book2.siblu.com Open in urlscan Pro
31.193.0.73 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://book2.siblu.com/
Effective URL:
https://book2.siblu.com/login
Submission: On February 19 via api (February 19th 2023, 4:40:20 am UTC) from US — Scanned from US

Summary HTTP 56 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 20 domains to perform 56 HTTP transactions. The main IP is 31.193.0.73, located in United Kingdom and belongs to UKFAST, GB. The main domain is book2.siblu.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 15th 2022. Valid for: a year.

This is the only time book2.siblu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 14	31.193.0.73 31.193.0.73	61323 (UKFAST) (UKFAST)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
1	104.17.210.204 104.17.210.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:81e::2004	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:dfcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
3	91.199.212.148 91.199.212.148	48447 (SECTIGO) (SECTIGO)
1 1	45.76.13.51 45.76.13.51	20473 (AS-CHOOPA) (AS-CHOOPA)
1	34.193.96.49 34.193.96.49	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:ebcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:74b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:dbbd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:9d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
56	21

14 31.193.0.73 (United Kingdom) 2 redirects

ASN61323 (UKFAST, GB)
PTR: 31.193.0.73.srvlist.ukfast.net

book2.siblu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.210.204 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:dfcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81f::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.199.212.148 (United Kingdom)

ASN48447 (SECTIGO, GB)
PTR: secure.trust-provider.com

secure.trust-provider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.76.13.51 (Piscataway, United States) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 45.76.13.51.vultrusercontent.com

ssl.comodo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.96.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-96-49.compute-1.amazonaws.com

ssl.comodoca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ebcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:dbbd (United States)

ASN13335 (CLOUDFLARENET, US)

f.hubspotusercontent20.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:9d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	siblu.com 2 redirects book2.siblu.com	582 KB
10	hubspot.com no-cache.hubspot.com — Cisco Umbrella Rank: 10631 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 10386 api.hubspot.com — Cisco Umbrella Rank: 4759 app.hubspot.com — Cisco Umbrella Rank: 5462 track.hubspot.com — Cisco Umbrella Rank: 2191	41 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6840	294 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	364 KB
3	hsforms.com perf.hsforms.com — Cisco Umbrella Rank: 11172	865 B
3	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2081	16 KB
3	trust-provider.com secure.trust-provider.com — Cisco Umbrella Rank: 31785	20 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	hubspotusercontent20.net f.hubspotusercontent20.net — Cisco Umbrella Rank: 28629	22 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3096	3 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4202	87 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4654	21 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2076	20 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77	347 B
1	comodoca.com ssl.comodoca.com — Cisco Umbrella Rank: 120443	3 KB
1	comodo.com 1 redirects ssl.comodo.com — Cisco Umbrella Rank: 117446	234 B
1	hscta.net js.hscta.net — Cisco Umbrella Rank: 18180	6 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2128	955 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
56	20

	Domain	Requested by
14	book2.siblu.com	2 redirects book2.siblu.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
4	www.gstatic.com	www.google.com www.gstatic.com
3	track.hubspot.com
3	perf.hsforms.com	book2.siblu.com
3	js.hs-banner.com	js.hs-scripts.com js.hs-banner.com
3	secure.trust-provider.com	book2.siblu.com
3	www.google.com	book2.siblu.com www.gstatic.com
2	app.hubspot.com	js.usemessages.com static.hsappstatic.net
2	api.hubspot.com	js.usemessages.com
2	cta-service-cms2.hubspot.com	js.hscta.net
2	www.google-analytics.com	book2.siblu.com www.google-analytics.com
1	fonts.gstatic.com	www.google.com
1	f.hubspotusercontent20.net	book2.siblu.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ssl.comodoca.com	book2.siblu.com
1	ssl.comodo.com	1 redirects
1	js.hscta.net	book2.siblu.com
1	no-cache.hubspot.com	book2.siblu.com
1	js.hs-scripts.com	book2.siblu.com
1	fonts.googleapis.com	book2.siblu.com
56	25

This site contains links to these domains. Also see Links.

Domain
www.naturalhr.com
accounts.google.com
www.securitymetrics.com
resources.naturalhr.com

Subject Issuer	Validity	Valid
*.naturalhr.net Sectigo RSA Domain Validation Secure Server CA	`2022-08-15` - `2023-09-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
secure.trust-provider.com Sectigo RSA Organization Validation Secure Server CA	`2022-10-03` - `2023-10-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://book2.siblu.com/login
Frame ID: A16ED0BD52FE3750811942A7401DD63F
Requests: 43 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqJzwaAAAAAOCFjsNA-s8F17B_dsl1LEnOFYK6&co=aHR0cHM6Ly9ib29rMi5zaWJsdS5jb206NDQz&hl=en&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=u58bn7tah0df
Frame ID: C1A1C50999F7356E51BBFC19C9F28BBC
Requests: 5 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/1713972/threads/utk/fa950252b5af4d9cbefaa070c07e0099?uuid=f7c47f1ffafa4c1494ba4a401a849bf1&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=book2.siblu.com&inApp53=false&messagesUtk=fa950252b5af4d9cbefaa070c07e0099&url=https%3A%2F%2Fbook2.siblu.com%2Flogin&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: D5EB733233CB32A909EBFCA35EA435DA
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Secure login | Natural HR

Page URL History Show full URLs

http://book2.siblu.com/ HTTP 301
https://book2.siblu.com/ HTTP 302
https://book2.siblu.com/login Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*accounts\.google\.com/o/oauth2

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

56
Requests

77 %
HTTPS

76 %
IPv6

20
Domains

25
Subdomains

21
IPs

3
Countries

1936 kB
Transfer

4967 kB
Size

7
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.naturalhr.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://accounts.google.com/o/oauth2/auth?access_type=online&type=web_server&client_id=511244071682-1qu5ek5pp0dl3c6j6020d2hpmhuvvh2v.apps.googleusercontent.com&redirect_uri=https%3A%2F%2Fwww.naturalhr.net%2Fassets%2Foauth2%2Foauthcallback.php&response_type=code&scope=email&max_auth_age=0
Title: Login with Google

Search URL Search Domain Scan URL

URL: https://www.securitymetrics.com/site_certificate?id=1234969&tk=27abaa79defd3789d7f6279761acc7dc

Search URL Search Domain Scan URL

URL: http://www.naturalhr.com/
Title: Natural HR Limited

Search URL Search Domain Scan URL

URL: https://resources.naturalhr.com/cs/c/?cta_guid=86058643-dcc5-4245-8a65-53b9e2a2b349&signature=AAH58kEjqjMS2CoYCpPGrH3adJCb1hwlsg&placement_guid=86c51aef-0646-4936-b18c-12223b0032fe&click=b9302504-7ec8-4b9e-a15b-7eed7e9bd061&hsutk=b3360f4464dbdc7a9f35a898b8d2c324&canon=https%3A%2F%2Fbook2.siblu.com%2Flogin&portal_id=1713972&redirect_url=APefjpGlqnWiSq9xLd83PafMFnr7DDXfaVmeP4ZbtJX8qL0YzEBhAf3OKyu_sHMi5Tsnr1Q9ls-jYOIBLn7gJ1Ng8yUnfyOg0DJrPJgdlfDI13TPq-lcYKHFkWcGE8dUXSEnPpJTflGk&__hstc=178374267.b3360f4464dbdc7a9f35a898b8d2c324.1676781615369.1676781615369.1676781615369.1&__hssc=178374267.1.1676781615370&__hsfp=1878800189

