms
42ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 04:31:33 GMT
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 2154
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 03 Nov 2023 20:07:01 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: -XSwkkh_p5ZnwmGhEg1Tk2fEmmcZEf1TPprkfcXmKHpbiYcVtobexQ==

POST
H2 200 csp-report
q.stripe.com/ Frame 163B 0
718 B 644ms
204ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 09 Nov 2023 05:07:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699506446788501
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699506446788078
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 163B 0
717 B 649ms
208ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 09 Nov 2023 05:07:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699506446788627
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699506446788168
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 6B65 930 B
1 KB 139ms
39ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 260
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 09 Nov 2023 05:07:26 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 88
x-content-type-options: nosniff
x-request-id: 473af31e-6a99-4616-ae31-b4eabb13189d
x-served-by: cache-fra-eddf8230068-FRA
x-timer: S1699506446.404365,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame 6B65 0
491 B 457ms
205ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 09 Nov 2023 05:07:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699506446788644
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1699506446788177
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 6B65 87 KB
15 KB 39ms
39ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 09 Nov 2023 05:07:26 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 205
x-cache: HIT
content-length: 15509
x-request-id: 6e0814f5-f3f4-4eaf-8b7f-ce170c336dd0
x-served-by: cache-fra-eddf8230068-FRA
server: Fastly
x-timer: S1699506446.449971,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 67

GET
H2 200 aem.js Show response
wsmcdn.audioeye.com/ 1 KB
696 B 154ms
47ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsmcdn.audioeye.com/aem.js
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca7cab99125c7ccd3409b1fe3cf5228e85ef7df86198c0460be1c98a8e9de95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:26 GMT
content-encoding: br
surrogate-keys
cf-cache-status: HIT
server: cloudflare
age: 43
etag: W/"5a107848e714cc60d2a061853cf186c2"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=120
cf-ray: 8233883b7b0535eb-FRA

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 121 B
188 B 168ms
166ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62ceb9207b967b11799955fa/1g7ro6acc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
content-encoding: br
etag: W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8233883acfea4da6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 81 KB
29 KB 59ms
57ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62ceb9207b967b11799955fa/1g7ro6acc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 610355
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"ce3014b09c6dfbd6f92bc585fd840580"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8233883adfec4da6-FRA

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 212 KB
62 KB 395ms
394ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62ceb9207b967b11799955fa/1g7ro6acc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c402dac34a2ddb65a30763afd1e50c65ccd82117b61a773f2512bc6e2dace631

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
content-encoding: br
etag: W/"357952f03822ff20c10ab27cc597e161"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8233883adfee4da6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 215 KB
42 KB 433ms
432ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62ceb9207b967b11799955fa/1g7ro6acc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78278b5c1f2b851af38fe569a9544e265d53a0c0b6f592bb5117f9b2f40c556b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
content-encoding: br
etag: W/"3559a48cee058d0fa362d062d48d297d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8233883adfef4da6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 2 KB
1 KB 169ms
169ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62ceb9207b967b11799955fa/1g7ro6acc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

988a40deb30ca96a0db8ae7beaaa1bd27e94b484f10bf811384fc4b89dabf066

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
content-encoding: br
etag: W/"ab2e7e6976ebf42505e0f529919444b5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8233883adff04da6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 151 B
206 B 168ms
168ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62ceb9207b967b11799955fa/1g7ro6acc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
content-encoding: br
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8233883adff14da6-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 metrics
rtc.multiscreensite.com/performance/ 0
0 117ms
117ms Fetch 44.193.110.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/performance/metrics
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/16.571e75ee8ee8f57b8aa1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.110.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-110-116.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 05:07:26 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 metrics
rtc.multiscreensite.com/performance/ Frame 0
0 379ms
118ms Preflight 44.193.110.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/performance/metrics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.110.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-110-116.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cgmoneta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Thu, 09 Nov 2023 05:07:26 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 204 metrics
rtc.multiscreensite.com/performance/ 0
0 118ms
117ms Fetch 44.193.110.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/performance/metrics
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/16.571e75ee8ee8f57b8aa1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.110.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-110-116.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 05:07:26 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 metrics
rtc.multiscreensite.com/performance/ Frame 0
0 378ms
117ms Preflight 44.193.110.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/performance/metrics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.110.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-110-116.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cgmoneta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Thu, 09 Nov 2023 05:07:26 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 6 Show response
m.stripe.com/ Frame 6B65 156 B
669 B 636ms
205ms XHR
application/json 54.214.153.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.214.153.110 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-214-153-110.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5efd2d7edc17577b83c66728fb2a2b952f389d0825ac49d2a73dafe0f9070d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 09 Nov 2023 05:07:27 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699506447053972
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699506447053779
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 bootstrap.js Show response
wsv3cdn.audioeye.com/ 56 KB
20 KB 846ms
728ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=663d900ab64794226f3dc8ebc5058820&cb=2039178
Requested by: Host: wsmcdn.audioeye.com
URL: https://wsmcdn.audioeye.com/aem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 075cdc38fbeb3f84837f159e35ddf081a5e25f60fd1dd6dfaf37c3a67b587494

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:27 GMT
content-encoding: br
surrogate-keys: 663d900ab64794226f3dc8ebc5058820
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"d203896eabb58ae33eaa952689969b03"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600, s-maxage=21600
cf-ray: 8233883c8ea73649-FRA

