app.sermo.com Open in urlscan Pro
34.224.155.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.sermo.com/user/login?woo_campaign=mc&amp
Submission: On November 20 via manual (November 20th 2024, 4:03:35 pm UTC) from US — Scanned from DE

Summary HTTP 86 Redirects Behaviour Indicators

Summary

This website contacted 41 IPs in 3 countries across 29 domains to perform 86 HTTP transactions. The main IP is 34.224.155.36, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.sermo.com. The Cisco Umbrella rank of the primary domain is 469032.
TLS certificate: Issued by Amazon RSA 2048 M02 on October 14th 2024. Valid for: a year.

This is the only time app.sermo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	34.224.155.36 34.224.155.36	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	52.5.79.223 52.5.79.223	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	104.102.43.106 104.102.43.106	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:15::213:7e4a	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
1	16.15.184.78 16.15.184.78	14618 (AMAZON-AES) (AMAZON-AES)
1	52.7.151.245 52.7.151.245	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:1ec:29:1... 2620:1ec:29:1::43	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	172.66.0.227 172.66.0.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
1	18.210.229.244 18.210.229.244	14618 (AMAZON-AES) (AMAZON-AES)
1	18.211.125.216 18.211.125.216	14618 (AMAZON-AES) (AMAZON-AES)
1	34.233.14.26 34.233.14.26	14618 (AMAZON-AES) (AMAZON-AES)
5	20.122.63.128 20.122.63.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	34.210.219.79 34.210.219.79	16509 (AMAZON-02) (AMAZON-02)
3 4	34.102.246.198 34.102.246.198	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
2	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	52.12.117.226 52.12.117.226	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
1	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
3	2600:1f10:469... 2600:1f10:469b:a101:5aaf:fd37:393b:3e9c	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
2	13.225.78.31 13.225.78.31	16509 (AMAZON-02) (AMAZON-02)
86	41

18 34.224.155.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-155-36.compute-1.amazonaws.com

app.sermo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.79.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-79-223.compute-1.amazonaws.com

aim-tag.hcn.health	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.43.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-43-106.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:15::213:7e4a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 16.15.184.78 (United States)

ASN14618 (AMAZON-AES, US)

shared-site-files.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.151.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-151-245.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::43 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.229.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-229-244.compute-1.amazonaws.com

18.210.229.244	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.125.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-125-216.compute-1.amazonaws.com

www.medtargetsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.233.14.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-14-26.compute-1.amazonaws.com

aim-tag.hcn.health	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.210.219.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-219-79.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.102.246.198 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 198.246.102.34.bc.googleusercontent.com

trc.lhmos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.20 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.12.117.226 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-117-226.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f200.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f10:469b:a101:5aaf:fd37:393b:3e9c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

cognito-identity.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-31.fra2.r.cloudfront.net

pinpoint.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	sermo.com app.sermo.com — Cisco Umbrella Rank: 469032	3 MB
7	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 625 p.clarity.ms — Cisco Umbrella Rank: 9040	30 KB
6	amazonaws.com shared-site-files.s3.amazonaws.com cognito-identity.us-east-1.amazonaws.com — Cisco Umbrella Rank: 2991 pinpoint.us-east-1.amazonaws.com — Cisco Umbrella Rank: 11708	6 KB
5	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 333 px4.ads.linkedin.com — Cisco Umbrella Rank: 7032	2 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	427 KB
4	lhmos.com 3 redirects trc.lhmos.com — Cisco Umbrella Rank: 11856	916 B
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	420 B
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 4508 px.mountain.com — Cisco Umbrella Rank: 4662 gs.mountain.com — Cisco Umbrella Rank: 9640	9 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 3353	22 KB
3	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 495	3 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	324 B
2	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1088	121 B
2	bing.net bat.bing.net — Cisco Umbrella Rank: 8327	464 B
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 2010 alb.reddit.com — Cisco Umbrella Rank: 1418	761 B
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1095	13 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	79 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 359	15 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3671	7 KB
2	hcn.health aim-tag.hcn.health — Cisco Umbrella Rank: 12313	30 KB
1	google.de www.google.de — Cisco Umbrella Rank: 10745	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	543 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 377	149 B
1	medtargetsystem.com www.medtargetsystem.com — Cisco Umbrella Rank: 11400
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 991	724 B
1	t.co t.co — Cisco Umbrella Rank: 904	627 B
1	gstatic.com www.gstatic.com	218 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1016	16 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 831	14 KB
1	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1188	2 KB
86	29

	Domain	Requested by
18	app.sermo.com	app.sermo.com
5	p.clarity.ms	www.clarity.ms app.sermo.com
5	www.googletagmanager.com	app.sermo.com www.googletagmanager.com
4	trc.lhmos.com	3 redirects aim-tag.hcn.health
4	www.facebook.com	app.sermo.com
4	px.ads.linkedin.com	1 redirects snap.licdn.com
3	cognito-identity.us-east-1.amazonaws.com	app.sermo.com
3	secure.adnxs.com	2 redirects app.sermo.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com app.sermo.com
2	pinpoint.us-east-1.amazonaws.com	app.sermo.com
2	region1.analytics.google.com	app.sermo.com
2	match.deepintent.com	aim-tag.hcn.health app.sermo.com
2	px.mountain.com	dx.mountain.com px.mountain.com
2	bat.bing.net	bat.bing.com app.sermo.com
2	www.clarity.ms	app.sermo.com www.clarity.ms
2	www.redditstatic.com	www.googletagmanager.com www.redditstatic.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	bat.bing.com	www.googletagmanager.com bat.bing.com
2	munchkin.marketo.net	app.sermo.com munchkin.marketo.net
2	aim-tag.hcn.health	app.sermo.com aim-tag.hcn.health
1	www.google.de	app.sermo.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	gs.mountain.com	px.mountain.com
1	match.adsrvr.org	app.sermo.com
1	www.medtargetsystem.com	aim-tag.hcn.health
1	analytics.twitter.com	app.sermo.com
1	t.co	app.sermo.com
1	alb.reddit.com	app.sermo.com
1	pixel-config.reddit.com	www.redditstatic.com
1	px4.ads.linkedin.com	app.sermo.com
1	www.gstatic.com	www.recaptcha.net
1	region1.google-analytics.com	www.googletagmanager.com app.sermo.com
1	dx.mountain.com	app.sermo.com
1	shared-site-files.s3.amazonaws.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	www.recaptcha.net	app.sermo.com
86	38

This site contains no links.

Subject Issuer	Validity	Valid
*.sermo.com Amazon RSA 2048 M02	`2024-10-14` - `2025-11-11`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
aim-tag-web.prod.taiga.cloud Amazon RSA 2048 M02	`2024-09-12` - `2025-10-11`	a year	crt.sh
misc.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2024-10-22` - `2025-10-24`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-29` - `2024-11-27`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-06` - `2025-04-03`	6 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2024-05-23` - `2025-06-24`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-10-13` - `2025-04-11`	6 months	crt.sh
t.co E5	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-30` - `2025-09-29`	a year	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-27` - `2025-04-25`	6 months	crt.sh
18.210.229.244 Sectigo RSA Domain Validation Secure Server CA	`2024-01-24` - `2025-02-13`	a year	crt.sh
medtargetsystem.com Amazon RSA 2048 M03	`2024-08-23` - `2025-09-21`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2023-12-01` - `2025-01-01`	a year	crt.sh
trc.lhmos.com WR3	`2024-10-17` - `2025-01-15`	3 months	crt.sh
cognito-identity.us-east-1.amazonaws.com Amazon RSA 2048 M03	`2024-10-10` - `2025-11-08`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.de WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
pinpoint.us-east-1.amazonaws.com Amazon RSA 2048 M03	`2024-08-09` - `2025-09-06`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://app.sermo.com/user/login?woo_campaign=mc&amp
Frame ID: B3EFD0404EBCEAA11DD411DE4F86AA93
Requests: 81 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fapp.sermo.com
Frame ID: F081ACA76D4299A2381EE199A7130BC0
Requests: 1 HTTP requests in this frame

Frame: https://www.medtargetsystem.com/iframe/transition?client-origin=https%3A%2F%2Fapp.sermo.com
Frame ID: 612DF665EEB78BB6CDB9E0086CB7DA46
Requests: 1 HTTP requests in this frame

Frame: https://aim-tag.hcn.health/iframe.html?client-origin=https%3A%2F%2Fapp.sermo.com&pageview-id=fae4e440-a758-11ef-bb7e-979a06008afe&stps=%7B%7D
Frame ID: DFE2AF0BB2AD918BB258B5F9DB16D401
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sermo

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

86
Requests

94 %
HTTPS

30 %
IPv6

29
Domains

38
Subdomains

41
IPs

3
Countries

4066 kB
Transfer

10580 kB
Size

35
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4486017&time=1732118607300&url=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4486017&time=1732118607300&url=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&tm=gtmv2&e_ipv6=AQL0Ouw-iWjdmAAAAZNKUHaQVN1-pp1AsYhtDAhDhlEpXjMZ1pGlvTAIgSI9b5nNgd0mTHo

Request Chain 47

https://trc.lhmos.com/enrich/data/jsonp?mcode=15710&mid=47&callback=jsonp_1732118608877_56607 HTTP 302
https://secure.adnxs.com/getuidp?callback=jsonp_1732118608877_56607

Request Chain 49

https://trc.lhmos.com/uid/set?aimsessionidv4=fb55a770-a758-11ef-9f46-87f618d7efd7&dgid=UNK&mcode=15710&mid=47 HTTP 302
https://secure.adnxs.com/getuidu?https://trc.lhmos.com/uid/save/?uid=$UID&aimsessionidv4=fb55a770-a758-11ef-9f46-87f618d7efd7&dgid=UNK&mcode=15710&mid=47 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Ftrc.lhmos.com%2Fuid%2Fsave%2F%3Fuid%3D%24UID%26aimsessionidv4%3Dfb55a770-a758-11ef-9f46-87f618d7efd7%26dgid%3DUNK%26mcode%3D15710%26mid%3D47 HTTP 302
https://trc.lhmos.com/uid/save/?uid=3598308295076104114&aimsessionidv4=fb55a770-a758-11ef-9f46-87f618d7efd7&dgid=UNK&mcode=15710&mid=47 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=v0gsn3b&ttd_tpi=1&ttd_puid=47&ttd_puid=UNK&ttd_puid=3598308295076104114&ttd_puid=null&ttd_puid=476d4424-d963-45d2-bb0a-6f8de8f74e6c&ttd_puid=&ttd_puid=fb55a770-a758-11ef-9f46-87f618d7efd7