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://book2.siblu.com/ HTTP 301
https://book2.siblu.com/ HTTP 302
https://book2.siblu.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://ssl.comodo.com/images/seals/sectigo_trust_seal_sm_2x.png HTTP 301
https://ssl.comodoca.com/images/seals/sectigo_trust_seal_sm_2x.png

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
book2.siblu.com/
Redirect Chain

http://book2.siblu.com/
https://book2.siblu.com/
https://book2.siblu.com/login

10 KB
4 KB

126ms
126ms

Document
text/html

31.193.0.73
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.193.0.73 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

31.193.0.73.srvlist.ukfast.net

Software

Apache /

Resource Hash

e70325beb163682ecb5617a87028cf6a646382e9eb94bc830e7d21cb8fa241e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 3753
content-type: text/html; charset=UTF-8
date: Sun, 19 Feb 2023 04:40:11 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.naturalhr.net
pragma: no-cache
referrer-policy: strict-origin
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-type: text/html; charset=UTF-8
date: Sun, 19 Feb 2023 04:40:11 GMT
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.naturalhr.net
location: /login
referrer-policy: strict-origin
server: Apache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 208ms
104ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b345abe33a4f53c748b8b6858bbe2c0380add9fbbec748044d2e76d6f0bd681d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Feb 2023 04:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Feb 2023 03:53:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Feb 2023 04:40:12 GMT

GET
H2 200 latest-style.css
book2.siblu.com/hr/includes/css/icons/icomoon/ 691 KB
263 KB 248ms
245ms Stylesheet
text/css 31.193.0.73
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://book2.siblu.com/hr/includes/css/icons/icomoon/latest-style.css?12345

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.193.0.73 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

31.193.0.73.srvlist.ukfast.net

Software

Apache /

Resource Hash

ab246fdab4d6ed2be1fd10cba9ccc189573826e8fee5e44aed6a09e0159c4a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Thu, 01 Dec 2022 15:04:29 GMT
server: Apache
strict-transport-security: max-age=31536000
etag: "acaa0-5eec589b3a4f4-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.naturalhr.net
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Sun, 26 Feb 2023 04:40:11 GMT

GET
H2 200 bootstrap.css
book2.siblu.com/hr/includes/css/ 143 KB
21 KB 363ms
360ms Stylesheet
text/css 31.193.0.73
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://book2.siblu.com/hr/includes/css/bootstrap.css?12345

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.193.0.73 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

31.193.0.73.srvlist.ukfast.net

Software

Apache /

Resource Hash

23d3177dc8eab772a524bd427ccaf24402114bc950d143595f697886cbba2988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-length: 21432
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 01 Dec 2022 15:04:29 GMT
server: Apache
etag: "23a84-5eec589b287cc-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.naturalhr.net
accept-ranges: bytes
expires: Sun, 26 Feb 2023 04:40:11 GMT

GET
H2 200 core.css
book2.siblu.com/hr/includes/css/ 137 KB
19 KB 365ms
362ms Stylesheet
text/css 31.193.0.73
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://book2.siblu.com/hr/includes/css/core.css?20200827?12345

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.193.0.73 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

31.193.0.73.srvlist.ukfast.net

Software

Apache /

Resource Hash

327d3f6333cdbcb4e949d2514c9e2429e44d58a40ea1021e26ccb86cf8fd5494

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-length: 19499
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 01 Dec 2022 15:04:29 GMT
server: Apache
etag: "22372-5eec589b2a70c-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.naturalhr.net
accept-ranges: bytes
expires: Sun, 26 Feb 2023 04:40:11 GMT

GET
H2 200 components.css
book2.siblu.com/hr/includes/css/ 386 KB
57 KB 483ms
481ms Stylesheet
text/css 31.193.0.73
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://book2.siblu.com/hr/includes/css/components.css?160919

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.193.0.73 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

31.193.0.73.srvlist.ukfast.net

Software

Apache /

Resource Hash

0577df99b72b2ae56113f90071970715e694d20cd0ab30a0cfd51db349a4ed7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-length: 58143
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 01 Dec 2022 15:04:29 GMT
server: Apache
etag: "606e0-5eec589b29b54-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.naturalhr.net
accept-ranges: bytes
expires: Sun, 26 Feb 2023 04:40:11 GMT

GET
H2 200 natural-colors.css
book2.siblu.com/hr/includes/css/ 16 KB
3 KB 117ms
115ms Stylesheet
text/css 31.193.0.73
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://book2.siblu.com/hr/includes/css/natural-colors.css?12345

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.193.0.73 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

31.193.0.73.srvlist.ukfast.net

Software

Apache /

Resource Hash

5ed1250decbe77a24475a7d0fe054078ffe2686fd8d67c7e6caf66df7d0f61cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-length: 2636
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 01 Dec 2022 15:04:29 GMT
server: Apache
etag: "41b9-5eec589b3e374-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.naturalhr.net
accept-ranges: bytes
expires: Sun, 26 Feb 2023 04:40:11 GMT

GET
H2 200 custom.css
book2.siblu.com/hr/includes/css/ 109 KB
23 KB 120ms
118ms Stylesheet
text/css 31.193.0.73
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://book2.siblu.com/hr/includes/css/custom.css?12345

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.193.0.73 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

31.193.0.73.srvlist.ukfast.net

Software

Apache /

Resource Hash

ca472483ae5f827a47b8bf7efede38c1fb5124c7319fd8ab4fee7b1e6baf8fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-length: 22840
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 08 Feb 2023 11:46:18 GMT
server: Apache
etag: "1b532-5f42ecffdde6a-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.naturalhr.net
accept-ranges: bytes
expires: Sun, 26 Feb 2023 04:40:11 GMT

GET
H2 200 entry_pages.css
book2.siblu.com/hr/includes/css/ 300 B
598 B 115ms
114ms Stylesheet
text/css 31.193.0.73
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://book2.siblu.com/hr/includes/css/entry_pages.css?12345

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.193.0.73 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

31.193.0.73.srvlist.ukfast.net

Software

Apache /

Resource Hash

6a0a0032ba02d47e1620bb1f7aa60595f0324ca704386aa912a79f59a10203da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-length: 168
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 01 Dec 2022 15:04:29 GMT
server: Apache
etag: "12c-5eec589b2aedc-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.naturalhr.net
accept-ranges: bytes
expires: Sun, 26 Feb 2023 04:40:11 GMT

GET
H2 200 1713972.js Show response
js.hs-scripts.com/ 2 KB
955 B 603ms
85ms Script
application/javascript 104.17.210.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/1713972.js
Requested by: Host: book2.siblu.com
URL: https://book2.siblu.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.210.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f9ac2df3388df069df1f7cb45850c441d9362358a01e3a2f5ebe728c701ff90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 19 Feb 2023 04:40:13 GMT
server: cloudflare
x-hubspot-correlation-id: 69d2f2f9-dac8-4557-bcb5-df1a360a7b9f
x-trace: 2B55D42D776B97988B15BC9C21DD73ED621659439D000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://book2.siblu.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 79bc52b9aac16287-ORD
expires: Sun, 19 Feb 2023 04:41:13 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
904 B 207ms
111ms Script
text/javascript 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdqJzwaAAAAAOCFjsNA-s8F17B_dsl1LEnOFYK6