POST
H3 200 traces
telemetry.canva.com/v1/ Frame DF73 21 B
493 B 148ms
148ms Ping
application/json 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telemetry.canva.com/v1/traces

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/d465ae4f6bd7699d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f56b35823a693646bf987ca07c9cbc4ff72a83b79b34595b20546b539795fdf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Nov 2023 05:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QWQxTLRKRDWsyfLZDD3JBFrgzjLfRhNS1mya3j0Fudbd3lFFhyBBU%2Fr0IUoyWMQJrF7HV%2F5zPEkFFIC9XyROctu4kRjbCh%2Fz4dJING2XS5viDVMuyu3YeLa53%2FzWG3pwOPjyM6dcbCQ7CC31AssxuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.canva.com
access-control-allow-credentials: true
cf-ray: 8233883e3cbc5d8c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21

OPTIONS
H2 204 traces
telemetry.canva.com/v1/ Frame 0
0 152ms
137ms Preflight 2606:4700::6811:ef9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telemetry.canva.com/v1/traces

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ef9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.canva.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.canva.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8233883d5f9692c9-FRA
date: Thu, 09 Nov 2023 05:07:27 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FagdxSl14%2BkLewU23hwIJwQSquBLaTHSMa9kdYPSUJeFZseO51xe5SvMbLy7F8hkqYNBK1P5L4fQTspbnz27JRdZZrWqIIJ1DEmSw9AXBxuRObQ1Q%2Fr3OXA2OM6wo6EMo53ycPVnFS1%2BX2%2FM881AZI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 594ms
593ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=62ceb9207b967b11799955fa&widgetId=1g7ro6acc&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec6a3bc8c0aa64b20e093b968f3a4ea470b942e931f38cf5e1d41e1c2ecad87a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:27 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-g4vj
server: cloudflare
etag: W/"2-24-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 8233883dcae94da6-FRA
access-control-allow-headers: content-type,x-tawk-token

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 207ms
207ms Preflight 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cgmoneta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.cgmoneta.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8233883dcaed4da6-FRA
date: Thu, 09 Nov 2023 05:07:27 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-gm7g

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1019 B
1 KB 1451ms
1279ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daf180cf98df59c19d66d787ede2dda16382c5a0d8245517d3fd9b399d7d4022

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.cgmoneta.com
access-control-allow-credentials: true
cf-ray: 823388403be43a9e-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-24j9

GET
H2 200 loader.js Show response
wsv3cdn.audioeye.com/v2/scripts/ 33 KB
10 KB 349ms
266ms Script
text/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/scripts/loader.js?h=663d900ab64794226f3dc8ebc5058820&lang=en&cb=2039178
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=663d900ab64794226f3dc8ebc5058820&cb=2039178
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7aa0b03452db10607432837371a04c2f3a5e232921895ccf21c9b3abe02f9ad

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:27 GMT
content-encoding: br
surrogate-key: prod 663d900ab64794226f3dc8ebc5058820 2039178
last-modified: Wed, 08 Nov 2023 22:39:57 GMT
server: cloudflare
cf-cache-status: EXPIRED
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
cf-ray: 82338841ad862be6-FRA

GET
H2 200 jquery.bundle.2039178.js Show response
wsv3cdn.audioeye.com/v2/build/ 95 KB
34 KB 51ms
51ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/jquery.bundle.2039178.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=663d900ab64794226f3dc8ebc5058820&cb=2039178
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eb81bf6d8d3757bb7cd67f21e3c96454b01f1fd02d8fee78ce626e919b74c06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:10:28 GMT
server: cloudflare
age: 6845
etag: W/"654aa7c4-17d97"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 823388412a7f3649-FRA
expires: Fri, 08 Nov 2024 05:07:27 GMT

GET
H2 200 startup.bundle.2039178.js Show response
wsv3cdn.audioeye.com/v2/build/ 428 KB
115 KB 57ms
57ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2039178.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=663d900ab64794226f3dc8ebc5058820&cb=2039178
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e8a7308dce90cb35d61a54d9f4af314524103407bc4415490bfa3701a4ed8db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 14:21:23 GMT
server: cloudflare
age: 6679
etag: W/"654b9963-6b134"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 823388412a813649-FRA
expires: Fri, 08 Nov 2024 05:07:27 GMT

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/languages/ 17 KB
4 KB 56ms
55ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:27 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 617422
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:40 GMT
server: cloudflare
etag: W/"7f37a030886ec7fce1d065ec482789ee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 823388417d3a3a9e-FRA

GET
H2 200 smartrems.bundle.2039178.js Show response
wsv3cdn.audioeye.com/v2/build/ 135 KB
40 KB 51ms
50ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/smartrems.bundle.2039178.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2039178.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7a3e3bc4958ecbc5cad7122e62d2d9658197eb70331e8c512ed0b8e4a7b18b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 14:21:23 GMT
server: cloudflare
age: 6673
etag: W/"654b9963-21d4f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82338843fd273649-FRA
expires: Fri, 08 Nov 2024 05:07:28 GMT

GET
H2 200 tangoEngine.bundle.2039178.js Show response
wsv3cdn.audioeye.com/v2/build/ 108 KB
35 KB 53ms
53ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/tangoEngine.bundle.2039178.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2039178.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f488c8be2026e151d6289c5455a0ad982c59c5c12cdd736cd6d20002aa264cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:10:28 GMT
server: cloudflare
age: 408
etag: W/"654aa7c4-1b0ce"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82338843fd283649-FRA
expires: Fri, 08 Nov 2024 05:07:28 GMT