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
app.sermo.com/user/ 144 KB
145 KB 565ms
241ms Document
text/html 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/user/login?woo_campaign=mc&amp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

0606ab84860831bec563ad9e2d0a3be3d91c1218493e027a56f77ae112b713b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-type: text/html; charset=utf-8
date: Wed, 20 Nov 2024 16:03:25 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=1800; includeSubDomains
x-frame-options: SAMEORIGIN

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 368 KB
119 KB 216ms
82ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KNDXZWF

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

644d1231955a54ac88f0b1eae950862434ace7120d54a3463a3d45a476048204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 20 Nov 2024 16:03:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 16:03:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 121503
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 tracking.js Show response
app.sermo.com/assets/ads/marketing/ 34 B
555 B 140ms
130ms Script
text/javascript 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/assets/ads/marketing/tracking.js

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

8e25b2533406e1df711c4c459b2b236f0e70526574fd8d1bb3dd92d61e1339ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/user/login?woo_campaign=mc&amp

Response headers

strict-transport-security: max-age=1800; includeSubDomains
etag: "1db3ac888c45522"
accept-ranges: bytes
content-length: 34
date: Wed, 20 Nov 2024 16:03:26 GMT
content-type: text/javascript
last-modified: Tue, 19 Nov 2024 21:18:10 GMT
server: Kestrel

GET
H2 200 client.js Show response
aim-tag.hcn.health/js/ 79 KB
30 KB 1414ms
1025ms Script
text/javascript 52.5.79.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aim-tag.hcn.health/js/client.js?dl=aimDataLayer
Requested by: Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.79.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-79-223.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: f6f3b00cb69d550a049c3f6416b9ae18284618a59bc172872dffba9e2953f187

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://app.sermo.com
Referer: https://app.sermo.com/

Response headers

cache-control: no-cache, public, max-age=86400
content-encoding: gzip
access-control-allow-origin: *
content-length: 30409
date: Wed, 20 Nov 2024 16:03:26 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
server: awselb/2.0

GET
H2 200 786.f03560fb0e8096725c88.css
app.sermo.com/css/ 5 KB
1 KB 132ms
123ms Stylesheet
text/css 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/css/786.f03560fb0e8096725c88.css

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

349577c24efc896683e80bfecc416da4b1d2b224081e8fbc3ec1f5b58355711a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/user/login?woo_campaign=mc&amp

Response headers

strict-transport-security: max-age=1800; includeSubDomains
content-encoding: gzip
etag: "1db3ac888c4573d"
accept-ranges: bytes
content-length: 573
date: Wed, 20 Nov 2024 16:03:26 GMT
content-type: text/css
last-modified: Tue, 19 Nov 2024 21:18:10 GMT
server: Kestrel

GET
H2 200 main.199a64ae792571a84945.css
app.sermo.com/css/ 519 KB
33 KB 138ms
129ms Stylesheet
text/css 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/css/main.199a64ae792571a84945.css

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

67e0743a7d77be1773679ecee1caa0589728f7fc0cc6a8484b611b23f08b7be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/user/login?woo_campaign=mc&amp

Response headers

strict-transport-security: max-age=1800; includeSubDomains
content-encoding: gzip
etag: "1db3ac888c4d4a2"
accept-ranges: bytes
content-length: 33186
date: Wed, 20 Nov 2024 16:03:26 GMT
content-type: text/css
last-modified: Tue, 19 Nov 2024 21:18:10 GMT
server: Kestrel

GET
H2 200 runtime~main.981e88fc795e146a83e2.bundle.js Show response
app.sermo.com/scripts/ 7 KB
4 KB 131ms
130ms Script
text/javascript 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/scripts/runtime~main.981e88fc795e146a83e2.bundle.js

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

75784ad51fc5dd62b40a1cacb3c14fe96f0fede20e98036d08c11c64f53dd013

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/user/login?woo_campaign=mc&amp

Response headers

strict-transport-security: max-age=1800; includeSubDomains
content-encoding: gzip
etag: "1db3ac888c45875"
accept-ranges: bytes
content-length: 3445
date: Wed, 20 Nov 2024 16:03:26 GMT
content-type: text/javascript
last-modified: Tue, 19 Nov 2024 21:18:10 GMT
server: Kestrel

GET
H2 200 786.8de1b22d96740f0114f9.bundle.js Show response
app.sermo.com/scripts/ 3 MB
681 KB 131ms
130ms Script
text/javascript 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/scripts/786.8de1b22d96740f0114f9.bundle.js

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

8b64f27f00072df2a2b710b529cfcb6412de669be65dea587bde1ddf0dc967f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/user/login?woo_campaign=mc&amp

Response headers

strict-transport-security: max-age=1800; includeSubDomains
content-encoding: gzip
etag: "1db3ac888cef5a7"
accept-ranges: bytes
content-length: 696487
date: Wed, 20 Nov 2024 16:03:26 GMT
content-type: text/javascript
last-modified: Tue, 19 Nov 2024 21:18:10 GMT
server: Kestrel

GET
H2 200 main.ec5006b35db12625e9d2.bundle.js Show response
app.sermo.com/scripts/ 5 MB
2 MB 137ms
136ms Script
text/javascript 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/scripts/main.ec5006b35db12625e9d2.bundle.js

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

ce6001ec997e1bea552961443bc12eebfc155420f0baee24fc7457811b35ff03

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/user/login?woo_campaign=mc&amp

Response headers

strict-transport-security: max-age=1800; includeSubDomains
content-encoding: gzip
etag: "1db3ac888e775f9"
accept-ranges: bytes
content-length: 2302201
date: Wed, 20 Nov 2024 16:03:26 GMT
content-type: text/javascript
last-modified: Tue, 19 Nov 2024 21:18:10 GMT
server: Kestrel

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 140ms
139ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-997174-20

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

920ae736f0750908713ef0d221c418ba4228a3c02281d3078a1635a721c499c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 20 Nov 2024 16:03:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 16:03:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81390
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 2 KB
2 KB 881ms
427ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c012c1bb0b8b90f58253e5479d440073387cd493ff95381df95c5c7fb109919e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 16:03:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Wed, 20 Nov 2024 16:03:26 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 885ms
180ms Script
application/x-javascript 104.102.43.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.43.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-43-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2091f1ff92cc073e178dca31707853e0cc6cd913a5344a8978f040fa373efa6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

Content-Encoding: gzip
ETag: "e75e5ba140b1c7e6ea79786633c1ba0d:1731465879.778595"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 741
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Date: Wed, 20 Nov 2024 16:03:27 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 13 Nov 2024 02:44:39 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
99 KB 71ms
70ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3JJQ97XQN4&l=dataLayer&cx=c&gtm=457e4bj0za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-997174-20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7fba8604d0bfe0e226a1484179928aae756ae921954d735490fdf9439733401c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 20 Nov 2024 16:03:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 16:03:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100792
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 272ms
85ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-997174-20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

content-encoding: gzip
age: 4922
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 16:41:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 14:41:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

POST
H3 200 collect
www.google.com/ccm/ 0
0 293ms
69ms Ping
text/plain 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin&scrsrc=www.googletagmanager.com&frm=0&rnd=2083304033.1732118607&auid=261968504.1732118607&npa=1&gtm=45He4bj0v813214453za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732118606932&tfd=1470&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNDXZWF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 347ms
105ms Script
application/javascript 2a02:26f0:480:15::213:7e4a
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNDXZWF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:15::213:7e4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

cache-control: max-age=66457
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Wed, 20 Nov 2024 16:03:27 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 408ms
112ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNDXZWF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0AB128F9A288496D96D59934E1230168 Ref B: FRA31EDGE0420 Ref C: 2024-11-20T16:03:27Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Wed, 20 Nov 2024 16:03:27 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 57 KB
16 KB 349ms
102ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNDXZWF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15926
date: Wed, 20 Nov 2024 16:03:27 GMT
x-tw-cdn: FT
last-modified: Tue, 29 Oct 2024 00:10:26 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000084-IAD, cache-fra-etou8220054-FRA
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 245 KB
62 KB 261ms
75ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNDXZWF

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

1aece686ac161180b8b90259b6ddf269cd9ab7a893ca3fd36d2d2d17deaf6be5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-XkSI9LhH' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 16:03:27 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-XkSI9LhH' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=73, rtx=0, c=23, mss=1232, tbw=4448, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: 0X8txpvOtGNtTmDmsj+OBhApg5iWcIKO69bgj8v22d7Ve5WmRkFPBx5Qo+Kt5Jjg6HO4H6RC+Pvtj7mcYBtoRQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 63583
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 43 KB
13 KB 334ms
105ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNDXZWF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

cache-control: public, max-age=60
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding: gzip
etag: "1a001f3a066bff47a766099b87253911"
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 12220
date: Wed, 20 Nov 2024 16:03:27 GMT
last-modified: Mon, 18 Nov 2024 21:16:35 GMT
content-type: application/javascript
vary: Accept-Encoding,Origin
server: snooserv
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK adfire_id_npi_v2.js Show response
shared-site-files.s3.amazonaws.com/js/ 2 KB
3 KB 515ms
158ms Script
application/javascript 16.15.184.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://shared-site-files.s3.amazonaws.com/js/adfire_id_npi_v2.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNDXZWF
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.15.184.78 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99f904e5cd52bf1d14114dc90c9526b908a6f2315667aef101e748985e18db67

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

x-amz-id-2: UkRTe7TltppoHy8HXQG4B1rY1f4LBGDc1I5jO1kcU9CCx7xF+DEkTlAKrAvpxo2/0pu9tsz/3gum+ZWXyiiF9WTiHW77fsfx
ETag: "0d90438e2b0a1793f2f8e4517682f407"
x-amz-request-id: KY97WS6DDCXXM7YY
Accept-Ranges: bytes
Content-Length: 2421
Date: Wed, 20 Nov 2024 16:03:28 GMT
Last-Modified: Fri, 26 May 2023 19:00:50 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 19 KB
5 KB 643ms
139ms Script
application/javascript 52.7.151.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=38304&tdr=&plh=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&cb=52683328408143450term=value
Requested by: Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.151.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-151-245.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 80524349f4e0d0f4e35ac553ece82da5b6197ba7cb02ead18814c77256e8f3ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

transfer-encoding: chunked
content-encoding: gzip
x-envoy-upstream-service-time: 2
expires: Thu, 01 Jan 1970 00:00:00 GMT
be: spx-prod
date: Wed, 20 Nov 2024 16:03:26 GMT
content-type: application/javascript;charset=utf-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: istio-envoy