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55e1103cd2805329398f27c49f11291aba338ae9415c68471f98ae240a242404

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 584
x-xss-protection: 1; mode=block
expires: Sun, 19 Feb 2023 04:40:12 GMT

GET
H2 200 logo-aug16.png
book2.siblu.com/assets/images/ 35 KB
35 KB 128ms
114ms Image
image/png 31.193.0.73
UKFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book2.siblu.com/assets/images/logo-aug16.png

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.193.0.73 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

31.193.0.73.srvlist.ukfast.net

Software

Apache /

Resource Hash

83d6fb14173fb1706ac8e030bad576ec793fa663b543cbc817fba51b04d046fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Thu, 01 Dec 2022 15:04:28 GMT
server: Apache
etag: "8ba5-5eec589a44b47"
content-type: image/png
cache-control: max-age=604800, public
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.naturalhr.net
accept-ranges: bytes
content-length: 35749
x-xss-protection: 1; mode=block
expires: Sun, 26 Feb 2023 04:40:12 GMT

GET
H2 200 PCI_DSS_Validated_dark.png
book2.siblu.com/assets/images/ 14 KB
14 KB 129ms
116ms Image
image/png 31.193.0.73
UKFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book2.siblu.com/assets/images/PCI_DSS_Validated_dark.png

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.193.0.73 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

31.193.0.73.srvlist.ukfast.net

Software

Apache /

Resource Hash

c650b4197c674ae65ef9d49d9423c627368b3c41ccd8d0d10f83e52336686c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Thu, 01 Dec 2022 15:04:28 GMT
server: Apache
etag: "380d-5eec589a4475f"
content-type: image/png
cache-control: max-age=604800, public
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.naturalhr.net
accept-ranges: bytes
content-length: 14349
x-xss-protection: 1; mode=block
expires: Sun, 26 Feb 2023 04:40:12 GMT

GET
H2 200 86c51aef-0646-4936-b18c-12223b0032fe.png
no-cache.hubspot.com/cta/default/1713972/ 15 KB
16 KB 666ms
151ms Image
image/png 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/1713972/86c51aef-0646-4936-b18c-12223b0032fe.png

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705b9727b7006e1a491001247d48e0bb01cdb75d2bf3f9219e85ef2a4e016c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:13 GMT
x-amz-version-id: null
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: G02EJZWCZ7PCAMW9
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15405
x-amz-id-2: CKIOHxLo3fNaXLRRvHV4QRBfbbBHshhZB16dUd+IW1RKNY7NlB/SF97PdInY3srpmXrNMzZmmT0=
last-modified: Thu, 31 Mar 2022 10:17:01 GMT
server: cloudflare
etag: "6b5bc45c55859a2f18da520bd81d1863"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAP9bptK7O7GV2%2Fv4q9KmPPpmTXl6rFDyHcY2ciike9tolQ89RgBIQ09flYQmBwsrUrNaEYkwZEVDO3NozW1XHe4b5hlvgQJHtWMXosV7i2XXjmbB4f%2BFENlZV5NhWUroSLWaeqrMGEXt0aA034JJCDP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 79bc52b9acf522ed-ORD

GET
H2 200 current.js Show response
js.hscta.net/cta/ 16 KB
6 KB 133ms
33ms Script
application/javascript 2606:4700::6811:dfcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscta.net/cta/current.js

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:dfcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53e889ec0ff84d0673b7de59c593d0fef76f059e6180c221995aa143a15db19a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:12 GMT
x-amz-version-id: Gcf58dVrKBkf4GqTGjI3QoL_mPyyv1Zn
via: 1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 199
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=cta-embed-js/static-1.116/bundles/current.js&cfRay=79bc4ddc3ec7636f-ORD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 Dec 2022 10:41:21 UTC
server: cloudflare
etag: W/"de427b147fa70013c63bb257c88ede56"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 79bc52b6af7062fd-ORD
x-amz-cf-id: 9oI34HtTqxSkbPMCXvECvHO-us24N7CT87wx3dcCuJUqieoPe1cifA==
x-hs-target-asset: cta-embed-js/static-1.116/bundles/current.js

GET
H2 200 jquery.361.min.js Show response
book2.siblu.com/hr/includes/js/core/libraries/ 88 KB
31 KB 119ms
118ms Script
application/javascript 31.193.0.73
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://book2.siblu.com/hr/includes/js/core/libraries/jquery.361.min.js?20221217

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.193.0.73 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

31.193.0.73.srvlist.ukfast.net

Software

Apache /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-length: 30989
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 17 Dec 2022 12:36:52 GMT
server: Apache
etag: "15e40-5f0055733aa0c-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.naturalhr.net
accept-ranges: bytes
expires: Sun, 26 Feb 2023 04:40:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 155ms
43ms Script
text/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Feb 2023 02:41:43 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 7109
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 19 Feb 2023 04:41:43 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ 405 KB
162 KB 153ms
42ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdqJzwaAAAAAOCFjsNA-s8F17B_dsl1LEnOFYK6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ea3ffab2197a506f50340ec177c79ce2c6ebc5d52d683d3b9147be4c3b7252f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://book2.siblu.com/
Origin: https://book2.siblu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164853
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 04:39:49 GMT

GET
H2 200 trustlogo.js Show response
secure.trust-provider.com/trustlogo/javascript/ 14 KB
14 KB 175ms
46ms Script
application/javascript 91.199.212.148
SECTIGO

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.trust-provider.com/trustlogo/javascript/trustlogo.js

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.199.212.148 , United Kingdom, ASN48447 (SECTIGO, GB),

Reverse DNS

secure.trust-provider.com

Software

Resource Hash

1ba30b444f0489b7da1ca80092c7879835ba96404751aabbdb2647de4261fa05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://book2.siblu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 19 Feb 2023 04:40:12 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 14 Feb 2023 13:20:44 GMT
accept-ranges: bytes
etag: "63eb8aac-3709"
content-length: 14089
content-type: application/javascript

GET
H2 200 branding-medium.otf
book2.siblu.com/hr/includes/fonts/ 109 KB
110 KB 117ms
116ms Font
application/vnd.oasis.opendocument.formula-template 31.193.0.73
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://book2.siblu.com/hr/includes/fonts/branding-medium.otf

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/hr/includes/css/custom.css?12345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.193.0.73 , United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

31.193.0.73.srvlist.ukfast.net

Software

Apache /

Resource Hash

215a8dd857c1db398e9e952549e117c47796dabf87017fbec852ade2a0237bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://book2.siblu.com/
Origin: https://book2.siblu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Thu, 01 Dec 2022 15:04:29 GMT
server: Apache
etag: "1b514-5eec589b402b4"
content-type: application/vnd.oasis.opendocument.formula-template
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.naturalhr.net
accept-ranges: bytes
content-length: 111892
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 429 KB
429 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 260f37f36bd12b760a844a65ea0edb68e3ac332b587a9d4f0a97fe7d21446fb1