GET
H2 200 cookieStorage.html Show response
wsv3cdn.audioeye.com/v2/frame/ Frame A0A3 813 B
590 B 47ms
46ms Document
text/html 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=2039178
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2039178.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d79401585d50c8e625f6abd3c443cdd31f1ec73cc7f7f570d3330dc706f433f7

Request headers

Referer: https://www.cgmoneta.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 114790
cache-control: public, max-age=365000000, immutable
cf-cache-status: HIT
cf-ray: 82338844adaf3649-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Nov 2023 05:07:28 GMT
last-modified: Tue, 07 Nov 2023 21:11:04 GMT
server: cloudflare
vary: Accept-Encoding

POST
H2 200 send
analytics.audioeye.com/air/v0/ 0
61 B 652ms
207ms Ping
text/plain 34.223.174.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/air/v0/send
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2039178.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.223.174.208 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-174-208.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 05:07:28 GMT
content-length: 0

GET
H2 200 3772.bundle.2039178.js Show response
wsv3cdn.audioeye.com/v2/build/ 480 B
335 B 47ms
46ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/3772.bundle.2039178.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2039178.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 14:21:23 GMT
server: cloudflare
age: 6675
etag: W/"654b9963-1e0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82338844adb83649-FRA
expires: Fri, 08 Nov 2024 05:07:28 GMT

GET
H2 200 5121.bundle.2039178.js Show response
wsv3cdn.audioeye.com/v2/build/ 382 B
306 B 49ms
48ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/5121.bundle.2039178.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2039178.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 14:21:23 GMT
server: cloudflare
age: 6675
etag: W/"654b9963-17e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82338844adbc3649-FRA
expires: Fri, 08 Nov 2024 05:07:28 GMT

GET
H2 200 874.bundle.2039178.js Show response
wsv3cdn.audioeye.com/v2/build/ 193 B
221 B 47ms
47ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/874.bundle.2039178.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2039178.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 14:21:23 GMT
server: cloudflare
age: 6679
etag: W/"654b9963-c1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82338844adbd3649-FRA
expires: Fri, 08 Nov 2024 05:07:28 GMT

POST
H2 204 metrics
rtc.multiscreensite.com/feature/ 0
0 121ms
121ms Fetch 44.193.110.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/feature/metrics
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3905/editor/apps/modules/runtime/21.0bf6759b07aeff413864.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.110.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-110-116.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 05:07:28 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 metrics
rtc.multiscreensite.com/feature/ Frame 0
0 120ms
120ms Preflight 44.193.110.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/feature/metrics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.110.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-110-116.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cgmoneta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Thu, 09 Nov 2023 05:07:28 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 twk-chunk-2c776523.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 8 KB
3 KB 51ms
50ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2c776523.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b089f5f65d03da61b611f98336194eb97c019203a97c3899a0d26cd28079b65e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 597793
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"589bcaf3fa2f5394494ee99582c6bee6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 823388483ada3a9e-FRA

GET
H3 200 twk-chunk-9294da6c.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 18 KB
5 KB 49ms
49ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-9294da6c.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

358db197e46c18220231b57ba38c50d92cbe5ccc3f14da9e203b2f2aa3d3943e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 771385
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"d24778beeceabd92325994c6f7a2751e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 823388483add3a9e-FRA

GET
H3 200 twk-chunk-f1565420.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 11 KB
4 KB 50ms
50ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-f1565420.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60f494f6495bf2a685fbefd16b065d04ba3a8181bb36746343b5d8cfac820913

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 771385
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"4bc001b26b4e5564a602f6650d906258"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 823388483adf3a9e-FRA

GET
H3 200 twk-chunk-2d0b383d.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 699 B
679 B 88ms
87ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2d0b383d.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 771385
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"838903127a65ec440893b4945c40ca4a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 823388483ae33a9e-FRA

GET
H3 200 twk-chunk-48f3b594.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 18 KB
6 KB 88ms
87ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-48f3b594.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70c6f5113c1bbf4ab16c83c17bbb2f7a89c14289eccda26031f77c873a30c0ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 771385
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"3e2b01e1e5d09751c601a46ccf3d3cfa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 823388483ae43a9e-FRA

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 906 B
662 B 89ms
88ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 771385
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 823388483ae63a9e-FRA

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 535 B
573 B 89ms
89ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 86829
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"c506281367048d4a134c9affbc68c8c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 823388483ae73a9e-FRA

GET
H3 200 twk-chunk-24d8db78.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 107 KB
24 KB 89ms
89ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-24d8db78.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a34981cda55b2bae3762c709553b06e72e7a9b8de79012c610547f84a34833e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 771385
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"b3a46b8e741c104da6508d52406c9c32"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 823388483ae83a9e-FRA

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/653fa0ef1ea/css/ Frame 7545 24 KB
5 KB 65ms
65ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 771384
cf-polished: origSize=24831
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 823388489b303a9e-FRA

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/653fa0ef1ea/css/ Frame BB20 13 KB
3 KB 59ms
59ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 771384
cf-polished: origSize=13594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 82338848ab393a9e-FRA