GET
H2 200 oij161oq2s Show response
www.clarity.ms/tag/ 553 B
810 B 581ms
171ms Script
application/x-javascript 2620:1ec:29:1::43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/oij161oq2s?ref=gtm2
Requested by: Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 17b0a9a73a41ae040a0ebb1ab7d9bd39a83c02dfcd185889bb13c38bf25cfdc1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 553
date: Wed, 20 Nov 2024 16:03:27 GMT
content-type: application/x-javascript
x-azure-ref: 20241120T160327Z-179d85bf68cvl6szhC1FRA61q400000007300000000065x7

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame F081 0
0 242ms
50ms Document
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fapp.sermo.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNDXZWF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 69806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Nov 2024 20:40:01 GMT
expires: Wed, 19 Nov 2025 20:40:01 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 244ms
79ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3JJQ97XQN4&gtm=45je4bj0v9126268386za200&_p=1732118606328&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1043120177.1732118607&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1732118607&sct=1&seg=0&dl=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&dt=Sermo&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1658
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3JJQ97XQN4&l=dataLayer&cx=c&gtm=457e4bj0za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://app.sermo.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 16:03:27 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
417 B 74ms
72ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1566564979&t=pageview&_s=1&dl=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&ul=de-de&de=UTF-8&dt=Sermo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAACAAI~&jid=1533024440&gjid=64185100&cid=1043120177.1732118607&tid=UA-997174-20&_gid=1583874053.1732118607&_r=1&gtm=457e4bj0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&npa=1&z=1456674548

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://app.sermo.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 16:03:27 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://app.sermo.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 549 KB
218 KB 136ms
58ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://app.sermo.com
Referer: https://app.sermo.com/

Response headers

content-encoding: gzip
age: 24930
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 09:07:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 09:07:57 GMT
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222835
x-xss-protection: 0
server: sffe

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
434 B 312ms
193ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.sermo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3C90BC04E40C4F8CA5E1677D4BAC8152 Ref B: FRAEDGE1617 Ref C: 2024-11-20T16:03:27Z
x-li-fabric: prod-lva1
access-control-allow-credentials: true
x-li-uuid: AAYnWkpPAFvoYGl1W1my4Q==
x-li-proto: http/2
access-control-allow-origin: https://app.sermo.com
x-cache: CONFIG_NOCACHE
date: Wed, 20 Nov 2024 16:03:27 GMT
vary: Origin

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
810 B 286ms
167ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=4486017&time=1732118607300&url=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://app.sermo.com/

Response headers

x-li-pop: afd-prod-lva1-x
content-encoding: gzip
x-fs-uuid: 0006275a4a4efe036d0fa2e1a6696c8e
x-msedge-ref: Ref A: 898358AD84A441CDB7D3FAA36650133C Ref B: FRAEDGE1105 Ref C: 2024-11-20T16:03:27Z
x-li-fabric: prod-lva1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYnWkpO/gNtD6Lhpmlsjg==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Wed, 20 Nov 2024 16:03:26 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4486017&time=1732118607300&url=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&tm=gtmv2
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4486017&time=1732118607300&url=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&tm=gtmv2&e_ipv6=AQL0Ouw-iWjdmAAAAZNKUHaQVN1-p...

0
265 B

306ms
171ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4486017&time=1732118607300&url=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&tm=gtmv2&e_ipv6=AQL0Ouw-iWjdmAAAAZNKUHaQVN1-pp1AsYhtDAhDhlEpXjMZ1pGlvTAIgSI9b5nNgd0mTHo
Requested by: Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A68E0205DEE5412186BA4EB9DF8FF357 Ref B: FRAEDGE2018 Ref C: 2024-11-20T16:03:27Z
x-li-fabric: prod-lva1
x-li-uuid: AAYnWkpTUJzbtDh2SZDj3w==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 20 Nov 2024 16:03:27 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4486017&time=1732118607300&url=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&tm=gtmv2&e_ipv6=AQL0Ouw-iWjdmAAAAZNKUHaQVN1-pp1AsYhtDAhDhlEpXjMZ1pGlvTAIgSI9b5nNgd0mTHo
x-msedge-ref: Ref A: 5F70270CE2474CE289E68ECA0C667FA7 Ref B: FRAEDGE1617 Ref C: 2024-11-20T16:03:27Z
x-li-fabric: prod-lva1
x-li-uuid: AAYnWkpPAKRlZ5oCmrolOw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 20 Nov 2024 16:03:27 GMT

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/a2_eswhb1vwqck2/ 3 B
124 B 161ms
55ms XHR
application/json 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/a2_eswhb1vwqck2/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27
date: Wed, 20 Nov 2024 16:03:27 GMT
content-type: application/json

GET
H2 200 a2_eswhb1vwqck2_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
700 B 202ms
85ms XHR
application/json 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_eswhb1vwqck2_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

cache-control: max-age=300
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding: gzip
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 98
date: Wed, 20 Nov 2024 16:03:27 GMT
content-type: application/json
vary: Accept-Encoding,Origin
server: snooserv

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 286ms
164ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1732118607314&id=a2_eswhb1vwqck2&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=59305837-db28-4b2f-98b3-1c28d77815e4&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_b192616d&dpm=&dpcc=&dprc=
Requested by: Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after: 0
cross-origin-resource-policy: cross-origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish
accept-ranges: bytes
content-length: 42
date: Wed, 20 Nov 2024 16:03:27 GMT
content-type: image/gif
server: Varnish

GET
H3 200 214143080714778 Show response
connect.facebook.net/signals/config/ 79 KB
17 KB 133ms
132ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/214143080714778?v=next&r=canary&domain=app.sermo.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C44%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C169%2C142%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C5%2C90%2C81%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

7072d5d2b4bcb9463cad4a127e4706929543b98164cd87f8db75ecceebc12ccc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-Rum5VmoQ' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 16:03:27 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Rum5VmoQ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=84, rtx=0, c=72, mss=1232, tbw=71824, tp=66, tpl=0, uplat=69, ullat=0
pragma: public
x-fb-debug: iNmod2zKjLROQBlmy6ATK2cbDxgiJnTbAzieeIeOvVtMYGVmUvxPaopVs2ikgOyonLfk94jkInWHxSXchqufvg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 adsct
t.co/1/i/ 43 B
627 B 408ms
280ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%266%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=9995a711-22a5-4765-8c31-92a8fcf89e85&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=e64f5d22-55cb-4860-9831-3a2a433be9fa&tw_document_href=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&tw_iframe_status=0&txn_id=od0vu&type=javascript&version=2.3.31

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 5038d5450ee5193b
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 882a6eedf69d2056d008248515f1ad891a9a4745291a5d8794399cf39679d800
cf-cache-status: DYNAMIC
cf-ray: 8e59ab90eba058ea-TXL
x-response-time: 174
content-length: 43
date: Wed, 20 Nov 2024 16:03:27 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_o

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
724 B 280ms
151ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%266%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=9995a711-22a5-4765-8c31-92a8fcf89e85&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=e64f5d22-55cb-4860-9831-3a2a433be9fa&tw_document_href=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&tw_iframe_status=0&txn_id=od0vu&type=javascript&version=2.3.31

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: 3f927d3985be7cf5
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 77698bdccd7f525ba8baddb89e3f14d57fa42bb8472f339cc676ddb4f8304ab9
x-response-time: 102
content-length: 43
date: Wed, 20 Nov 2024 16:03:27 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_o

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/164/ 11 KB
5 KB 180ms
178ms Script
application/x-javascript 104.102.43.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/164/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.43.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-43-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dea9df0145848ffeb3c6931228d41e833341b4837c0e713d321c5bfcf6dcd4e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

Cache-Control: max-age=8640000
Content-Encoding: gzip
ETag: "756f9116836f579d12be8fe786b69d98:1726632111.60799"
Connection: keep-alive
Expires: Fri, 28 Feb 2025 16:03:27 GMT
Accept-Ranges: bytes
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Length: 4843
Date: Wed, 20 Nov 2024 16:03:27 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 18 Sep 2024 04:01:51 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 27028092.js Show response
bat.bing.com/p/action/ 363 B
412 B 88ms
87ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27028092.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1605FA65410D4BD5B6F5451177DA9CF8 Ref B: FRA31EDGE0420 Ref C: 2024-11-20T16:03:27Z
x-cache: CONFIG_NOCACHE
date: Wed, 20 Nov 2024 16:03:27 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

POST
H2 204 0
bat.bing.net/actionp/ 0
345 B 245ms
79ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=27028092&tm=gtm002&Ver=2&mid=4b2fa596-ffff-476a-b300-e895d9600259&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 67EB02D869DA4E29B166B396B67D4598 Ref B: FRA31EDGE0417 Ref C: 2024-11-20T16:03:27Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Wed, 20 Nov 2024 16:03:27 GMT

GET
H2 204 0
bat.bing.net/action/ 0
119 B 239ms
81ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=27028092&tm=gtm002&Ver=2&mid=4b2fa596-ffff-476a-b300-e895d9600259&bo=2&gtm_tag_source=1&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Sermo&p=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&r=&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=243578
Requested by: Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2B7EE532A80440C6BAF3C6EB8A0391AF Ref B: FRA31EDGE0417 Ref C: 2024-11-20T16:03:27Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Wed, 20 Nov 2024 16:03:27 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 106ms
43ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=214143080714778&ev=PageView&dl=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&rl=&if=false&ts=1732118607497&cd[location]=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin&sw=1600&sh=1200&v=next&r=canary&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1732118607496.92151085783183855&cs_est=true&ler=empty&cdl=API_unavailable&it=1732118607338&coo=false&tm=1&ttf=2034.7000007629395&bdt=363.8999996185303&bdsize=251140&btsize=63583&brbs=0&cdt=136.9000015258789&cdsize=81126&ctsize=16920&crbs=0&let=21.19999885559082&upcl=3&upurlcl=8&rpcl=0&rpurlcl=8&estcl=3&iwlpcl=0&rqm=GET

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=47, rtx=0, c=23, mss=1232, tbw=4462, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 20 Nov 2024 16:03:27 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 268ms
209ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=214143080714778&ev=PageView&dl=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&rl=&if=false&ts=1732118607497&cd[location]=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin&sw=1600&sh=1200&v=next&r=canary&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1732118607496.92151085783183855&cs_est=true&ler=empty&cdl=API_unavailable&it=1732118607338&coo=false&tm=1&ttf=2034.7000007629395&bdt=363.8999996185303&bdsize=251140&btsize=63583&brbs=0&cdt=136.9000015258789&cdsize=81126&ctsize=16920&crbs=0&let=21.19999885559082&upcl=3&upurlcl=8&rpcl=0&rpurlcl=8&estcl=3&iwlpcl=0&rqm=FGET