Request headers

Referer
Origin: https://book2.siblu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 seal_bg.gif
secure.trust-provider.com/trustlogo/images/popup/ 5 KB
5 KB 47ms
45ms Image
image/gif 91.199.212.148
SECTIGO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.trust-provider.com/trustlogo/images/popup/seal_bg.gif

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.199.212.148 , United Kingdom, ASN48447 (SECTIGO, GB),

Reverse DNS

secure.trust-provider.com

Software

Resource Hash

6a8d73fd166e03d8e1c024ac60d01d9110c4ac56b45f5bb402739e4095d4a95b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:12 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 14 Feb 2023 13:21:42 GMT
accept-ranges: bytes
etag: "63eb8ae6-12f3"
content-length: 4851
content-type: image/gif

GET
H2 200 warranty_level.gif
secure.trust-provider.com/trustlogo/images/popup/ 713 B
892 B 45ms
44ms Image
image/gif 91.199.212.148
SECTIGO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.trust-provider.com/trustlogo/images/popup/warranty_level.gif

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.199.212.148 , United Kingdom, ASN48447 (SECTIGO, GB),

Reverse DNS

secure.trust-provider.com

Software

Resource Hash

e45902c0c28d8a669a37a61914c1eb760b093f7cc2d41693d52f82327329218d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:12 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 14 Feb 2023 13:20:45 GMT
accept-ranges: bytes
etag: "63eb8aad-2c9"
content-length: 713
content-type: image/gif

GET
H2

200

sectigo_trust_seal_sm_2x.png
ssl.comodoca.com/images/seals/
Redirect Chain

https://ssl.comodo.com/images/seals/sectigo_trust_seal_sm_2x.png
https://ssl.comodoca.com/images/seals/sectigo_trust_seal_sm_2x.png

3 KB
3 KB

1062ms
357ms

Image
image/png

34.193.96.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.comodoca.com/images/seals/sectigo_trust_seal_sm_2x.png
Requested by: Host: book2.siblu.com
URL: https://book2.siblu.com/login
Protocol: H2
Server: 34.193.96.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-96-49.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 014428424f68097441548d1f3fcbed2f1f1fd52327e49c01bdb9dce25eed3353

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:13 GMT
last-modified: Thu, 16 Feb 2023 15:46:12 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3155
expires: Tue, 21 Mar 2023 04:40:13 GMT

Redirect headers

Location: https://ssl.comodoca.com/images/seals/sectigo_trust_seal_sm_2x.png
Date: Sun, 19 Feb 2023 04:40:13 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2 200 cta-json Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 3 KB
2 KB 355ms
100ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fbook2.siblu.com%2Flogin&pid=1713972&sv=cta-embed-js-static-1.116&rdy=1&df=t&pg=86c51aef-0646-4936-b18c-12223b0032fe

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c011143e4d8225a20e95f43b8852480281184d6e1e3d4671f1299e6079575f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-origin-hublet: na1
date: Sun, 19 Feb 2023 04:40:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e0723140-eb24-4f38-8ae6-114afc0dd419
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B95AEB2E824F06D16D313C313E65EC6A885255EF9000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://book2.siblu.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1p6pDq6O3%2FE%2FQ1tJQKNFUMpilj8%2BFwudXHWJmU4ad6oniXeciKLZ%2BuINDicj7OkKY1EGutPXwW6a%2Fr8Uzh564F3XehqWXsHJXcmKXI5Z%2BL05fpevu79PfKsq3UX%2F%2FtUOgvJ%2FXnI9ow0xtm4HJy4D9vylHbmxWhPoRKQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-max-age: 180
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 79bc52b9a9ed2305-ORD

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 66ms
65ms XHR
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1938777643&t=pageview&_s=1&dl=https%3A%2F%2Fbook2.siblu.com%2Flogin&ul=en-us&de=UTF-8&dt=Secure%20login%20%7C%20Natural%20HR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABBAAAACAAI~&jid=1768439406&gjid=384556824&cid=1130454274.1676781613&tid=UA-18542358-1&_gid=626543169.1676781613&_r=1&_slc=1&z=681395863

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://book2.siblu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:40:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://book2.siblu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame C1A1 7 KB
1 KB 103ms
100ms Document
text/html 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqJzwaAAAAAOCFjsNA-s8F17B_dsl1LEnOFYK6&co=aHR0cHM6Ly9ib29rMi5zaWJsdS5jb206NDQz&hl=en&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=u58bn7tah0df

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d2e79dc03b0e91d59440ed9cc34f6ce636a7610c17a912c27b91ce18ce88cf86

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_vDghaNPag9JBbImXWuGrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://book2.siblu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1052
content-security-policy: script-src 'report-sample' 'nonce-_vDghaNPag9JBbImXWuGrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 04:40:13 GMT
expires: Sun, 19 Feb 2023 04:40:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
347 B 229ms
117ms XHR
text/plain 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-18542358-1&cid=1130454274.1676781613&jid=1768439406&gjid=384556824&_gid=626543169.1676781613&_u=IGBACEAABAAAACAAI~&z=1420887894

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://book2.siblu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 19 Feb 2023 04:40:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://book2.siblu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1713972.js Show response
js.hs-analytics.net/analytics/1676781600000/ 65 KB
20 KB 215ms
86ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1676781600000/1713972.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1713972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ca868284b8245a0e2511058f4b9977a369425cf92ff7d4685fef4eea3712537

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:13 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: G02BHXVG4TXJQSMP
x-amz-server-side-encryption: AES256
x-amz-id-2: xN2o4uADuvkcpSqpVtCUWsKejlFEWZqG+PZti/FjloFdDpLurBmljxQrUIKtBZpa1Z8VmkjfDAWfFcTv4+4CpA==
last-modified: Wed, 18 Jan 2023 19:57:37 GMT
server: cloudflare
etag: W/"6a122b1ae1922186cd773ff6e2c7c04f"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 79bc52bb0f118729-ORD
expires: Sun, 19 Feb 2023 04:45:13 GMT

GET
H2 200 1713972.js Show response
js.hs-banner.com/ 60 KB
16 KB 454ms
100ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/1713972.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1713972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d65972a937b028882f32fe27170f751f510c21d755e9b662902a84be002ba04a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:13 GMT
x-amz-version-id: hd.q9vhJiqy6uHy3cEczo.TPKktbKxFx
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: RXE4HSHC7G6A7Y05
x-amz-server-side-encryption: AES256
x-amz-id-2: Sh7SasGXlpkMhhl7xizweD17zHT/m8OIRjQ7StO4YW/eyhRf1+bTZY11t9A2hMeGfI1ayLy0EE8=
last-modified: Tue, 25 Oct 2022 19:59:08 GMT
server: cloudflare
etag: W/"c72fbe6808291a9e9d6218d44580fce4"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.naturalhr.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 79bc52bc7f0d2324-ORD
expires: Sun, 19 Feb 2023 04:45:13 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 73 KB
21 KB 171ms
45ms Script
application/javascript 2606:4700::6811:ebcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1713972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ebcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79c9c324764235b02a9c194df530961fc1e5a1a579110cfa6899b4d8d06d89d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:13 GMT
x-amz-version-id: F2pbz1jLwmV8BqgmK.WhUYX_7w9rU5gp
via: 1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 335
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.12188/bundles/project.js&cfRay=79bc4a8beb6e1d04-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Feb 2023 07:21:12 UTC
server: cloudflare
etag: W/"b32546950561a7f0bb2e5bf2e14225a5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: MISS
cache-control: max-age=600
cf-ray: 79bc52bb1b7ae263-ORD
x-amz-cf-id: N--vTogl-NgE3zGO_IxlEYd5prVisuW7Dnmp_ZfVvrFI1lmrirR_fg==
x-hs-target-asset: conversations-embed/static-1.12188/bundles/project.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 544 KB
87 KB 269ms
143ms Script
application/javascript 2606:4700::6811:e6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1713972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd43cd92e272c2e3872abd9559900116d85f2899e76c00015c59360060bcf062