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/653fa0ef1ea/css/ Frame 7482 40 KB
8 KB 50ms
49ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 771384
cf-polished: origSize=40832
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"cf4a08d496f49489af30571e3cbb48f3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 82338848db603a9e-FRA

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/653fa0ef1ea/css/ Frame 90B7 76 KB
14 KB 50ms
50ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65903b8703d79850e660a2b415ae10306b3ee3015a436327de3f86433d5d774e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 595739
cf-polished: origSize=78142
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"7c8b6e697bd499db08971189a4be9b7c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 823388491ba33a9e-FRA

GET
H3 200 7-r-bl.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame BB20 15 KB
4 KB 534ms
533ms Image
image/svg+xml 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/7-r-bl.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

829c3296dcfd3fc1ab982e767f4f881db253f0beff4ff1e21f2c743d30cb2e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:29 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 22 May 2021 07:25:17 GMT
server: cloudflare
content-encoding: br
etag: W/"e41a841c822541a77665bff4acff1052"
x-cache-status: MISS
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 823388492bb03a9e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
39 KB 139ms
55ms Script
application/javascript 2606:4700::6810:5814

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 686829
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230077-FRA
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lo4a%2B3O3p20pvUbJRc2ph97pgQyur%2B7oLfp%2FTJPuuY1H0L46ARy4ndRa%2FPkoc6dDD7%2FlFZYlrFsc9JLjHm3DRFE33aGL%2B12PgZC21cSh%2BDoxSlOe1b6rPGC6bprYdCJ%2F%2FqUbf5EO%2BL8OZj669e4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82338849ba7b4d62-FRA

GET
H3 200 tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame BB20 10 KB
11 KB 494ms
493ms Font
font/woff2 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/bubble-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/bubble-widget.css
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:07:29 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 10520
last-modified: Sat, 22 May 2021 07:25:13 GMT
server: cloudflare
etag: "054b3b66812d0a4b87ffc6776f0a42f1"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
cf-ray: 823388493b05367e-FRA

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
261 B 162ms
162ms Fetch
text/html 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 09 Nov 2023 05:07:29 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.cgmoneta.com
access-control-allow-credentials: true
cf-ray: 8233884d0e6d367e-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-2040

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 170ms
169ms Preflight 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cgmoneta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.cgmoneta.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8233884bfd54367e-FRA
date: Thu, 09 Nov 2023 05:07:29 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-2040