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439392770698923563"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 16:03:27 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 8WfIeinlgSwZ203+vb+gCcv9gAp977OHfgauLC8u2DPIiNuGGdo1BR6lNDCrtzo3t/+B5MZwbR7oYNlUDV/SIQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439392770698923563", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=23, mss=1232, tbw=4830, tp=13, tpl=0, uplat=166, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK is Show response
18.210.229.244/ 32 B
437 B 1078ms
168ms Fetch
text/plain 18.210.229.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://18.210.229.244/is?cb=1732118607613
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=38304&tdr=&plh=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&cb=52683328408143450term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.210.229.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-229-244.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e9380e656cc7fcbd45e7dc191dfe470d67d430a61c516a42a1390bdf8df62e52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

x-envoy-upstream-service-time: 2
connection: close
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-application-context: application:prod:8080
content-length: 32
date: Wed, 20 Nov 2024 16:03:28 GMT
content-type: text/plain;charset=utf-8
server: istio-envoy
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.56/ 66 KB
28 KB 103ms
101ms Script
application/javascript 2620:1ec:29:1::43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.56/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/oij161oq2s?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

x-azure-ref: 20241120T160327Z-179d85bf68cvl6szhC1FRA61q400000007300000000065xv
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD041B2B98F09E"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: 15574678-c01e-002b-5ae7-37ae17000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Wed, 20 Nov 2024 16:03:27 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 19:41:29 GMT

GET
H2 200 transition
www.medtargetsystem.com/iframe/ Frame 612D 0
0 414ms
144ms Document
text/html 18.211.125.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medtargetsystem.com/iframe/transition?client-origin=https%3A%2F%2Fapp.sermo.com
Requested by: Host: aim-tag.hcn.health
URL: https://aim-tag.hcn.health/js/client.js?dl=aimDataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.125.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-125-216.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/7.0.19-1+deb.sury.org~trusty+2
Resource Hash

Request headers

Referer: https://app.sermo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-length: 146
content-type: text/html; charset=UTF-8
date: Wed, 20 Nov 2024 16:03:28 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: Apache/2.4.7 (Ubuntu)
vary: X-Forwarded-Proto,Accept-Encoding
x-powered-by: PHP/7.0.19-1+deb.sury.org~trusty+2
x-robots-tag: noindex

GET
H2 200 iframe.html
aim-tag.hcn.health/ Frame DFE2 0
0 517ms
253ms Document
text/html 34.233.14.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aim-tag.hcn.health/iframe.html?client-origin=https%3A%2F%2Fapp.sermo.com&pageview-id=fae4e440-a758-11ef-bb7e-979a06008afe&stps=%7B%7D
Requested by: Host: aim-tag.hcn.health
URL: https://aim-tag.hcn.health/js/client.js?dl=aimDataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.14.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-14-26.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

Referer: https://app.sermo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-length: 28997
content-type: text/html; charset=UTF-8
date: Wed, 20 Nov 2024 16:03:28 GMT
server: awselb/2.0
vary: Accept-Encoding

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
277 B 446ms
142ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://app.sermo.com/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://app.sermo.com
Date: Wed, 20 Nov 2024 16:03:28 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 899ms
213ms Script
application/javascript 34.210.219.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-3JJQ97XQN4%3BG-WTQFCSNBC0&ga_client_id=1043120177.1732118607&shpt=Sermo&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-3JJQ97XQN4%22%2C%22sess_id%22%3A%221732118607%22%7D%2C%7B%22id%22%3A%22UA-997174-20%22%2C%22sess_id%22%3Anull%7D%5D%2C%22hardcoded_ga%22%3A%22G-3JJQ97XQN4%3BG-WTQFCSNBC0%22%2C%22ga_tracking_id%22%3A%22G-3JJQ97XQN4%3BG-WTQFCSNBC0%22%2C%22ga_client_id%22%3A%221043120177.1732118607%22%2C%22shpt%22%3A%22Sermo%22%2C%22dcm_cid%22%3A%221732118607.1%22%2C%22dcm_gid%22%3A%221583874053.1732118607%22%2C%22mntnis%22%3A%22WPBOWnK1KWCrvH%2Bng0F5nhd%2Bq2okn83Y%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A6%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1732118607.1&dcm_gid=1583874053.1732118607&available_ga=%5B%7B%22id%22%3A%22G-3JJQ97XQN4%22%2C%22sess_id%22%3A%221732118607%22%7D%2C%7B%22id%22%3A%22UA-997174-20%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-3JJQ97XQN4%3BG-WTQFCSNBC0&dxver=4.0.0&shaid=38304&plh=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&cb=52683328408143450term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=38304&tdr=&plh=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&cb=52683328408143450term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.210.219.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-219-79.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 20e9948867fad465c974a17464d3cbf4d856f6326a09ee396cade1bd30f55fef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

transfer-encoding: chunked
content-encoding: gzip
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
date: Wed, 20 Nov 2024 16:03:29 GMT
content-type: application/javascript;charset=utf-8
server: istio-envoy

GET
H2

200

getuidp Show response
secure.adnxs.com/
Redirect Chain

https://trc.lhmos.com/enrich/data/jsonp?mcode=15710&mid=47&callback=jsonp_1732118608877_56607
https://secure.adnxs.com/getuidp?callback=jsonp_1732118608877_56607

38 B
712 B

270ms
89ms

Script
application/javascript

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidp?callback=jsonp_1732118608877_56607

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0753ccff436dde099660656bca28d6549a4463aa9ab50d523d6e61672ec6c0e7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.101; 80.255.7.101; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 9eac8a8c-5f08-4dcc-a8ba-7f3f9e27db60
content-length: 38
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 20 Nov 2024 16:03:29 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
server: nginx/1.23.4

Redirect headers

access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 16:03:29 GMT
x-frame-options: DENY
access-control-allow-headers: x-requested-with
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
location: https://secure.adnxs.com/getuidp?callback=jsonp_1732118608877_56607
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: no-referrer
via: 1.1 google
access-control-allow-origin: https://app.sermo.com/user/login?woo_campaign=mc&amp
content-length: 0
x-xss-protection: 1 ; mode=block

GET
H2 200 / Show response
match.deepintent.com/identity/ 29 B
105 B 451ms
148ms Script
application/json 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/identity/?key=557de64e17a503f4b94b1c9ce0810e254cc55c482d292b52fa875d2f4cc84306&sid=fb55a770-a758-11ef-9f46-87f618d7efd7&cb=jsonp_1732118608878_31248
Requested by: Host: aim-tag.hcn.health
URL: https://aim-tag.hcn.health/js/client.js?dl=aimDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: b0527e2b9c9a548f2c9db62e57d1527bc746fb77d1af6ddbd4d9c7dbb9ed4a64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/user/login?woo_campaign=mc&amp

Response headers

content-length: 29
date: Wed, 20 Nov 2024 16:03:29 GMT
content-type: application/json
server: b

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://trc.lhmos.com/uid/set?aimsessionidv4=fb55a770-a758-11ef-9f46-87f618d7efd7&dgid=UNK&mcode=15710&mid=47
https://secure.adnxs.com/getuidu?https://trc.lhmos.com/uid/save/?uid=$UID&aimsessionidv4=fb55a770-a758-11ef-9f46-87f618d7efd7&dgid=UNK&mcode=15710&mid=47
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Ftrc.lhmos.com%2Fuid%2Fsave%2F%3Fuid%3D%24UID%26aimsessionidv4%3Dfb55a770-a758-11ef-9f46-87f618d7efd7%26dgid%3DUNK%26mcode%3D15710%26mid%3D47
https://trc.lhmos.com/uid/save/?uid=3598308295076104114&aimsessionidv4=fb55a770-a758-11ef-9f46-87f618d7efd7&dgid=UNK&mcode=15710&mid=47
https://match.adsrvr.org/track/cmf/generic?ttd_pid=v0gsn3b&ttd_tpi=1&ttd_puid=47&ttd_puid=UNK&ttd_puid=3598308295076104114&ttd_puid=null&ttd_puid=476d4424-d963-45d2-bb0a-6f8de8f74e6c&ttd_puid=&ttd_...

70 B
149 B

190ms
62ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=v0gsn3b&ttd_tpi=1&ttd_puid=47&ttd_puid=UNK&ttd_puid=3598308295076104114&ttd_puid=null&ttd_puid=476d4424-d963-45d2-bb0a-6f8de8f74e6c&ttd_puid=&ttd_puid=fb55a770-a758-11ef-9f46-87f618d7efd7
Requested by: Host: app.sermo.com
URL: https://app.sermo.com/login?returnUrl=%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-length: 70
date: Wed, 20 Nov 2024 16:03:30 GMT
content-type: image/gif
server: Kestrel

Redirect headers

access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 16:03:30 GMT
x-frame-options: DENY
access-control-allow-headers: x-requested-with
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=v0gsn3b&ttd_tpi=1&ttd_puid=47&ttd_puid=UNK&ttd_puid=3598308295076104114&ttd_puid=null&ttd_puid=476d4424-d963-45d2-bb0a-6f8de8f74e6c&ttd_puid=&ttd_puid=fb55a770-a758-11ef-9f46-87f618d7efd7
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: no-referrer
via: 1.1 google
access-control-allow-origin: *
content-length: 0
x-xss-protection: 1 ; mode=block

GET
H2 200 store
match.deepintent.com/usersync/114/ 0
16 B 451ms
149ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/114/store?ext1=fb55a770-a758-11ef-9f46-87f618d7efd7&id=UNK
Requested by: Host: app.sermo.com
URL: https://app.sermo.com/user/login?woo_campaign=mc&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/user/login?woo_campaign=mc&amp

Response headers

date: Wed, 20 Nov 2024 16:03:29 GMT
server: b
content-length: 0

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
277 B 129ms
127ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://app.sermo.com/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://app.sermo.com
Date: Wed, 20 Nov 2024 16:03:29 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 redir Show response
trc.lhmos.com/enrich/data/ 2 B
27 B 295ms
229ms Fetch
application/json 34.102.246.198
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://trc.lhmos.com/enrich/data/redir?mcode=15710&mid=47&uid=0

Requested by

Host: aim-tag.hcn.health
URL: https://aim-tag.hcn.health/js/client.js?dl=aimDataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.246.198 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

198.246.102.34.bc.googleusercontent.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Referer: https://app.sermo.com/user/login?woo_campaign=mc&amp

Response headers

access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 16:03:29 GMT
content-type: application/json
x-frame-options: DENY
access-control-allow-headers: x-requested-with
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: no-referrer
via: 1.1 google
access-control-allow-origin: https://app.sermo.com
content-length: 2
x-xss-protection: 1 ; mode=block

GET
H2 200 224.9374d6380281b2ac1437.bundle.js
app.sermo.com/scripts/chunks/ 0
3 KB 131ms
130ms Other
text/javascript 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/scripts/chunks/224.9374d6380281b2ac1437.bundle.js