Request headers

Referer: https://book2.siblu.com/
Origin: https://book2.siblu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:13 GMT
x-amz-version-id: 9g41IgVIr3w9wyiFOHn4rgapkQc72OJD
via: 1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1134/bundle/main/lead-flows-release.js&cfRay=79bc52bb196f2bc8-ORD
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Feb 2023 01:26:06 UTC
server: cloudflare
etag: W/"998dfd36d3c4078a3a05a1a77e61963c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 79bc52bb196f2bc8-ORD
x-amz-cf-id: fDZBCkLHf3XblUghqwLjnYjCPbCXnsPMXRn4_v2n5FhyfFAHbmsaqA==
x-hs-target-asset: lead-flows-js/static-1.1134/bundle/main/lead-flows-release.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 163ms
43ms Script
application/javascript 2606:4700::6811:74b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1713972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7455fff3d4e08245186e113636f69cbc44679bdf8870de5e4fd9a835e3d2e93

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:13 GMT
x-amz-version-id: voeLZ8jD1qAOp4h9t0pVQ2YHSdN3ebgQ
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 368
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.317/bundles/pixels-release.js&cfRay=79bc49bd89172d34-ORD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 31 Jan 2023 04:09:31 UTC
server: cloudflare
etag: W/"bde7af4ffd2c05ea8423271f767ebc69"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 79bc52bb0acc2c64-ORD
x-amz-cf-id: QA044twTS6akqOdUAkeaA0G6ElijfyP896FFnjWFoggnwZ1ONV2h3g==
x-hs-target-asset: adsscriptloaderstatic/static-1.317/bundles/pixels-release.js

GET
H2 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
411 B 619ms
614ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=1713972&pg=86c51aef-0646-4936-b18c-12223b0032fe&lt=1676781612762&dt=1676781612765&at=1676781613159&sl=1&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-origin-hublet: na1
date: Sun, 19 Feb 2023 04:40:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 5b365e0c-3239-4e4b-a467-c9b7157c09ac
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 19 Feb 2023 04:40:13 GMT
server: cloudflare
x-trace: 2BE8CC1E60A179FAFB013D93C52DAEF4D1E6A92C8A000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=initBIxVuykINV%2BCNA%2BSm4lDIvzj37y2jk1ndhn585EfwM0RLCuCVKglmmRzKSkQs30cGBUUGhe8azpu3LylZBpT2c8GlI5%2FSjG4FFroblaOCTZyZgQs350h5ONzqrZcUXYbKgctw3%2Bnv3dTFx3sVUVhbpyLCSBEOFU%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, follow
cf-ray: 79bc52ba6af62305-ORD

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
171 B 269ms
151ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
x-hubspot-correlation-id: 8fe0c65f-39df-4380-93c2-2bba6cc51782
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
last-modified: Sun, 19 Feb 2023 04:40:13 GMT
server: cloudflare
x-trace: 2BA80325AB2EACC3F1766E2985FAFD4731F44EFB34000000000000000000
vary: origin, Accept-Encoding
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 79bc52bb19b72a72-ORD

GET
H2 200 243217e5-5217-48f5-ad5d-0c894a842728.png
f.hubspotusercontent20.net/hubfs/1713972/hub_generated/resized/ 21 KB
22 KB 431ms
322ms Image
image/png 2606:4700::6811:dbbd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f.hubspotusercontent20.net/hubfs/1713972/hub_generated/resized/243217e5-5217-48f5-ad5d-0c894a842728.png

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:dbbd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2202e679bb44e2a87b0f6e1610d1c52ca0614bef0544eb3a6c04cc7eeeb7380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 5989d29cca6db1e89c2f49eb9e4dbdfc.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: DsZGAn6GQLaq3PFJ36Dzt4c85tV72_ox
x-amz-cf-pop: ORD58-P2
x-amz-request-id: XSBTHMJD4YTCS8A9
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 21798
x-amz-id-2: LlHO1P5lHtKe49msfLFJcfYVT7LIOvU9vqEduJNF++Dws66XLrY0lyuTA3guKADnsSFiR9e5xBQ=
last-modified: Mon, 26 Jul 2021 10:35:08 GMT
server: cloudflare
etag: "4d8368b3eb88f81d6de38614d07fd66d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 79bc52bb0b652bed-ORD
x-amz-cf-id: f8SFEu7fc3vljZUExOhvEySOKVGBC_QnfV9jIsAMih690cFPopDUvA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
478 B 267ms
150ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
x-hubspot-correlation-id: 0e88687d-fde2-4e17-86fb-84e65aa62063
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
last-modified: Sun, 19 Feb 2023 04:40:13 GMT
server: cloudflare
x-trace: 2BACE9CAD83B225C9144860475290E4C5D25E8586A000000000000000000
vary: origin, Accept-Encoding
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 79bc52bb19b82a72-ORD

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame C1A1 55 KB
24 KB 148ms
53ms Stylesheet
text/css 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqJzwaAAAAAOCFjsNA-s8F17B_dsl1LEnOFYK6&co=aHR0cHM6Ly9ib29rMi5zaWJsdS5jb206NDQz&hl=en&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=u58bn7tah0df

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 04:39:50 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame C1A1 405 KB
161 KB 138ms
46ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ea3ffab2197a506f50340ec177c79ce2c6ebc5d52d683d3b9147be4c3b7252f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164853
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 04:39:49 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 67ms
67ms Image
image/gif 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-18542358-1&cid=1130454274.1676781613&jid=1768439406&_u=IGBACEAABAAAACAAI~&z=569849799

Requested by

Host: book2.siblu.com
URL: https://book2.siblu.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:40:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 237ms
139ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=1713972&conversations-embed=static-1.12188&mobile=false&messagesUtk=fa950252b5af4d9cbefaa070c07e0099&traceId=fa950252b5af4d9cbefaa070c07e0099

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://book2.siblu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://book2.siblu.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79bc52bc881d2300-ORD
content-length: 18
content-type: text/plain; charset=utf-8
date: Sun, 19 Feb 2023 04:40:13 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZgUwogczX5cyzzQO0Q96mGGaY5Qf8LHbxz8NT%2FBjGmo8Os2Oyysdbuwwyq8j8Uo6MLKZfknE8Ss7JfIDvR%2BFyOs8awTwgcvOsXnYWG4IGPja6v6urlkK5OO0Bm3B0vAgR4u%2Fot9fJugBrED4A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 950ccb5f-439e-443e-a350-a04e5d10bb62
x-trace: 2B2FB188A063B567375B52D54190364204233959C6000000000000000000