Verdicts & Comments Add Verdict or Comment

232 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.calendly.com/	1970-01-20 16:05:08	Name: __cf_bm Value: Tul4vcDbjDutRy5GWoedHP86DkoOBPi3Rtf4_AhVElM-1699506443-0-AcvO+pnFxt/Y2oZq/rf++qM9+ZKZfleyqMqQg2xpQ4Ip308KvtFPFh1wDzryekKWOdktQdoloRlsRX+8ggg0hIs=
www.cgmoneta.com/	1970-01-20 16:27:00	Name: dm_timezone_offset Value: -60
www.cgmoneta.com/	1970-01-21 00:50:42	Name: dm_last_page_view Value: 1699506443465
www.cgmoneta.com/	1970-01-21 00:50:42	Name: dm_this_page_view Value: 1699506443465
www.cgmoneta.com/	1970-01-21 00:50:42	Name: dm_last_visit Value: 1699506443465
www.cgmoneta.com/	1970-01-21 00:50:42	Name: dm_total_visits Value: 1
.cgmoneta.com/	1970-01-21 01:41:06	Name: _ga_0ZEPTZY19R Value: GS1.1.1699506443.1.0.1699506443.60.0.0
www.cgmoneta.com/	1970-01-21 01:41:06	Name: _sp_id.a8ab Value: 76c4eeb2c20093fc.1699506444.1.1699506444.1699506444
www.cgmoneta.com/	1970-01-20 16:05:08	Name: _sp_ses.a8ab Value: 1699508243661
.cgmoneta.com/	1970-01-21 01:41:06	Name: _ga Value: GA1.2.323011094.1699506444
.cgmoneta.com/	1970-01-20 16:06:32	Name: _gid Value: GA1.2.1513130651.1699506444
.cgmoneta.com/	1970-01-20 16:05:06	Name: _gat_gtag_UA_152012684_1 Value: 1
core.service.elfsight.com/	1970-01-20 16:05:06	Name: elfsight_viewed_recently Value: 1
.linkedin.com/	1970-01-20 18:14:42	Name: li_sugr Value: d72d22f0-8a00-4449-9a8b-6e0654035e16
.linkedin.com/	1970-01-21 00:50:42	Name: bcookie Value: "v=2&e655c5a2-40e7-4db9-88d7-a31980fa427f"
.linkedin.com/	1970-01-20 16:06:32	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2883:u=1:x=1:i=1699506443:t=1699592843:v=2:sig=AQEIX-WliDLGTcnatJCxcyWFo41hPydn"
.calendly.com/	1969-12-31 23:59:59	Name: __cfruid Value: a4dcf12ac710c40c23a57fe90bd0042e29ab00f4-1699506443
.canva.com/	1970-01-20 16:05:08	Name: __cf_bm Value: V7cWadXbDlUukxBHXjiWuysajVyf_JzQ7fXOjjxv0B0-1699506444-0-ATZmUzNSW6HzbknImXwrNahNRlJk/FYOSV/B1+dVp1WyjGrpCb02ZOUJ7xgsSreAhmRc1E20LhPIlXBDoQYE04Y=
.canva.com/	1969-12-31 23:59:59	Name: _cfuvid Value: KXQbqYi66cB2qsaK1y5fhEm2RY7nwoRKL65E_R_JTRw-1699506444101-0-604800000
.linkedin.com/	1970-01-20 16:48:18	Name: UserMatchHistory Value: AQIDXBkeZbD2HgAAAYuyelc6FWr_k7rh6TBANElOPiFwlSidaNKzvavDvlq6ThK-l4eVZ9lPUYw-yw
.linkedin.com/	1970-01-20 16:48:18	Name: AnalyticsSyncHistory Value: AQLJm7MnY7t9JgAAAYuyelc6_900nBRjP6zc4fPBPQqweOgaN1Ubhx7orjaje3JsanJ47pObahoiY3ZiwE0xtQ
.www.linkedin.com/	1970-01-21 00:50:42	Name: bscookie Value: "v=1&2023110905072494d0c3eb-445f-4b7d-889e-0a3528afa29dAQGlxbF_fcL56P58jLeI_m5coLXxCYQB"
.linkedin.com/	1970-01-20 20:24:18	Name: li_gc Value: MTswOzE2OTk1MDY0NDQ7MjswMjEIlxu7wDCJhXtzYj33wLEnSLd76x77lrTtI4M6koIayQ==
www.canva.com/	1970-01-20 16:05:08	Name: ASI Value: 01HES7MPM16H0KM5XQR4V8ZGHM
www.canva.com/	1970-01-21 00:50:42	Name: CDI Value: 9afae4bf-35cb-488a-8c3f-0db829a94b6f
www.canva.com/	1970-01-20 16:05:17	Name: CPA Value: EEagqHJhihaQTIGn8UNt_ipCMMAZmSAu4rjkmKyRnJJHux3dRiGhvY9SOy3GNSnPwIk4C0aBUDue4bpLPaxc6br41Dy6XTPwDmIO1mGpwTozhzooRMNeI96vB0sIEk1d2dKYD8X1oxFJ2XYM_ktsBmzUQ9ueCq61BSEr35sXikXvPIiOhc96RGg_4tvgRSCMaZ-I2a506jQdlW61uOh4e62L_pE127hzmsrXuSc8iogz_ZUTSs9SLicJ8g1b5MOFp77G2Jh3rFgA7IeopmLUDNloMMfbd36DfnRj04hXyZXohjU1
www.canva.com/	1970-01-20 16:05:17	Name: CCK Value: uNPn1gM4xgLEeukEgmF1sQ
.canva.com/	1969-12-31 23:59:59	Name: __cfruid Value: 421ecdec68c52526dc6654253d5bd6bdac293283-1699506445
.canva.com/	1970-01-21 00:50:42	Name: cf_clearance Value: yDbucS70010lALcl9viUUCNyGSRW8MH3FljDGMRhAdQ-1699506445-0-1-2181f7cc.89fdc067.59692978-0.2.1699506445
.calendly.com/	1970-01-21 00:50:42	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Nov+09+2023+06%3A07%3A25+GMT%2B0100+(Central+European+Standard+Time)&version=202310.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=64563895-32a7-47f7-9f07-711099f1abac&interactionCount=0&landingPath=https%3A%2F%2Fcalendly.com%2Fcgmonetallc%3Fembed_domain%3Dwww.cgmoneta.com%26embed_type%3DInline&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
www.cgmoneta.com/	1969-12-31 23:59:59	Name: twk_idm_key Value: GVO77fOcCmKsF-ViX75gZ
m.stripe.com/	1970-01-21 01:41:06	Name: m Value: a27355e8-4594-4f87-8a01-0b57066972b9c380ad
www.cgmoneta.com/	1970-01-21 00:50:42	Name: _aeaid Value: 32486a35-427c-46be-93bf-8faafa3a00da