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/scripts/runtime~main.981e88fc795e146a83e2.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://app.sermo.com
Referer: https://app.sermo.com/user/login?woo_campaign=mc&amp

Response headers

strict-transport-security: max-age=1800; includeSubDomains
content-encoding: gzip
etag: "1db3ac888c45c54"
accept-ranges: bytes
content-length: 2388
date: Wed, 20 Nov 2024 16:03:29 GMT
content-type: text/javascript
last-modified: Tue, 19 Nov 2024 21:18:10 GMT
server: Kestrel

GET
H2 200 313.d9a0f853c27ec15828bf.bundle.js
app.sermo.com/scripts/chunks/ 0
3 KB 132ms
131ms Other
text/javascript 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/scripts/chunks/313.d9a0f853c27ec15828bf.bundle.js

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/scripts/runtime~main.981e88fc795e146a83e2.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://app.sermo.com
Referer: https://app.sermo.com/user/login?woo_campaign=mc&amp

Response headers

strict-transport-security: max-age=1800; includeSubDomains
content-encoding: gzip
etag: "1db3ac888c45c03"
accept-ranges: bytes
content-length: 2307
date: Wed, 20 Nov 2024 16:03:29 GMT
content-type: text/javascript
last-modified: Tue, 19 Nov 2024 21:18:10 GMT
server: Kestrel

GET
H2 200 373.4ab4851608ffdd40fcce.bundle.js
app.sermo.com/scripts/chunks/ 0
9 KB 132ms
132ms Other
text/javascript 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/scripts/chunks/373.4ab4851608ffdd40fcce.bundle.js

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/scripts/runtime~main.981e88fc795e146a83e2.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://app.sermo.com
Referer: https://app.sermo.com/user/login?woo_campaign=mc&amp

Response headers

strict-transport-security: max-age=1800; includeSubDomains
content-encoding: gzip
etag: "1db3ac888c476db"
accept-ranges: bytes
content-length: 9179
date: Wed, 20 Nov 2024 16:03:29 GMT
content-type: text/javascript
last-modified: Tue, 19 Nov 2024 21:18:10 GMT
server: Kestrel

GET
H2 200 sailec-regular..woff2
app.sermo.com/fonts/ 10 KB
11 KB 122ms
122ms Font
font/woff2 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/fonts/sailec-regular..woff2

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/css/786.f03560fb0e8096725c88.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

32b7097bdd9929b47e625537dbe85bb37b8ee4d7e78cfb673141eccb99218b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://app.sermo.com
Referer: https://app.sermo.com/css/786.f03560fb0e8096725c88.css

Response headers

strict-transport-security: max-age=1800; includeSubDomains
etag: "1db3ac888c472fc"
accept-ranges: bytes
content-length: 10236
date: Wed, 20 Nov 2024 16:03:30 GMT
content-type: font/woff2
last-modified: Tue, 19 Nov 2024 21:18:10 GMT
server: Kestrel

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 900ms
214ms Script
application/javascript 52.12.117.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: px.mountain.com
URL: https://px.mountain.com/st?ga_tracking_id=G-3JJQ97XQN4%3BG-WTQFCSNBC0&ga_client_id=1043120177.1732118607&shpt=Sermo&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-3JJQ97XQN4%22%2C%22sess_id%22%3A%221732118607%22%7D%2C%7B%22id%22%3A%22UA-997174-20%22%2C%22sess_id%22%3Anull%7D%5D%2C%22hardcoded_ga%22%3A%22G-3JJQ97XQN4%3BG-WTQFCSNBC0%22%2C%22ga_tracking_id%22%3A%22G-3JJQ97XQN4%3BG-WTQFCSNBC0%22%2C%22ga_client_id%22%3A%221043120177.1732118607%22%2C%22shpt%22%3A%22Sermo%22%2C%22dcm_cid%22%3A%221732118607.1%22%2C%22dcm_gid%22%3A%221583874053.1732118607%22%2C%22mntnis%22%3A%22WPBOWnK1KWCrvH%2Bng0F5nhd%2Bq2okn83Y%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A6%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1732118607.1&dcm_gid=1583874053.1732118607&available_ga=%5B%7B%22id%22%3A%22G-3JJQ97XQN4%22%2C%22sess_id%22%3A%221732118607%22%7D%2C%7B%22id%22%3A%22UA-997174-20%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-3JJQ97XQN4%3BG-WTQFCSNBC0&dxver=4.0.0&shaid=38304&plh=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&cb=52683328408143450term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.12.117.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-12-117-226.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 8fdc031c13d746ed5cffa818fe67385dc3009d622dcc76b95125a9da87d6d688

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 2
connection: close
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-application-context: application:prod:8080
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
date: Wed, 20 Nov 2024 16:03:30 GMT
content-length: 144
content-type: application/javascript;charset=utf-8
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header

POST
H2 200 logroutechange
app.sermo.com/de-DE/api/system/ 2 B
0 131ms
130ms Fetch
application/json 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/de-DE/api/system/logroutechange

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/scripts/main.ec5006b35db12625e9d2.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

X-XSRF-TOKEN: CfDJ8PKLRsvWOMdKrnvSEEvYSBbnAxa2UjZJ5l1RR2q37wVmcPTCk0I0m6bh0H6Tuu55hgwntDK_yz0P0n7Eq0Z_1aYg_I4MCf4Q4WCWBU0jf0nWGmrWj9x_wiXwRO-9P1kTpjoD8r5s7WHtKO4ZQdoiemA
Referer: https://app.sermo.com/user/login?woo_campaign=mc&amp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

strict-transport-security: max-age=1800; includeSubDomains
cache-control: no-cache, no-store
pragma: no-cache
content-length: 2
date: Wed, 20 Nov 2024 16:03:30 GMT
content-type: application/json; charset=utf-8
server: Kestrel
x-frame-options: SAMEORIGIN

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 399 KB
129 KB 72ms
71ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WTQFCSNBC0&l=dataLayer&cx=c&gtm=45He4bj0v813214453za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNDXZWF

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f200.1e100.net

Software

Google Tag Manager /

Resource Hash

1eb741661a44efb886a19def5660d6be40ea69161bc4f16bfca6e6bf905901f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 20 Nov 2024 16:03:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 16:03:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 132436
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
144 B 151ms
150ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.sermo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: F0B0962C613642E7BA61A8E8677C44B7 Ref B: FRAEDGE1617 Ref C: 2024-11-20T16:03:30Z
x-li-fabric: prod-lva1
access-control-allow-credentials: true
x-li-uuid: AAYnWkp3dB8zSLY2PnBMrg==
x-li-proto: http/2
access-control-allow-origin: https://app.sermo.com
x-cache: CONFIG_NOCACHE
date: Wed, 20 Nov 2024 16:03:29 GMT
vary: Origin

POST collect
p.clarity.ms/ 0
0

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
277 B 661ms
399ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://app.sermo.com/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://app.sermo.com
Date: Wed, 20 Nov 2024 16:03:30 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 42ms
41ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=214143080714778&ev=PageView&dl=https%3A%2F%2Fapp.sermo.com%2Flogin%3FreturnUrl%3D%252Fuser%252Flogin%253Fwoo_campaign%253Dmc%2526amp&rl=&if=false&ts=1732118610080&sw=1600&sh=1200&v=next&r=canary&a=tmSimo-GTM-WebTemplate&ec=1&o=12318&fbp=fb.1.1732118607496.92151085783183855&cs_est=true&ler=empty&cdl=API_unavailable&it=1732118607338&coo=false&uppt=0.10000038146972656&uvpt=0.8999996185302734&ttf=4617.10000038147&bdt=363.8999996185303&bdsize=251140&btsize=63583&brbs=0&cdt=136.9000015258789&cdsize=81126&ctsize=16920&crbs=0&let=26.69999885559082&upcl=3&upurlcl=8&rpcl=0&rpurlcl=8&estcl=3&iwlpcl=0&rqm=GET

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/login?returnUrl=%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=26, mss=1232, tbw=7742, tp=19, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 20 Nov 2024 16:03:30 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 69ms
69ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=214143080714778&ev=PageView&dl=https%3A%2F%2Fapp.sermo.com%2Flogin%3FreturnUrl%3D%252Fuser%252Flogin%253Fwoo_campaign%253Dmc%2526amp&rl=&if=false&ts=1732118610080&sw=1600&sh=1200&v=next&r=canary&a=tmSimo-GTM-WebTemplate&ec=1&o=12318&fbp=fb.1.1732118607496.92151085783183855&cs_est=true&ler=empty&cdl=API_unavailable&it=1732118607338&coo=false&uppt=0.10000038146972656&uvpt=0.8999996185302734&ttf=4617.10000038147&bdt=363.8999996185303&bdsize=251140&btsize=63583&brbs=0&cdt=136.9000015258789&cdsize=81126&ctsize=16920&crbs=0&let=26.69999885559082&upcl=3&upurlcl=8&rpcl=0&rpurlcl=8&estcl=3&iwlpcl=0&rqm=FGET

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/login?returnUrl=%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439392784721437847"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 16:03:30 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 6D5eAS4VfVGFx2+u5LOc+vgXBN3TOMA7Xsq0WQK/ztbD9pp2cdCvFUla5R4boqsBEe6A2KtZru3kd1cz+7MW6w==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439392784721437847", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=26, mss=1232, tbw=7934, tp=21, tpl=0, uplat=26, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 632.3e594b1ba8cc473c05f9.bundle.js Show response
app.sermo.com/scripts/chunks/ 5 KB
2 KB 146ms
143ms Script
text/javascript 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/scripts/chunks/632.3e594b1ba8cc473c05f9.bundle.js

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/scripts/runtime~main.981e88fc795e146a83e2.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

cadd83c09fadf2c248304fec0dab18e7c1decd4ac28f14b81a9e957f9dc16d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/login?returnUrl=%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp

Response headers

strict-transport-security: max-age=1800; includeSubDomains
content-encoding: gzip
etag: "1db3ac888c45251"
accept-ranges: bytes
content-length: 1873
date: Wed, 20 Nov 2024 16:03:30 GMT
content-type: text/javascript
last-modified: Tue, 19 Nov 2024 21:18:10 GMT
server: Kestrel

GET
H2 200 438.1088a10de1068c7a4710.bundle.js Show response
app.sermo.com/scripts/chunks/ 44 KB
6 KB 146ms
143ms Script
text/javascript 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/scripts/chunks/438.1088a10de1068c7a4710.bundle.js

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/scripts/runtime~main.981e88fc795e146a83e2.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

ed897bba5653e77ec0fce2e23e2bee9b99d43effe2e2a2366f8f7961179c0f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/login?returnUrl=%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp

Response headers

strict-transport-security: max-age=1800; includeSubDomains
content-encoding: gzip
etag: "1db3ac888c4414d"
accept-ranges: bytes
content-length: 5197
date: Wed, 20 Nov 2024 16:03:30 GMT
content-type: text/javascript
last-modified: Tue, 19 Nov 2024 21:18:10 GMT
server: Kestrel

POST
H2 200 logroutechange Show response
app.sermo.com/de-DE/api/system/ 2 B
674 B 132ms
130ms Fetch
application/json 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/de-DE/api/system/logroutechange

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/scripts/786.8de1b22d96740f0114f9.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

X-XSRF-TOKEN: CfDJ8PKLRsvWOMdKrnvSEEvYSBYDjLk7Ll8oKRXN9HI-3tvGi12sq3oREtltWDHp5u4ZGulQ3CNAxlqIEMhnc9OoIS1H0BNQsIZR99c2b9DfBx8LDMiBgtmp6MP0dO451cd5bXDkVePXVGHiR5GmcDKKXUc
Referer: https://app.sermo.com/login?returnUrl=%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

strict-transport-security: max-age=1800; includeSubDomains
cache-control: no-cache, no-store
pragma: no-cache
content-length: 2
date: Wed, 20 Nov 2024 16:03:30 GMT
content-type: application/json; charset=utf-8
server: Kestrel
x-frame-options: SAMEORIGIN

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 41ms
41ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1566564979&t=event&_s=2&dl=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&ul=de-de&de=UTF-8&dt=Sermo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=automation&ea=load&el=page&_u=6DDAAUABAAAAACAAI~&jid=&gjid=&cid=1043120177.1732118607&tid=UA-997174-20&_gid=1583874053.1732118607&gtm=457e4bj0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&npa=1&z=852207769

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/login?returnUrl=%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

age: 64325
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 22:11:25 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

POST
H2 200 / Show response
cognito-identity.us-east-1.amazonaws.com/ 63 B
317 B 141ms
140ms Fetch
application/x-amz-json-1.1 2600:1f10:469b:a101:5aaf:fd37:393b:3e9c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.us-east-1.amazonaws.com/

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/scripts/786.8de1b22d96740f0114f9.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f10:469b:a101:5aaf:fd37:393b:3e9c Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

5c4bbecdf517ed2f27b6d9cdc470b7bdec672b9f26e67a8f817e777efe0a3a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-amz-user-agent: aws-amplify/5.3.10 framework/0
cache-control: no-store
x-amz-target: AWSCognitoIdentityService.GetId
Referer: https://app.sermo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/x-amz-json-1.1

Response headers

x-amzn-requestid: 7a5952a6-0576-46f2-94dd-908a8c864a33
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
content-length: 63
date: Wed, 20 Nov 2024 16:03:30 GMT
content-type: application/x-amz-json-1.1

OPTIONS
H2 200 /
cognito-identity.us-east-1.amazonaws.com/ Frame 0
0 398ms
120ms Preflight 2600:1f10:469b:a101:5aaf:fd37:393b:3e9c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.us-east-1.amazonaws.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f10:469b:a101:5aaf:fd37:393b:3e9c Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://app.sermo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: cache-control,content-type,x-amz-target,x-amz-user-agent
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Wed, 20 Nov 2024 16:03:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: 76d61c80-2583-4125-8951-6df280e84910

GET
H2 200 sailec-medium..woff2
app.sermo.com/fonts/ 10 KB
10 KB 126ms
124ms Font
font/woff2 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/fonts/sailec-medium..woff2

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/css/786.f03560fb0e8096725c88.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

8d2c1ad39132fc5902635d968166b76657aad656fdfe76857eacd0d4bd8e9bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://app.sermo.com
Referer: https://app.sermo.com/css/786.f03560fb0e8096725c88.css

Response headers

strict-transport-security: max-age=1800; includeSubDomains
etag: "1db3ac888c4737c"
accept-ranges: bytes
content-length: 9852
date: Wed, 20 Nov 2024 16:03:30 GMT
content-type: font/woff2
last-modified: Tue, 19 Nov 2024 21:18:10 GMT
server: Kestrel

POST
H2 204 collect Show response
region1.analytics.google.com/g/ 0
267 B 57ms
50ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WTQFCSNBC0&gtm=45je4bj0v892948126z8813214453za200zb813214453&_p=1732118606328&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&ir=0&cid=1043120177.1732118607&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin&dr=&sid=1732118610&sct=1&seg=0&dt=Sermo&en=page_view&_fv=1&_ss=1&ep.gtm_tag_name=GA4%20-%202%20-%20PageView%20Tag&ep.gtm_container_id=GTM-KNDXZWF&ep.gtm_container_version=45&tfd=4870
Requested by: Host: app.sermo.com
URL: https://app.sermo.com/scripts/786.8de1b22d96740f0114f9.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://app.sermo.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 16:03:30 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
543 B 189ms
78ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WTQFCSNBC0&cid=1043120177.1732118607&gtm=45je4bj0v892948126z8813214453za200zb813214453&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WTQFCSNBC0&l=dataLayer&cx=c&gtm=45He4bj0v813214453za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://app.sermo.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 16:03:30 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 134ms
82ms Image
image/gif 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WTQFCSNBC0&cid=1043120177.1732118607&gtm=45je4bj0v892948126z8813214453za200zb813214453&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1883929912

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/login?returnUrl=%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 20 Nov 2024 16:03:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect Show response
region1.analytics.google.com/g/ 0
57 B 50ms
50ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WTQFCSNBC0&gtm=45je4bj0v892948126z8813214453za200zb813214453&_p=1732118606328&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&ir=1&cid=1043120177.1732118607&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&dl=https%3A%2F%2Fapp.sermo.com%2Flogin&dr=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin&sid=1732118610&sct=1&seg=1&dt=Sermo&en=page_view&ep.gtm_tag_name=GA4%20-%202%20-%20PageView%20Tag&ep.gtm_container_id=GTM-KNDXZWF&ep.gtm_container_version=45&_et=6&tfd=4899
Requested by: Host: app.sermo.com
URL: https://app.sermo.com/scripts/786.8de1b22d96740f0114f9.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://app.sermo.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 16:03:30 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 sailec-bold..woff2
app.sermo.com/fonts/ 10 KB
10 KB 141ms
138ms Font
font/woff2 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/fonts/sailec-bold..woff2

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/css/786.f03560fb0e8096725c88.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

5a4ced6d1fa795600e5c50870315b1c0737f16a5e50e53ef7979a047efd576ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://app.sermo.com
Referer: https://app.sermo.com/css/786.f03560fb0e8096725c88.css

Response headers

strict-transport-security: max-age=1800; includeSubDomains
etag: "1db3ac888c47378"
accept-ranges: bytes
content-length: 9848
date: Wed, 20 Nov 2024 16:03:30 GMT
content-type: font/woff2
last-modified: Tue, 19 Nov 2024 21:18:10 GMT
server: Kestrel

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
277 B 537ms
260ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: app.sermo.com
URL: https://app.sermo.com/scripts/786.8de1b22d96740f0114f9.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://app.sermo.com/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://app.sermo.com
Date: Wed, 20 Nov 2024 16:03:30 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 200 / Show response
cognito-identity.us-east-1.amazonaws.com/ 2 KB
2 KB 157ms
154ms Fetch
application/x-amz-json-1.1 2600:1f10:469b:a101:5aaf:fd37:393b:3e9c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.us-east-1.amazonaws.com/

Requested by

Host: app.sermo.com
URL: https://app.sermo.com/scripts/786.8de1b22d96740f0114f9.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f10:469b:a101:5aaf:fd37:393b:3e9c Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

00a63732a9aeb6e06a0e11971679cf3c3374f8e254605365f4c2686115cd268e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-amz-user-agent: aws-amplify/5.3.10 framework/0
cache-control: no-store
x-amz-target: AWSCognitoIdentityService.GetCredentialsForIdentity
Referer: https://app.sermo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/x-amz-json-1.1

Response headers

x-amzn-requestid: 0c240d55-3ce6-47b8-a650-7bfc2245d86b
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
content-length: 1771
date: Wed, 20 Nov 2024 16:03:30 GMT
content-type: application/x-amz-json-1.1

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 711ms
279ms Script
application/javascript 34.210.219.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-3JJQ97XQN4%3BG-WTQFCSNBC0&ga_client_id=1043120177.1732118607&shpt=Sermo&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-3JJQ97XQN4%22%2C%22sess_id%22%3A%221732118607%22%7D%2C%7B%22id%22%3A%22UA-997174-20%22%2C%22sess_id%22%3Anull%7D%5D%2C%22hardcoded_ga%22%3A%22G-3JJQ97XQN4%3BG-WTQFCSNBC0%22%2C%22ga_tracking_id%22%3A%22G-3JJQ97XQN4%3BG-WTQFCSNBC0%22%2C%22ga_client_id%22%3A%221043120177.1732118607%22%2C%22shpt%22%3A%22Sermo%22%2C%22dcm_cid%22%3A%221732118607.1%22%2C%22dcm_gid%22%3A%221583874053.1732118607%22%2C%22mntnis%22%3A%22WPBOWnK1KWCrvH%2Bng0F5nhd%2Bq2okn83Y%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A6%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1732118607.1&dcm_gid=1583874053.1732118607&available_ga=%5B%7B%22id%22%3A%22G-3JJQ97XQN4%22%2C%22sess_id%22%3A%221732118607%22%7D%2C%7B%22id%22%3A%22UA-997174-20%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-3JJQ97XQN4%3BG-WTQFCSNBC0&dxver=4.0.0&shaid=38304&plh=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1732118609627110&shguid=2be08edb-e416-39fc-8277-48360c7b02d1&shgts=1732118610864
Requested by: Host: px.mountain.com
URL: https://px.mountain.com/st?ga_tracking_id=G-3JJQ97XQN4%3BG-WTQFCSNBC0&ga_client_id=1043120177.1732118607&shpt=Sermo&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-3JJQ97XQN4%22%2C%22sess_id%22%3A%221732118607%22%7D%2C%7B%22id%22%3A%22UA-997174-20%22%2C%22sess_id%22%3Anull%7D%5D%2C%22hardcoded_ga%22%3A%22G-3JJQ97XQN4%3BG-WTQFCSNBC0%22%2C%22ga_tracking_id%22%3A%22G-3JJQ97XQN4%3BG-WTQFCSNBC0%22%2C%22ga_client_id%22%3A%221043120177.1732118607%22%2C%22shpt%22%3A%22Sermo%22%2C%22dcm_cid%22%3A%221732118607.1%22%2C%22dcm_gid%22%3A%221583874053.1732118607%22%2C%22mntnis%22%3A%22WPBOWnK1KWCrvH%2Bng0F5nhd%2Bq2okn83Y%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A6%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1732118607.1&dcm_gid=1583874053.1732118607&available_ga=%5B%7B%22id%22%3A%22G-3JJQ97XQN4%22%2C%22sess_id%22%3A%221732118607%22%7D%2C%7B%22id%22%3A%22UA-997174-20%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-3JJQ97XQN4%3BG-WTQFCSNBC0&dxver=4.0.0&shaid=38304&plh=https%3A%2F%2Fapp.sermo.com%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp&cb=52683328408143450term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.210.219.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-219-79.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/