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 170ms
168ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf310fd6682181b88d09156e4264f805f5c9d67c2213c381e2cdedd4c7d53c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://book2.siblu.com/
accept-language: en-US,en;q=0.9
X-HubSpot-Messages-Uri: https://book2.siblu.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e7b419bd-ef7a-4473-b6cb-393a44f40baf
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1416
server: cloudflare
x-trace: 2B00BE40054500D0CABA39EFD280D45A043546C043000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://book2.siblu.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEyPfLTgFlcFgYgdkBDRCkhd3OSU4f%2BdIBzBtASpwME9glxRIU3G6ye1dymbVUBXys7QW9nmZ9PjGNG07iSk48gSW9%2F9bcrYuWZ7y6b%2FJAIuTwsDtwYsc%2BvU0btOVCqZ2q5aAfp%2F14O8sLrH3A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 79bc52bd696e2300-ORD
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
85 B 88ms
87ms XHR
text/plain 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/1713972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://book2.siblu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 19 Feb 2023 04:40:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 86128a30-d162-4eef-85ab-1aeeb45a7e95
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://book2.siblu.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 79bc52be5de222c4-ORD

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C1A1 2 KB
2 KB 48ms
46ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 22:52:15 GMT
x-content-type-options: nosniff
age: 193678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 23 Feb 2023 22:52:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C1A1 15 KB
16 KB 1036ms
85ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 06:19:01 GMT
x-content-type-options: nosniff
age: 166873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 06:19:01 GMT

GET
H2 200 fa950252b5af4d9cbefaa070c07e0099 Show response
app.hubspot.com/conversations-visitor/1713972/threads/utk/ Frame D5EB 51 KB
18 KB 203ms
170ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/1713972/threads/utk/fa950252b5af4d9cbefaa070c07e0099?uuid=f7c47f1ffafa4c1494ba4a401a849bf1&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=book2.siblu.com&inApp53=false&messagesUtk=fa950252b5af4d9cbefaa070c07e0099&url=https%3A%2F%2Fbook2.siblu.com%2Flogin&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f30a7899ccebba252beea7c628d1a3457ba8cd81d2d237ecc43d99e15be5005e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://book2.siblu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: false
age: 1157
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 79bc52bedaf622ed-ORD
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.14640/html/index.html&cfRay=79bc52bedaf622ed&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F1713972%2Fthreads%2Futk%2Ffa950252b5af4d9cbefaa070c07e0099%3Fuuid%3Df7c47f1ffafa4c1494ba4a401a849bf1%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dbook2.siblu.com%26inApp53%3Dfalse%26messagesUtk%3Dfa950252b5af4d9cbefaa070c07e0099%26url%3Dhttps%253A%252F%252Fbook2.siblu.com%252Flogin%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fbook2.siblu.com%2F&cfenv=prod&pdt=2023-02-19&csp=ro
content-type: text/html; charset=utf-8
date: Sun, 19 Feb 2023 04:40:14 GMT
etag: W/"ad1729e2e1907eb1e45d512953249b68"
last-modified: Fri, 17 Feb 2023 07:21:12 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=79bc52bedaf622ed&resource=conversations-visitor-ui/static-1.14640/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
x-amz-cf-id: sYTHPqeKAt48bFufeFVidUQFF3oiCZ3lAgmCTQgAvmbOBc5xunPS_A==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: iAWPLasPAug3gBvht8Gxh6YuSrGLbVgY
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.14640/html/index.html
x-hs-worker-debug-mode: false

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 143ms
77ms Preflight
application/octet-stream 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://book2.siblu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://book2.siblu.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 79bc52bddd4c22c4-ORD
content-length: 0
content-type: application/octet-stream
date: Sun, 19 Feb 2023 04:40:13 GMT
server: cloudflare
timing-allow-origin: *
vary: origin

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.261/ Frame D5EB 44 KB
17 KB 118ms
34ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.261/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/1713972/threads/utk/fa950252b5af4d9cbefaa070c07e0099?uuid=f7c47f1ffafa4c1494ba4a401a849bf1&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=book2.siblu.com&inApp53=false&messagesUtk=fa950252b5af4d9cbefaa070c07e0099&url=https%3A%2F%2Fbook2.siblu.com%2Flogin&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

347c0ca962ea3849e0aa42b6781e20b81fb173ce7ae066995ecdc105d6e6b288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:14 GMT
x-amz-version-id: kbko2gWCnmOy.RSPHi9a.GgtW8kBa5z1
via: 1.1 8aaf7991e324696a1356521b2694d9b4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: ORD52-C2
age: 730972
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Feb 2023 15:15:11 GMT
server: cloudflare
etag: W/"c4604d0d0704572eba2d941c26300fcf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxTudUUAV4I80TLDgXlyWvrDNeYJHLtehd%2F%2Byq%2B0FFKLFtyvN80QCMZPAGFt670mxB9J0Sdlqdxa52vE9qREMtipq2qCoeT%2F%2F490j06ZJkCKb%2Fh2MXalHrS7h6tEgHFxuH0AtyCp%2B9u6yLyp35R%2BuX1VHXs%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 79bc52c46a202c38-ORD
x-amz-cf-id: l26hlPHpIGvm72otmm2LDx88Ylv4jLSIXHbvpbihwnNpgJ_c2GMlnQ==
expires: Mon, 19 Feb 2024 04:40:14 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.14289/sass/ Frame D5EB 20 KB
4 KB 404ms
38ms Stylesheet
text/css 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14289/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