www.cgmoneta.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.cgmoneta.com/	1970-01-20 20:24:18	Name: twk_uuid_62ceb9207b967b11799955fa Value: %7B%22uuid%22%3A%221.SwqoVwMiNlCOyrZNLu9IIvNcvKrpElBckRGae7r45PR6vyfo7ly3FqfpF6fduxTKrWrj4kUSAzSJdDpZ4lOxY1oHflvOPJ0XeZnVJNKlUFJddDwfxnWKc%22%2C%22version%22%3A3%2C%22domain%22%3A%22cgmoneta.com%22%2C%22ts%22%3A1699506448646%7D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form(Line 3619) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://embed.tawk.to/61251c94649e0a0a5cd2b8b4/1fdsff8os Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://static.canva.com/web/f23e4eb2ce6dc8c4.js(Line 290) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.audioeye.com
assets.calendly.com
calendly.com
cdn.cookielaw.org
cdn.jsdelivr.net
core.service.elfsight.com
d32hwlnfiv2gyn.cloudfront.net
d3v0px0pttie1i.cloudfront.net
embed.tawk.to
font-public.canva.com
geolocation.onetrust.com
irp-cdn.multiscreensite.com
irp.cdn-website.com
irt-cdn.multiscreensite.com
js.stripe.com
lirp.cdn-website.com
m.stripe.com
m.stripe.network
media-private.canva.com
media-public.canva.com
media.canva.com
notifier-configs.airbrake.io
o13855.ingest.sentry.io
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
region1.analytics.google.com
rtc.multiscreensite.com
snap.licdn.com
static.canva.com
static.cdn-website.com
static.cloudflareinsights.com
static.elfsight.com
static.ziftsolutions.com
stats.g.doubleclick.net
telemetry.canva.com
universe-static.elfsightcdn.com
use.typekit.net
va.tawk.to
w.usabilla.com
wsmcdn.audioeye.com
wsv3cdn.audioeye.com
www.canva.com
www.cgmoneta.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.recaptcha.net
108.138.24.174
108.138.7.94
13.107.42.14
13.32.118.47
13.32.99.94
151.101.128.176
18.245.60.75
18.66.112.8
18.66.122.50
2001:4860:4802:34::36
2606:4700:10::6816:1883
2606:4700:10::6816:445f
2606:4700:10::6816:455f
2606:4700:10::ac43:2642
2606:4700:20::681a:5f7
2606:4700:4400::6812:29af
2606:4700:4400::ac40:9483
2606:4700:4400::ac40:9b77
2606:4700::6810:3865
2606:4700::6810:5814
2606:4700::6811:ef9f
2606:4700::6812:82ec
2620:1ec:21::14
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2003
2a00:1450:4001:811::2008
2a00:1450:4001:813::2004
2a00:1450:4001:830::2003
2a00:1450:400c:c03::9d
2a02:26f0:480:f::213:7ec6
2a02:26f0:480:f::213:7ee1
3.67.141.185
34.120.195.249
34.223.174.208
44.193.110.116
54.186.23.98
54.208.186.38
54.214.153.110
54.75.76.201
65.9.66.57
01a66f314327c44281f84d65a39b9473117ef5e91035f9c1b9554b63431242c6
02860aebac589c075ea6261fc266608a79058b1da8e660aaf89bcedfe64c3c0b
075cdc38fbeb3f84837f159e35ddf081a5e25f60fd1dd6dfaf37c3a67b587494
0a95da48ca852d73a01247d0b6d7316bedec284c13a804d74549949ff4113076
0af138df3180534e4dd15035bc9694f5c972796da41c5508be0b89d8609764c8
0bbcfef07b6bfc04a44cbbf21cf316564c103c35e6a29dcbc27246a492feb5ae
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
182f9a7ed4dead04b7f0b9cb42af3a9b744f368c6a770ce88e3f6a04bf0778fa
18681de0d6b00f504f476e2dd4a8579e045f5e9f6dd4ae44d2f9402cfafc2641
1a7503af95ecf6b5d1458774fdcece3c522aa64b334b155cdb0330dfeffc1c52
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
23d7912e30cca1831cdf2e9270ba71f9a540e37f3dd989585df54e7906537e97
270210a74fb45c00d2abd485b9bb8d4e2512d033bd1eaeebc17549622f07b1f5
273724e1be99ddeaee985fb777d76b1683b2cfa0cd9b74d1877775c6a10c44be
2b08d6a536daed8d1852521013cb0281e89108bbd500dc7813faf421ab50293d
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
2c3f43f9e433cc7dcf72557510e28f069ec93162a399793e6610b7a7f97a70cd
2e8a7308dce90cb35d61a54d9f4af314524103407bc4415490bfa3701a4ed8db
2eb81bf6d8d3757bb7cd67f21e3c96454b01f1fd02d8fee78ce626e919b74c06
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
3011f19b99f0f0d784da7c9d84d801726fe27d87f8ed8008b0b871ddaf2072a5
310c5308efe842903bdeef1ec8963a7758e3998bef5f54ce2dcd433d3ae519c9
31722f3395daa5ea63654a66f1a603474a1567bd77d94619e655a8624786a22a
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
3572ca1a687a69171fbfc314a2d8c567a18885621c3f43cb63e287659ae35265
358db197e46c18220231b57ba38c50d92cbe5ccc3f14da9e203b2f2aa3d3943e
3772767ff67487697ff10935d55de63df2c7ee53435326b45577f86819e84c71
386dfc49231c08d62d3162b207d08c14ef50663f60a6f77d5f8b53c6ba4a1034
38a13afa1a9ffd73252e6725c09be18579dea266e3654d226e50f5a6fe999808