Response headers

transfer-encoding: chunked
content-encoding: gzip
x-envoy-upstream-service-time: 64
connection: close
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
date: Wed, 20 Nov 2024 16:03:31 GMT
content-type: application/javascript;charset=utf-8
server: istio-envoy

GET
H2 200 favicon.ico
app.sermo.com/ 2 KB
2 KB 134ms
134ms Other
image/x-icon 34.224.155.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sermo.com/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-155-36.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

10b9c0764b5f82595de0325a82d78ba87be76b260dc474aef5376a280dc0a9a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.sermo.com/login?returnUrl=%2Fuser%2Flogin%3Fwoo_campaign%3Dmc%26amp

Response headers

strict-transport-security: max-age=1800; includeSubDomains
etag: "1db09ca0c2ed685"
accept-ranges: bytes
content-length: 1541
date: Wed, 20 Nov 2024 16:03:31 GMT
content-type: image/x-icon
last-modified: Wed, 18 Sep 2024 12:55:33 GMT
server: Kestrel

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
277 B 131ms
129ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: app.sermo.com
URL: https://app.sermo.com/scripts/786.8de1b22d96740f0114f9.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://app.sermo.com/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://app.sermo.com
Date: Wed, 20 Nov 2024 16:03:31 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H/1.1 202
Accepted events Show response
pinpoint.us-east-1.amazonaws.com/v1/apps/94d1d8951e02440190140463de25776b/ 219 B
760 B 186ms
183ms Fetch
application/json 13.225.78.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pinpoint.us-east-1.amazonaws.com/v1/apps/94d1d8951e02440190140463de25776b/events
Requested by: Host: app.sermo.com
URL: https://app.sermo.com/scripts/786.8de1b22d96740f0114f9.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-31.fra2.r.cloudfront.net
Software: /
Resource Hash: 27770c3d51b67c94d20ef83d95a53fe14b2c132149b996026503394dae986fbd

Request headers

x-amz-user-agent: aws-amplify/5.3.10 analytics/1 framework/1
authorization: AWS4-HMAC-SHA256 Credential=ASIA3PNLXTNTTZA4XF3R/20241120/us-east-1/mobiletargeting/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-security-token;x-amz-user-agent, Signature=4e4bb1f0067648c2c5522dab7e0b2a3322f1fb75d2c3a1270798868bdc93c3ab
x-amz-date: 20241120T160331Z
Referer: https://app.sermo.com/
x-amz-security-token: IQoJb3JpZ2luX2VjEPj//////////wEaCXVzLWVhc3QtMSJIMEYCIQCkKDvQRh1TPEggOA6wQ4elqPZwaXoecpT+udp0Ob1iuQIhAMB9+0QWuwjImfpjPRdL++Hxz5QqY0jj9EaHME8Oo9mVKroFCJH//////////wEQABoMNzg5MDIzNTI5ODMxIgxM+4rXfANrIr7hPc4qjgVc30SlDxva6rnczPhZ2CuYpe//asawaNhvFB0TlSSOU0xFmGXXblI+TVZMph5/A49nTZTNe1y2+AkflUuXXXW9a0Z/NjGhwwNI/2huf0NYvbjcdBx2gyqs5UOA96F3r14pXi9Af81C4d+PGLR25PH3qlVG37Z8sOlZmW0hDV01vB4bzOadYRJs7NfZi2eRNCeF/X8KztgIDeta1hvsW5WA2qoA9T9HTfZSJAAdvhiF+gOn48QcvMsMlW1oMBUDGYWyBwLCzKRaSqkdVELwIJia3gJu5csTe+fXtkTk4Zq0AXfVCGY+6OcDTvTQsisvDg0u+9GeVZ2ljg8vD4KEndEiUAROYCNXfI6hyZ3Zk7Qkmwlwg6PRBsfwkjRtctJ5FYqml1mOiOHLzz3qLZzXChSh6l8CTU417hl6Ia4rTjEkSmFuEMLEgZ11ra2Q781NoNx32RjTDQl0NzbkG6X85nI+1S+1CkhrerWx9ipwNzPKZs6vk0FiV83sDkd6Yfaa2u+Un3UcOYBMpe1TgMuiIfWHotIvBfnWgxTvzm9MTpkMsOk0ciAS/PI6A0nzOg4tZDpEWo1BTAf3T7GN8EhAb59OZnhoauX0fWnDiYdBYLUXiWjwfR/aEfzGaaIEQ+JfO7g7apIzcRY1/qQjLpD02zDhvQaWPWJPzhRzx+hHTaLSV022CsDQKpK9SyHLe/Im3YSSl7IDnnoaPmCasjOOYsbsxSAlKsW8xx62Cd1kSxy85+UcUBnw1tcz1rMXYzkEaUKWmvDLGMheO/umgvCRapIqGJVAQNLLeWGPPyV88k8OY33Ci6C7+7NyVrH2MzDn/Cd6J2FjdH4XI8pOyqRo5Zo/Oq5E5ytfNRwLxE7tN6Aw0pD4uQY63AK1rBG6kHTp7sHU1I3pB4tbwEkJ//9R7uprJLyIVDgloJnMI7mpWvNPlttNtXyDQRiakm/7hOtg8Wm7yrNZLyeE/s9XNoYZ6LNkTwoptLr2C2IrhrhzPx8x66Tu2YeMnTk9Q3/2GdJ6kdlZTVT8K8GEpWWA6i37zBNzlrx4grAlMu2o34aWzAScwVLxbNCuzJl5Is7Et1Qt0CwJINvDDpOgK1mfiraUKPsfUQYTs1pcn1aCrr8f0Wvn5MuZwpxH8PHGsNVCSP6ib/nrnU7TDeWcMbQg7sZ3D6HNkzZRyHAOWlSzWHPBfW4/HfFiumAHhySrAShn2Almo1PLzpf3PY9BdIksrLC2VpxpukOZh8yHvL4r+PWXER6kmU2wO19IsNB0bPtPWj/Le8tRBqFZEFE3/jqX6br88n3wyDC2zNUSMV/evgnbItmz3M29c2j479CHxQ4ZWtVmF5LK4NQ=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json

Response headers

Cache-Control: no-store
x-amz-apigw-id: BjY9PEzfoAMELMw=
Connection: keep-alive
X-Amzn-Trace-Id: Root=1-673e0854-538e75d73a5354152a508021
x-amzn-RequestId: 642bbfd4-9260-48ef-b5db-643c91066353
Via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Content-Length: 219
X-Amz-Cf-Id: akfnEQLa4Bdpl0GGnwMAORGCOBK6xJihBFg9pbDVfyIqeymDGaG0-w==
Date: Wed, 20 Nov 2024 16:03:32 GMT
Content-Type: application/json
X-Amz-Cf-Pop: FRA2-C2

OPTIONS
H/1.1 200
OK events
pinpoint.us-east-1.amazonaws.com/v1/apps/94d1d8951e02440190140463de25776b/ Frame 0
0 301ms
139ms Preflight
application/json 13.225.78.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pinpoint.us-east-1.amazonaws.com/v1/apps/94d1d8951e02440190140463de25776b/events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-31.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-security-token,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://app.sermo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-Content-Sha256,X-Amz-User-Agent,amz-sdk-invocation-id,amz-sdk-request
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Wed, 20 Nov 2024 16:03:32 GMT
Via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: h9BVOTDJ3jDFyXE02cVNyIAnLETKe5NStkSQoKcep3oAMNN2bnrX5Q==
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Miss from cloudfront
x-amz-apigw-id: BjY9OHgBIAMEcFQ=
x-amzn-RequestId: 5280e558-7e6c-4ef2-a054-015608dc6064

POST collect
region1.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: p.clarity.ms
URL: https://p.clarity.ms/collect

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3JJQ97XQN4&gtm=45je4bj0v9126268386za200&_p=1732118606328&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1043120177.1732118607&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=2&sid=1732118607&sct=1&seg=0&dl=https%3A%2F%2Fapp.sermo.com%2Flogin%3FreturnUrl%3D%252Fuser%252Flogin%253Fwoo_campaign%253Dmc%2526amp&dt=Sermo&en=load&_ee=1&ep.event_category=automation&ep.event_label=page&_et=3117&tfd=9783