963563d75d17a3c2b444ad4d73e3e9c24a43f6f9e121cce484aa6c7d197af73c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:15 GMT
x-amz-version-id: 8cTUQYaMqbf6Yv8IIYst6y8hd.mcxuTh
via: 1.1 1b10a38ffd552c4dda628061fab12116.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: ORD58-P3
age: 205406
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 Jan 2023 19:32:55 GMT
server: cloudflare
etag: W/"3192955eca3e03437d10c02e718e1960"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrmG6tjuTUcPYBjSIWqE5ZvTzgEWMsNRmsbb%2BQ5Z5prfeDNBxgjr9wfi2nAkmm%2B4fR7RC6WzQol5EL8CyCDN5Flm6mvdFMmIEPu3q9PLVuianKvx1aFQWr4KrZkK3BEHUCZEuiORQCTnrPSID2xTXbYWYVY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 79bc52c62d466314-ORD
x-amz-cf-id: IkAbm2n2gGionMQWHgz7kFgBTWGJQfz_mh1fTf61fIGKFU6BjKBViQ==
expires: Mon, 19 Feb 2024 04:40:15 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.354/ Frame D5EB 295 KB
94 KB 122ms
39ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.354/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2449ac1a9451021a441c818e5eaed77a5e880504ad0815c40f0f19ab84ca6cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:14 GMT
x-amz-version-id: Aj74JH9zHucnM4eKyPxhPDYcnw_QEp7F
via: 1.1 19450c4ce9c0420937890d7a72c2ab76.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: ORD58-P3
age: 197528
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 01 Feb 2023 23:38:38 GMT
server: cloudflare
etag: W/"e18613eeedf95727a868236b293e5f98"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QlxdjsuJLz0aGcpG%2BkjSUNPs%2BLlmGmu55kpvzWEF9OW7hgz7mrm%2FGmH%2FoTxMFyO7cu4GlenlD05fJSQRHWEPKW1svYqBuqjAdRbn9rV6MkfTYViowNeXRJ8uRvHlxDQp1ALKcttg%2B2hqSFCXnmKeOD36js%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 79bc52c46a212c38-ORD
x-amz-cf-id: wx7K-p-niIuJMRDZXn_wvHas5xMXDB9_uiwMdjsRUYZesmi85VVePg==
expires: Mon, 19 Feb 2024 04:40:14 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.14640/bundles/ Frame D5EB 608 KB
178 KB 146ms
63ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14640/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfa6a1cb66b310a8c5d5181deaa54ea7d6ac92a536591ce414e55ebc1f417d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:14 GMT
x-amz-version-id: TVm.0mSakMQ0gV.a7hm6lld73WXrGtIv
via: 1.1 91e7f6dd5130ccc0c1247b2da038e3de.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: ORD52-C2
age: 383099
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 14 Feb 2023 18:08:36 GMT
server: cloudflare
etag: W/"217ca4f7bd8da69d7e32f35525a0ace0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tu5bxlUS8ah2ZKvBFMK35Wb2yvqCuwW2%2B5zBjAzImurZoZSEsRzcSnQnQQODTESDYXgIq%2FK31geKXE%2FYI0PF7a08kLpVH%2FYaoNIPgQwA9IYp53yFzAUQ7axZGD0Ak%2BtkpzEmxsmUCzwg5nGd9gQGvAfK%2BTQ%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 79bc52c46a222c38-ORD
x-amz-cf-id: NbGQIeGTANdt1tchbK8Lm7gRDyUtPeGi3xgOSK2o1fqxezmcsxOAgg==
expires: Mon, 19 Feb 2024 04:40:14 GMT

GET
H2 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.14602/ Frame D5EB 776 B
909 B 40ms
39ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14602/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.14640/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

191ee93668b8142afd97a4cc0df61ab61d58f68a820f7ea5466ca2568d5c290d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:15 GMT
x-amz-version-id: Gjc1mqdGhnc1u9vzrDKRHsudItDKsByw
via: 1.1 7fa75077148a5e108de410272ea8ccc4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: ORD52-C2
age: 728832
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Feb 2023 16:20:39 GMT
server: cloudflare
etag: W/"3801c6ecbf979caf71a46cea9d9962c6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3s1cLkudOlk5iigcVw3YyVWxpiG1XgMGjCMAKQXyyH6M2A7cUpdgyXeu%2Fvh7Y5oJFONVzjnYVyQCn71A8S2m5Yfv4JvkKoTR9pLddO5I1TehJ%2BWukGR4ykVYM%2BI%2BP6m0eGSYQhHMLitiMORcAa7P8KkREM%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 79bc52c77dd32c38-ORD
x-amz-cf-id: c7AmxnxJ66FEf0G3JBhMoncDN-od4TYmLAzklmOdX4xiK9MYcb4yjA==
expires: Mon, 19 Feb 2024 04:40:15 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
407 B 130ms
96ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1878800189&v=1.1&a=1713972&pu=https%3A%2F%2Fbook2.siblu.com%2Flogin&t=Secure+login+%7C+Natural+HR&cts=1676781615374&vi=b3360f4464dbdc7a9f35a898b8d2c324&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9beac96f-4fb3-4b8e-b95d-cc90ef93fcfe
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTjofHIyWIVXZkMUZkVyd5iutQOlgcNrxFvVvzcu8s%2F%2Fqi3pYlHUu3BEgYSGRLG9HsA5yRFnHa%2FxEIv5gjPwE9lZDahXCIHRAsLHkN1wVDQr4h%2Fzv5MgfCg3boPgU3%2Bj0yrCO2DzjuzGaWWnOn1g"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 79bc52c87e3822ed-ORD
x-robots-tag: none

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
216 B 70ms
67ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
x-hubspot-correlation-id: d38b78bf-7f0d-4fda-ace0-695eef5ceed9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
last-modified: Sun, 19 Feb 2023 04:40:15 GMT
server: cloudflare
x-trace: 2BBC250A4B855F7C0AACA2D2A2E93E2510A6572BA0000000000000000000
vary: origin, Accept-Encoding
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 79bc52c8487d2a72-ORD

GET
H2 200 __pto.gif
track.hubspot.com/ 45 B
390 B 128ms
94ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__pto.gif?w=1676781615378&m=ReferenceError%3A+hsVars+is+not+defined&j=1.1&n=ReferenceError&x=ReferenceError%3A+hsVars+is+not+defined%0A++++at+https%3A%2F%2Fjs.hscta.net%2Fcta%2Fcurrent.js%3A1%3A1556%0A++++at+i+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1676781600000%2F1713972.js%3A20%3A43442)%0A++++at+hstc.tracking.Runner.processHsq+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1676781600000%2F1713972.js%3A20%3A44188)%0A++++at+hstc.tracking.Runner.run+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1676781600000%2F1713972.js%3A20%3A43386)%0A++++at+i+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1676781600000%2F1713972.js%3A20%3A65440)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 01a8e32c-aeba-43c6-a775-30a0b84b4012
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4qNXNK27ISF7jbvd3jMXy8a5WiMOQii7JN3mIAlxxu6bRmBVP1Y47oxQ8lIsVzsv%2BfoS0d1msLFY4y0aCRbxKraWSg%2Fpa5HF4n6C%2FuPFp90f%2BIQeqIG5qVl2QV88o9t1NqMJGh1lm%2B%2BKfgscy5O"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 79bc52c87e3522ed-ORD
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
607 B 126ms
93ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%2286c51aef-0646-4936-b18c-12223b0032fe%22%2C%2286058643-dcc5-4245-8a65-53b9e2a2b349%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1878800189&v=1.1&a=1713972&pu=https%3A%2F%2Fbook2.siblu.com%2Flogin&t=Secure+login+%7C+Natural+HR&cts=1676781615384&vi=b3360f4464dbdc7a9f35a898b8d2c324&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://book2.siblu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:40:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a6a2f560-9b44-4f11-b8a8-12a5748e1766
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voabtILw447NcCZl0FkJNP6V7PWgd99mENtRxIu4%2FYSURuPnebydt9RuCl%2BNmvBzU%2FdsFo8WYSeWMvEeFP4kxsX24gESa9iZuJ8OAC%2FCA0nSoMV9fe%2BJ7kJ%2FhoAik0lG0gOY8HFNV%2FfPity9PNyE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 79bc52c87e3722ed-ORD
x-robots-tag: none

POST
H3 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame D5EB 0
1 KB 105ms
102ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.14640