3bd68c785340bcc6327fcba943670d7e70022a25aef46af666d5d945ca365a93
3bda2b2d1219e31125f948d0e43e3d45980db9184b1224e08c9ac0fcc871dfbc
3e32aea52247a81c38b4735e84a28ba27b0cbc33f007a1d14e81e64ba766eadd
3eb9b294b344cf47c2af14fafe8528fccc545cb25b9325802a3bd1b0696171b6
3f3fe9842edf7f8240031c134670cc14e2227568ce15089e5d1f8a7ca7d1e6ea
3fc0356e946e0c4a778dae4fc3afea43f75ac94d01817b8810926a63d80d178a
408f3bd7d6193cab269c6256dd0bf8e1b6667cfd5fb7a413c329bd48b7e78341
41efb03115df0cd1aec6d2a3d54e1d5882e0e66dcfbb3387b17ee979acc19528
421b37afbd43516bcba80b81ebd3df10718e30af976776fba17516ac1e26f12a
432d3ceb04bc5bb9c94242a57a06211ab0cbe6168af26354223a9b57df4266f0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448cf12c27f9290d21916fc5a2b12258344b4104d4c1ec5c9fa14dd3106f04a1
44b5a04a72cd6f0008ec1b88de1c301b433c18bde9547f198aba6863452cbe4f
4587c9ec2c976da6c06f6862ebe5695ce3aed04bb0bf51ba84d0dcbcee2b66ca
4737e970e7344d8bf4ee6760b4a0dd29c21c1899a7c34dbe1e10cb2893834f5a
47ed7727f89b6ab6ceacd105e768619250af87b2242ab048a18dc2db26e80421
4a73c8636ef8bc07f6141a88d9dbbe131041148ca19187a785bc74074314b8a7
4f9e9ae956ffab2981f954cf29a01f69353508687b3d7f9696dc502155b2a569
4fe218edbeae627f9ce8c9ce9b90a3a88eef3a1b4abaa1af68f117b9b3a1c93c
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
506becbc4f3f3c89a9b21e29f998cddd3404bf0782dea94ff7f3ce1d98d3de19
587e53033e66207407f9108a4f3aee7827cc50a0de5a64ec769c75fd47f90a90
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5efd2d7edc17577b83c66728fb2a2b952f389d0825ac49d2a73dafe0f9070d99
5f6c60fb96e5295acc389294169eaca07a47e51084de0976268eac9ebbb7d66e
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5ffc93f6476106172540579f9c36c2f5219b34833b3241d617a617dcba28b0e2
60f494f6495bf2a685fbefd16b065d04ba3a8181bb36746343b5d8cfac820913
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
646c9c575c477ec1fc64f3df83af60acea3a0ecf4f6dd2c7202a32e8e115ada9
65903b8703d79850e660a2b415ae10306b3ee3015a436327de3f86433d5d774e
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
67f461d6f9c29b0c609ee479a08c50ec24390b654b507c933ec0910cffe88ee0
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69e6e967749f078a4c36f5fc2e563f45f01178ca5d561af3df9df6963453678b
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
6b398a361a4d1114a1cc2306fa58f4fa13d7416fce7df564368d2432e70a3fc4
6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
70c6f5113c1bbf4ab16c83c17bbb2f7a89c14289eccda26031f77c873a30c0ca
722ebb4a0bfbbfca20e8384ec8a72f290c57806a8d1cad0dd8bba4306fdeba80
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
78278b5c1f2b851af38fe569a9544e265d53a0c0b6f592bb5117f9b2f40c556b
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7979596929ec715a2cafe7a731351b4a3f53d289a907cd559e51763c7b4f64de
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7bd913baa0c2ed74ff85d5708f13fb56fc213e897766915e0ff8842c685cdbf5
7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc
7d592f442f31831cd13e4b8fb407216d5d3a7c6cfc9f0a35dc63bb246742cded
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
7dfe7cd15b02b5fb212718b805ff2b6a01a6141ca538615fd7325ba6191933f1
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
7f803337d01a657607bca6b20e06f371c3895b36a5f2be03a8fa9b5e16c9a83e
829c3296dcfd3fc1ab982e767f4f881db253f0beff4ff1e21f2c743d30cb2e8e
82cb0b064c28e5a61038b25972c7eb0937932ceac6b1ac69bff012ea67b78649
84879b89770c6de248c88819697c37aacd209a075f6932b339c63dfe5fd6ab6b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
8a34981cda55b2bae3762c709553b06e72e7a9b8de79012c610547f84a34833e
8c589010528d3d2d555925cf1998df6e14312d816bb5ff8d334601a1284bc009
8ea98b82eb62795846fed9452c40531d668dd519e29633c196905d6f5af8d846
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
970ea4ebe72062ba646e37d54261c3819e3418438106ff8495a1630afff2b233
988a40deb30ca96a0db8ae7beaaa1bd27e94b484f10bf811384fc4b89dabf066
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9e23d540a27ad9bd7da671814a7a83a0e75ffc6f59cc53ff7aabfc5af586dc6b
9f488c8be2026e151d6289c5455a0ad982c59c5c12cdd736cd6d20002aa264cc
a0d94dfb86d686fa5c7a0ae58ab81d05e42e026f92113d2037e70bbf37bc5da8
a14854a5e198f939ca07cf5fea4418466f196a1dfa72e829dfe0157850d39392
a2664a4943793f01857aa918698cc3486caaf1d67db65cc22ea1230342c993fb
a5bd0d5533bb8466b3057f3b8f8cc2bc7159690e5b2baba5a869f15019e9864c