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.sermo.com/	1970-01-21 10:44:38	Name: PreferredUILanguage Value: c%3Dde-DE%7Cuic%3Dde-DE
app.sermo.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.QSEWuCc4JOo Value: CfDJ8PKLRsvWOMdKrnvSEEvYSBYhgCrsy6oVKdvGuN-fM9KkLggsQ5BB4FJWo8YjsYe1hTfa7ZjRNgOCrFEeM5OQ0Y-0aV08Ql6RP4F_UcQjB-vRXPVQ5AbSPQvAyaaTjZRBR5GxMo_LNY4y9E84tgRrj60
.sermo.com/	1970-01-21 03:18:14	Name: _gcl_au Value: 1.1.261968504.1732118607
.sermo.com/	1970-01-21 01:10:05	Name: _gid Value: GA1.2.1583874053.1732118607
.sermo.com/	1970-01-21 01:08:38	Name: _gat_gtag_UA_997174_20 Value: 1
.sermo.com/	1970-01-21 03:18:14	Name: _rdt_uuid Value: 1732118607305.59305837-db28-4b2f-98b3-1c28d77815e4
.sermo.com/	1970-01-21 03:18:14	Name: _fbp Value: fb.1.1732118607496.92151085783183855
.linkedin.com/	1970-01-21 01:10:05	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=3344:u=1:x=1:i=1732118607:t=1732205007:v=2:sig=AQFUzKw488-Q6XWWyq75A0wd3Q3gdL77"
.linkedin.com/	1970-01-21 09:54:14	Name: bcookie Value: "v=2&9edd4bb0-5c52-406c-8d8e-c200ce74309e"
.linkedin.com/	1970-01-21 05:27:50	Name: li_gc Value: MTswOzE3MzIxMTg2MDc7MjswMjF/YwGbCskIllo69inH1R1t8uhyj63xpdfuQvSwhHVWPw==
.twitter.com/	1970-01-21 10:44:38	Name: guest_id_marketing Value: v1%3A173211860755610250
.twitter.com/	1970-01-21 10:44:38	Name: guest_id_ads Value: v1%3A173211860755610250
.twitter.com/	1970-01-21 10:44:38	Name: personalization_id Value: "v1_B6o0P0Q0UScoXgHkv0LMmQ=="
.twitter.com/	1970-01-21 10:44:38	Name: guest_id Value: v1%3A173211860755610250
.t.co/	1970-01-21 10:44:38	Name: muc_ads Value: 777f0c11-e21d-4acc-83cf-21287a8321fd
.t.co/	1970-01-21 01:08:40	Name: __cf_bm Value: gTigTD09PfZzR5z98iu1MC1vBRz8e_wRxf3huy_cRzU-1732118607-1.0.1.1-MU.chw6A37a.wIpL2ltG7dMjkiIPX5U60JQNfiey3XuY4.alfArFUwY65haSBS_aEsYCmmWjvDAuW285BLkTUA
.www.medtargetsystem.com/	1969-12-31 23:59:59	Name: s-DMDSESSID Value: 81c0ab3d61a765e19d48701ed472457a
aim-tag.hcn.health/	1970-01-21 10:44:38	Name: dmd-tag Value: fb452cb0-a758-11ef-9119-a18060e2ae2b
.hcn.health/	1970-01-21 10:44:38	Name: dmd-tag Value: fb452cb0-a758-11ef-9119-a18060e2ae2b
.aim-tag.hcn.health/	1969-12-31 23:59:59	Name: dmd-sid4 Value: {%22id%22:%22fb55a770-a758-11ef-9f46-87f618d7efd7%22%2C%22timestamp%22:1732118608000%2C%22lastUpdate%22:1732118608000}
.app.sermo.com/	1970-01-21 10:44:38	Name: dmd-tag Value: fb452cb0-a758-11ef-9119-a18060e2ae2b
.app.sermo.com/	1969-12-31 23:59:59	Name: dmd-sid4 Value: {%22id%22:%22fb55a770-a758-11ef-9f46-87f618d7efd7%22%2C%22timestamp%22:1732118608000%2C%22lastUpdate%22:1732118608000}
.adnxs.com/	1970-01-21 03:18:14	Name: XANDR_PANID Value: Mw6BbWm1KDL2x8HF2diL0qMWjItXJQ6ZwlzkQB4sEO-7eH0rxHTBOfe9r57K30GN_7S7etPtFAOWS9uZeDCiB90N2dvUDIzAPDGGAUaQUS8.
.adnxs.com/	1970-01-21 10:44:38	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:18:14	Name: uuid2 Value: 3598308295076104114
.mountain.com/	1970-01-21 09:54:14	Name: guid Value: fbdc8b6c-a758-11ef-a0c3-8bef9556805c
.sermo.com/	1970-01-21 10:44:38	Name: _ga_3JJQ97XQN4 Value: GS1.1.1732118607.1.0.1732118610.0.0.0
app.sermo.com/	1970-01-21 01:08:39	Name: aws_amplify_session_tracking Value: {"user_session_start_time":1732118610257,"user_session_id":"aa5ff2c9-a56e-4296-88af-187de3dbf486"}
.sermo.com/	1970-01-21 10:44:38	Name: _ga Value: GA1.1.1043120177.1732118607
.sermo.com/	1970-01-21 10:44:38	Name: _ga_WTQFCSNBC0 Value: GS1.1.1732118610.1.1.1732118610.60.0.0
app.sermo.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: CfDJ8PKLRsvWOMdKrnvSEEvYSBZHz8Se8gck0jWYJlbx0T8b_3HwvHRGk99vS-_n0jpaXuUTk3a0oEPgDAf9OMBkuzZm2i1JgrTesKglpb5hogR7i4h3TGUuXFVGMDWQc_ZXJjiK9fatUdimSBgGZFkyFW0
.px.mountain.com/	1970-01-21 09:54:14	Name: tt Value: H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA
app.sermo.com/	1970-01-21 01:18:43	Name: AWSALB Value: 8cTEtCdQUwzEl5I53sr743W774zwQ+VA+TZ9RYvE6K4LOL9t4J7AWGBUh/zPjP/lFgXdCminNCzxEciLRBRLVTub+w/HvlLcxZnYhoHX4xLWkCYpcJuTI4CqYSi/
app.sermo.com/	1970-01-21 01:18:43	Name: AWSALBCORS Value: 8cTEtCdQUwzEl5I53sr743W774zwQ+VA+TZ9RYvE6K4LOL9t4J7AWGBUh/zPjP/lFgXdCminNCzxEciLRBRLVTub+w/HvlLcxZnYhoHX4xLWkCYpcJuTI4CqYSi/
app.sermo.com/	1970-01-21 01:08:39	Name: _dd_s Value: rum=0&expire=1732119510094

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=1800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aim-tag.hcn.health
alb.reddit.com
analytics.twitter.com
app.sermo.com
bat.bing.com
bat.bing.net
cognito-identity.us-east-1.amazonaws.com
connect.facebook.net
dx.mountain.com
gs.mountain.com
match.adsrvr.org
match.deepintent.com
munchkin.marketo.net
p.clarity.ms
pinpoint.us-east-1.amazonaws.com
pixel-config.reddit.com
px.ads.linkedin.com
px.mountain.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
secure.adnxs.com
shared-site-files.s3.amazonaws.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
trc.lhmos.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.medtargetsystem.com
www.recaptcha.net
www.redditstatic.com
p.clarity.ms
region1.google-analytics.com
104.102.43.106
104.244.42.195
13.107.42.14
13.225.78.31
142.250.184.206
142.250.186.67
142.250.186.68
146.75.120.157
151.101.193.140
157.240.251.9
157.240.253.35
16.15.184.78
169.197.150.7
172.217.16.200
172.66.0.227
18.210.229.244
18.211.125.216
185.89.210.20
20.122.63.128
2001:4860:4802:32::36
216.58.212.163
2600:1f10:469b:a101:5aaf:fd37:393b:3e9c
2620:1ec:21::14
2620:1ec:29:1::43
2620:1ec:33:1::10
2620:1ec:c11::237
2a00:1450:4001:806::2008
2a00:1450:4001:811::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c0c::9c
2a02:26f0:480:15::213:7e4a
2a04:4e42::396
34.102.246.198
34.210.219.79
34.224.155.36
34.233.14.26
35.71.131.137
52.12.117.226
52.5.79.223
52.7.151.245
00a63732a9aeb6e06a0e11971679cf3c3374f8e254605365f4c2686115cd268e
0606ab84860831bec563ad9e2d0a3be3d91c1218493e027a56f77ae112b713b4
0753ccff436dde099660656bca28d6549a4463aa9ab50d523d6e61672ec6c0e7
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35
10b9c0764b5f82595de0325a82d78ba87be76b260dc474aef5376a280dc0a9a6
17b0a9a73a41ae040a0ebb1ab7d9bd39a83c02dfcd185889bb13c38bf25cfdc1
1aece686ac161180b8b90259b6ddf269cd9ab7a893ca3fd36d2d2d17deaf6be5
1eb741661a44efb886a19def5660d6be40ea69161bc4f16bfca6e6bf905901f8
20e9948867fad465c974a17464d3cbf4d856f6326a09ee396cade1bd30f55fef
27770c3d51b67c94d20ef83d95a53fe14b2c132149b996026503394dae986fbd
32b7097bdd9929b47e625537dbe85bb37b8ee4d7e78cfb673141eccb99218b52
349577c24efc896683e80bfecc416da4b1d2b224081e8fbc3ec1f5b58355711a
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5a4ced6d1fa795600e5c50870315b1c0737f16a5e50e53ef7979a047efd576ea
5c4bbecdf517ed2f27b6d9cdc470b7bdec672b9f26e67a8f817e777efe0a3a25
644d1231955a54ac88f0b1eae950862434ace7120d54a3463a3d45a476048204
67e0743a7d77be1773679ecee1caa0589728f7fc0cc6a8484b611b23f08b7be7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
7072d5d2b4bcb9463cad4a127e4706929543b98164cd87f8db75ecceebc12ccc
75784ad51fc5dd62b40a1cacb3c14fe96f0fede20e98036d08c11c64f53dd013
7fba8604d0bfe0e226a1484179928aae756ae921954d735490fdf9439733401c
80524349f4e0d0f4e35ac553ece82da5b6197ba7cb02ead18814c77256e8f3ff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8b64f27f00072df2a2b710b529cfcb6412de669be65dea587bde1ddf0dc967f7
8d2c1ad39132fc5902635d968166b76657aad656fdfe76857eacd0d4bd8e9bc7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e25b2533406e1df711c4c459b2b236f0e70526574fd8d1bb3dd92d61e1339ef
8fdc031c13d746ed5cffa818fe67385dc3009d622dcc76b95125a9da87d6d688
920ae736f0750908713ef0d221c418ba4228a3c02281d3078a1635a721c499c7
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
99f904e5cd52bf1d14114dc90c9526b908a6f2315667aef101e748985e18db67
a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8
a2091f1ff92cc073e178dca31707853e0cc6cd913a5344a8978f040fa373efa6
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0527e2b9c9a548f2c9db62e57d1527bc746fb77d1af6ddbd4d9c7dbb9ed4a64
c012c1bb0b8b90f58253e5479d440073387cd493ff95381df95c5c7fb109919e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cadd83c09fadf2c248304fec0dab18e7c1decd4ac28f14b81a9e957f9dc16d50
ce6001ec997e1bea552961443bc12eebfc155420f0baee24fc7457811b35ff03
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea9df0145848ffeb3c6931228d41e833341b4837c0e713d321c5bfcf6dcd4e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9380e656cc7fcbd45e7dc191dfe470d67d430a61c516a42a1390bdf8df62e52
ed897bba5653e77ec0fce2e23e2bee9b99d43effe2e2a2366f8f7961179c0f8c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6f3b00cb69d550a049c3f6416b9ae18284618a59bc172872dffba9e2953f187

app.sermo.com Open in urlscan Pro 34.224.155.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

94 %HTTPS

30 %IPv6

29 Domains

38 Subdomains

41 IPs

3 Countries

4066 kBTransfer

10580 kBSize

35 Cookies

0 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app.sermo.com Open in urlscan Pro
34.224.155.36 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

94 %
HTTPS

30 %
IPv6

29
Domains

38
Subdomains

41
IPs

3
Countries

4066 kB
Transfer

10580 kB
Size

35
Cookies

86 HTTP transactions
0 data transactions