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.14640/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/conversations-visitor/1713972/threads/utk/fa950252b5af4d9cbefaa070c07e0099?uuid=f7c47f1ffafa4c1494ba4a401a849bf1&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=book2.siblu.com&inApp53=false&messagesUtk=fa950252b5af4d9cbefaa070c07e0099&url=https%3A%2F%2Fbook2.siblu.com%2Flogin&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 04:40:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 54fc8736-080a-460d-99c7-c7807f99d1c8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UU1kaI2lxhQXzYUWkQRtrsZZI87FHiVLbRn%2B0wDzJQkUrKShjObgOsWtQ7Mne0FJagC215b%2BD3CZKMpWkuI6ag1RsIOK4sW5I69JIUjOgrfUlkZN22JkLr4vrmCIAo7TYNy7gxVpGhIKI5T1Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
cf-ray: 79bc52c8cea5231c-ORD
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
book2.siblu.com/	1969-12-31 23:59:59	Name: SERVERID Value: srv2_cdde_177
book2.siblu.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7dda9b8e74205367d0acc713ae0b98d9
.siblu.com/	1970-01-20 19:22:21	Name: _ga Value: GA1.2.1130454274.1676781613
.siblu.com/	1970-01-20 09:47:48	Name: _gid Value: GA1.2.626543169.1676781613
.siblu.com/	1970-01-20 09:46:21	Name: _gat Value: 1
.hubspot.com/	1970-01-20 09:46:23	Name: __cf_bm Value: u1.g8JYDGhnrgmDMiB_LwqFwzm.YqMU2K09smi5WZnU-1676781613-0-AcYz8bRM6NbrYRemxHwdKJP/gfW4VVjg4Lo77Ukdq6A8+jKA73dF1Bu9yGDkthLGDCkurvodyM+zhu/7E2dEfXA=
.book2.siblu.com/	1970-01-20 14:05:33	Name: messagesUtk Value: fa950252b5af4d9cbefaa070c07e0099

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://book2.siblu.com/login(Line 142) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.trust-provider.com/trustlogo/javascript/trustlogo.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://book2.siblu.com/login(Line 142) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.trust-provider.com/trustlogo/javascript/trustlogo.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.hubspot.com
book2.siblu.com
cta-service-cms2.hubspot.com
f.hubspotusercontent20.net
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscta.net
js.hsleadflows.net
js.usemessages.com
no-cache.hubspot.com
perf.hsforms.com
secure.trust-provider.com
ssl.comodo.com
ssl.comodoca.com
static.hsappstatic.net
stats.g.doubleclick.net
track.hubspot.com
www.google-analytics.com
www.google.com
www.gstatic.com
104.17.210.204
2606:4700:4400::6812:21ab
2606:4700::6810:5905
2606:4700::6811:43b0
2606:4700::6811:74b0
2606:4700::6811:9d2
2606:4700::6811:dbbd
2606:4700::6811:dfcc
2606:4700::6811:e6cc
2606:4700::6811:ebcc
2606:4700::6813:9a53
2607:f8b0:4004:c08::9b
2607:f8b0:4006:80d::200a
2607:f8b0:4006:816::2003
2607:f8b0:4006:81e::2004
2607:f8b0:4006:81f::2003
2607:f8b0:4006:822::200e
31.193.0.73
34.193.96.49
45.76.13.51
91.199.212.148
014428424f68097441548d1f3fcbed2f1f1fd52327e49c01bdb9dce25eed3353
0577df99b72b2ae56113f90071970715e694d20cd0ab30a0cfd51db349a4ed7b
0ea3ffab2197a506f50340ec177c79ce2c6ebc5d52d683d3b9147be4c3b7252f
191ee93668b8142afd97a4cc0df61ab61d58f68a820f7ea5466ca2568d5c290d
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ba30b444f0489b7da1ca80092c7879835ba96404751aabbdb2647de4261fa05
215a8dd857c1db398e9e952549e117c47796dabf87017fbec852ade2a0237bc1
23d3177dc8eab772a524bd427ccaf24402114bc950d143595f697886cbba2988
2449ac1a9451021a441c818e5eaed77a5e880504ad0815c40f0f19ab84ca6cfa
260f37f36bd12b760a844a65ea0edb68e3ac332b587a9d4f0a97fe7d21446fb1
2ca868284b8245a0e2511058f4b9977a369425cf92ff7d4685fef4eea3712537
2f9ac2df3388df069df1f7cb45850c441d9362358a01e3a2f5ebe728c701ff90
327d3f6333cdbcb4e949d2514c9e2429e44d58a40ea1021e26ccb86cf8fd5494
347c0ca962ea3849e0aa42b6781e20b81fb173ce7ae066995ecdc105d6e6b288
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43c011143e4d8225a20e95f43b8852480281184d6e1e3d4671f1299e6079575f
53e889ec0ff84d0673b7de59c593d0fef76f059e6180c221995aa143a15db19a
55e1103cd2805329398f27c49f11291aba338ae9415c68471f98ae240a242404
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ed1250decbe77a24475a7d0fe054078ffe2686fd8d67c7e6caf66df7d0f61cd
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6a0a0032ba02d47e1620bb1f7aa60595f0324ca704386aa912a79f59a10203da
6a8d73fd166e03d8e1c024ac60d01d9110c4ac56b45f5bb402739e4095d4a95b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
705b9727b7006e1a491001247d48e0bb01cdb75d2bf3f9219e85ef2a4e016c01
79c9c324764235b02a9c194df530961fc1e5a1a579110cfa6899b4d8d06d89d3
83d6fb14173fb1706ac8e030bad576ec793fa663b543cbc817fba51b04d046fd
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
963563d75d17a3c2b444ad4d73e3e9c24a43f6f9e121cce484aa6c7d197af73c
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
ab246fdab4d6ed2be1fd10cba9ccc189573826e8fee5e44aed6a09e0159c4a26
adf310fd6682181b88d09156e4264f805f5c9d67c2213c381e2cdedd4c7d53c0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b345abe33a4f53c748b8b6858bbe2c0380add9fbbec748044d2e76d6f0bd681d
c2202e679bb44e2a87b0f6e1610d1c52ca0614bef0544eb3a6c04cc7eeeb7380
c650b4197c674ae65ef9d49d9423c627368b3c41ccd8d0d10f83e52336686c3e
ca472483ae5f827a47b8bf7efede38c1fb5124c7319fd8ab4fee7b1e6baf8fbd
cfa6a1cb66b310a8c5d5181deaa54ea7d6ac92a536591ce414e55ebc1f417d4c
d2e79dc03b0e91d59440ed9cc34f6ce636a7610c17a912c27b91ce18ce88cf86
d65972a937b028882f32fe27170f751f510c21d755e9b662902a84be002ba04a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45902c0c28d8a669a37a61914c1eb760b093f7cc2d41693d52f82327329218d
e70325beb163682ecb5617a87028cf6a646382e9eb94bc830e7d21cb8fa241e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30a7899ccebba252beea7c628d1a3457ba8cd81d2d237ecc43d99e15be5005e
f7455fff3d4e08245186e113636f69cbc44679bdf8870de5e4fd9a835e3d2e93
fd43cd92e272c2e3872abd9559900116d85f2899e76c00015c59360060bcf062

book2.siblu.com Open in urlscan Pro 31.193.0.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

77 %HTTPS

76 %IPv6

20 Domains

25 Subdomains

21 IPs

3 Countries

1936 kBTransfer

4967 kBSize

7 Cookies

5 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

book2.siblu.com Open in urlscan Pro
31.193.0.73 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

77 %
HTTPS

76 %
IPv6

20
Domains

25
Subdomains

21
IPs

3
Countries

1936 kB
Transfer

4967 kB
Size

7
Cookies

56 HTTP transactions
1 data transactions