a6d5f6164d43a4cf2131505ac4aa9d91d48135f40f22350268ea89a6bbc56584
a7c77041d68d1dd60668ed0c4a5991ac62b5aaf1a21d198c90311ff6bf43148c
aca7cab99125c7ccd3409b1fe3cf5228e85ef7df86198c0460be1c98a8e9de95
ad31e6b5e9acfc50bd8b0f428d4ee4a511ebbaa619a882edf8b0ad929ff6d8ba
ad7fbcd8ff66daf0836444533ad7713b3c496f34dcfcbc8de244b9aec4591626
ae5849b3e31df5d935556c4c19fcc98f5eaec2c9dc65f7f526981e3fb3573a41
aeb9307c39bd0783b05b8ef1f00cdbc7290f0095068cc51b938d1fc681a8cb85
afb56f03f1f14f412565f7750d2e602932e99da1716836842deb3fce25815868
b089f5f65d03da61b611f98336194eb97c019203a97c3899a0d26cd28079b65e
b0f95af267be35f4db99666217c62de441c71b4f2eef3f23819f8e063fdd5f7c
b11bb1c127012d3fd77e3ec2877936533e5c8fce15137a8dbddf7acbd0107f4a
b2871b5d8dc0f312693ac6cd040e207e31a73c50a2b872ef7942006a90b52bfe
b46763c688491c4ec977fef0c618e12d8e04291ab07457b1dd9c2a3603a10039
b5fbc53b30d14e6c6b97c498de6fe0ccf81a8356b5a83fb42207122b0ea625d3
b663f3a69d732e9fa97848f40210af1c03242c22151997a4af006d2a8036ea03
b7684ef5ef7ee0d536403226f29a0d97d394ea2bec8877983a3f2da6d4665432
b8cd52b2366ba8d601e2c8f660bd7e2c0b3bd87055687c0aabe5703a02d60ab3
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
babceb84f686bd4e9dab63be7a2bb76f5ccd0251337ff1584357d2eb1df30825
bac77166a80b9444c3f91de078ad9673f4102c9180374de58b3e9d55161ef451
badbc73aa47546ff0fc36e1443c8b120a75140bd9deba3f4dab88b7d2cc535bc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd003e70daf5846efc00f805dae370c8a8cfeaf73fe2b91ce971edbbf4fc64b3
c182a12be507894475e0ca4dc0d90cd484303a090396eccb4d888dadec707cae
c3d25baae1c76af26f76b14f103a4c652f50f2a2c37d1ed3d524dc49f2af8e8c
c402dac34a2ddb65a30763afd1e50c65ccd82117b61a773f2512bc6e2dace631
c539a052bb796aae20cec8e40ea3cf6431ee917b292e981785cdb4f27c5aa41e
c6d603c605c9e07062ffeba7c47a81e19c4f8c05604c6474371f4ad8b654c758
c6de703f8ee214808496dcd92795ac8971782935ed75abdd5624c814e69daaea
c7aa0b03452db10607432837371a04c2f3a5e232921895ccf21c9b3abe02f9ad
c84de7e52d68bd3b651219e7085236babc85a0c7c79f21a14f0cdddbd0fb4b4c
c999544c8c5395a726c3d7d26bb347751e8be468b8942d47af9bb764ded839f3
cdb1ac36dd2829866f08390c3e81d461cb56d55d2560e64363492ffb5c3403fa
d2647b69391c43bb261499c03d1fdf45b6be4eb7b27e404b52fcd73af15172df
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d41624e9721619a0dbe00d0fd9c0175a8f97c484aab61117db7246f69b7de9ba
d79401585d50c8e625f6abd3c443cdd31f1ec73cc7f7f570d3330dc706f433f7
d84bca3e5fd4f5cdc0d0d889e33b3feb68e9055797353af5061609a95b2ef30a
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
daf180cf98df59c19d66d787ede2dda16382c5a0d8245517d3fd9b399d7d4022
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de51bb2b6f87b2f97cbaa33bb97801c2d0fc72a032f74fa0250e75b7c38d5464
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71ad441d3743415616e89da3ed1b5e524c9014065e0628b49330b8f4992219e
eb3a62140e15c0ae94ced7e32c1b9f373601371a313fe6f4836d993463f57204
eb7b2c0f47d5bcca794d5b1be2bed020b4b485b8b544491426b0b87dbad82226
eb8b304d928544c94c1278aa006bcc82559125582e2e53bd33462faebd040a4c
ec6a3bc8c0aa64b20e093b968f3a4ea470b942e931f38cf5e1d41e1c2ecad87a
ef072b9ae1b3c29f94781c86bcdfdb71c1e06bbc7a2f05bc65dcfa2eefdde02c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f56b35823a693646bf987ca07c9cbc4ff72a83b79b34595b20546b539795fdf0
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f79479236fb92f5507db8d2f7230c48b27f6609354ace7c26e1e32a04ed0f806
f7a3e3bc4958ecbc5cad7122e62d2d9658197eb70331e8c512ed0b8e4a7b18b9
f950cd7338e89507da357380e9fdd90e82a2de58cfe3c0fa598ba086577b25d8
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
feeb83e3a11fb74465e062a5081f1f6f573ef66197f218a3a86447fefe3166f6
ff06887fd7ac3ca670729e32ed8143bb9d04b14ea825a9e944f905db1bd6a993

www.cgmoneta.com Open in urlscan Pro 3.67.141.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

191 Requests

98 %HTTPS

56 %IPv6

30 Domains

52 Subdomains

41 IPs

4 Countries

5044 kBTransfer

13229 kBSize

35 Cookies

6 Outgoing links

Redirected requests

191 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cgmoneta.com Open in urlscan Pro
3.67.141.185 Public Scan

Screenshot
Live screenshot

Full Image

191
Requests

98 %
HTTPS

56 %
IPv6

30
Domains

52
Subdomains

41
IPs

4
Countries

5044 kB
Transfer

13229 kB
Size

35
Cookies

191 HTTP transactions
3 data transactions